Class ExternalPrincipalConfiguration
- java.lang.Object
-
- org.apache.jackrabbit.oak.spi.security.SecurityConfiguration.Default
-
- org.apache.jackrabbit.oak.spi.security.ConfigurationBase
-
- org.apache.jackrabbit.oak.spi.security.authentication.external.impl.principal.ExternalPrincipalConfiguration
-
- All Implemented Interfaces:
PrincipalConfiguration,SecurityConfiguration
public class ExternalPrincipalConfiguration extends ConfigurationBase implements PrincipalConfiguration
Implementation of thePrincipalConfigurationinterface that provides principal management forGroup principalsassociated withexternal identitiesmanaged outside of the scope of the repository by anExternalIdentityProvider.- Since:
- Oak 1.5.3
- See Also:
- OAK-4101
-
-
Nested Class Summary
-
Nested classes/interfaces inherited from interface org.apache.jackrabbit.oak.spi.security.SecurityConfiguration
SecurityConfiguration.Default
-
-
Field Summary
-
Fields inherited from interface org.apache.jackrabbit.oak.spi.security.principal.PrincipalConfiguration
NAME
-
-
Constructor Summary
Constructors Constructor Description ExternalPrincipalConfiguration()ExternalPrincipalConfiguration(SecurityProvider securityProvider)
-
Method Summary
All Methods Instance Methods Concrete Methods Modifier and Type Method Description @NotNull List<ThreeWayConflictHandler>getConflictHandlers()Returns the list of conflict handlers available for this security configuration.@NotNull Iterable<Monitor<?>>getMonitors(@NotNull StatisticsProvider statisticsProvider)@NotNull StringgetName()Returns the name of this security configuration.@NotNull PrincipalManagergetPrincipalManager(Root root, NamePathMapper namePathMapper)Returns an instance ofPrincipalManagerthat can be used to query and retrieve principals such as needed for JCR access control management.@NotNull PrincipalProvidergetPrincipalProvider(Root root, NamePathMapper namePathMapper)Returns an instance of the OAKPrincipalProvider.@NotNull List<ProtectedItemImporter>getProtectedItemImporters()@NotNull RepositoryInitializergetRepositoryInitializer()Returns a repository initializer for this security configuration.@NotNull List<? extends ValidatorProvider>getValidators(@NotNull String workspaceName, @NotNull Set<Principal> principals, @NotNull MoveTracker moveTracker)Returns the list of validators that need to be executed for the specified workspace name.-
Methods inherited from class org.apache.jackrabbit.oak.spi.security.ConfigurationBase
getParameters, getRootProvider, getSecurityProvider, getTreeProvider, setParameters, setRootProvider, setSecurityProvider, setTreeProvider
-
Methods inherited from class org.apache.jackrabbit.oak.spi.security.SecurityConfiguration.Default
getCommitHooks, getContext, getWorkspaceInitializer
-
Methods inherited from class java.lang.Object
clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait
-
Methods inherited from interface org.apache.jackrabbit.oak.spi.security.SecurityConfiguration
getCommitHooks, getContext, getParameters, getWorkspaceInitializer
-
-
-
-
Constructor Detail
-
ExternalPrincipalConfiguration
public ExternalPrincipalConfiguration()
-
ExternalPrincipalConfiguration
public ExternalPrincipalConfiguration(SecurityProvider securityProvider)
-
-
Method Detail
-
getPrincipalManager
@NotNull public @NotNull PrincipalManager getPrincipalManager(Root root, NamePathMapper namePathMapper)
Description copied from interface:PrincipalConfigurationReturns an instance ofPrincipalManagerthat can be used to query and retrieve principals such as needed for JCR access control management.- Specified by:
getPrincipalManagerin interfacePrincipalConfiguration- Parameters:
root- The target root.namePathMapper- TheNamePathMapperto be used.- Returns:
- An instance of
PrincipalManager. - See Also:
JackrabbitSession.getPrincipalManager()
-
getPrincipalProvider
@NotNull public @NotNull PrincipalProvider getPrincipalProvider(Root root, NamePathMapper namePathMapper)
Description copied from interface:PrincipalConfigurationReturns an instance of the OAKPrincipalProvider.Backwards compatibility with Jackrabbit 2.x
Configuration of Principal Providers
In Jackrabbit 2.x the configuration of principal providers was tied to the LoginModule configuration and thus mixing authentication concerns with the principal management. Since OAK makes thePrincipalProvidera public interface of the SPI, it's configuration goes along with the configuration of the JCR levelPrincipalManager. The authentication setup may have access to the principal configuration if theSecurityProvideris made available in theAuthenticationConfiguration.Multiple Sources for Principals
In Jackrabbit 2.x it was possible to configure multiple principal providers. As of OAK there is only one single principal provider implementation responsible for a given configuration. If principals originate from different sources it is recommended to define a separatePrincipalConfigurationfor each source.- Specified by:
getPrincipalProviderin interfacePrincipalConfiguration- Parameters:
root- The targetRoot.namePathMapper- TheNamePathMapperto be used.- Returns:
- An instance of
PrincipalProvider.
-
getName
@NotNull public @NotNull String getName()
Description copied from interface:SecurityConfigurationReturns the name of this security configuration.- Specified by:
getNamein interfaceSecurityConfiguration- Overrides:
getNamein classSecurityConfiguration.Default- Returns:
- The name of this configuration.
-
getRepositoryInitializer
@NotNull public @NotNull RepositoryInitializer getRepositoryInitializer()
Description copied from interface:SecurityConfigurationReturns a repository initializer for this security configuration. If this configuration doesn't require any specific repository initializationRepositoryInitializer.DEFAULTshould be returned.- Specified by:
getRepositoryInitializerin interfaceSecurityConfiguration- Overrides:
getRepositoryInitializerin classSecurityConfiguration.Default- Returns:
- An instance of
RepositoryInitializer.
-
getValidators
@NotNull public @NotNull List<? extends ValidatorProvider> getValidators(@NotNull @NotNull String workspaceName, @NotNull @NotNull Set<Principal> principals, @NotNull @NotNull MoveTracker moveTracker)
Description copied from interface:SecurityConfigurationReturns the list of validators that need to be executed for the specified workspace name.- Specified by:
getValidatorsin interfaceSecurityConfiguration- Overrides:
getValidatorsin classSecurityConfiguration.Default- Parameters:
workspaceName- The name of the workspace.principals- The set of principals associated with the subject that is committing modifications.moveTracker- The move tracker associated with the commit.- Returns:
- A list of validators.
-
getProtectedItemImporters
@NotNull public @NotNull List<ProtectedItemImporter> getProtectedItemImporters()
- Specified by:
getProtectedItemImportersin interfaceSecurityConfiguration- Overrides:
getProtectedItemImportersin classSecurityConfiguration.Default- Returns:
- The list of protected item importers defined by this configuration.
-
getMonitors
@NotNull public @NotNull Iterable<Monitor<?>> getMonitors(@NotNull @NotNull StatisticsProvider statisticsProvider)
- Specified by:
getMonitorsin interfaceSecurityConfiguration
-
getConflictHandlers
@NotNull public @NotNull List<ThreeWayConflictHandler> getConflictHandlers()
Description copied from interface:SecurityConfigurationReturns the list of conflict handlers available for this security configuration.- Specified by:
getConflictHandlersin interfaceSecurityConfiguration- Overrides:
getConflictHandlersin classSecurityConfiguration.Default- Returns:
- A list of
ThreeWayConflictHandler.
-
-