Class ExternalPrincipalConfiguration
java.lang.Object
org.apache.jackrabbit.oak.spi.security.SecurityConfiguration.Default
org.apache.jackrabbit.oak.spi.security.ConfigurationBase
org.apache.jackrabbit.oak.spi.security.authentication.external.impl.principal.ExternalPrincipalConfiguration
- All Implemented Interfaces:
PrincipalConfiguration
,SecurityConfiguration
public class ExternalPrincipalConfiguration
extends ConfigurationBase
implements PrincipalConfiguration
Implementation of the
PrincipalConfiguration
interface that provides
principal management for Group principals
associated with
external identities
managed outside of the scope of the repository by an
ExternalIdentityProvider
.- Since:
- Oak 1.5.3
- See Also:
-
Nested Class Summary
Nested classes/interfaces inherited from interface org.apache.jackrabbit.oak.spi.security.SecurityConfiguration
SecurityConfiguration.Default
-
Field Summary
Fields inherited from interface org.apache.jackrabbit.oak.spi.security.principal.PrincipalConfiguration
NAME
-
Constructor Summary
Constructors -
Method Summary
Modifier and TypeMethodDescription@NotNull List<ThreeWayConflictHandler>
Returns the list of conflict handlers available for this security configuration.getMonitors
(@NotNull StatisticsProvider statisticsProvider) @NotNull String
getName()
Returns the name of this security configuration.@NotNull PrincipalManager
getPrincipalManager
(Root root, NamePathMapper namePathMapper) Returns an instance ofPrincipalManager
that can be used to query and retrieve principals such as needed for JCR access control management.@NotNull PrincipalProvider
getPrincipalProvider
(Root root, NamePathMapper namePathMapper) Returns an instance of the OAKPrincipalProvider
.@NotNull List<ProtectedItemImporter>
@NotNull RepositoryInitializer
Returns a repository initializer for this security configuration.@NotNull List<? extends ValidatorProvider>
getValidators
(@NotNull String workspaceName, @NotNull Set<Principal> principals, @NotNull MoveTracker moveTracker) Returns the list of validators that need to be executed for the specified workspace name.Methods inherited from class org.apache.jackrabbit.oak.spi.security.ConfigurationBase
getParameters, getRootProvider, getSecurityProvider, getTreeProvider, setParameters, setRootProvider, setSecurityProvider, setTreeProvider
Methods inherited from class org.apache.jackrabbit.oak.spi.security.SecurityConfiguration.Default
getCommitHooks, getContext, getWorkspaceInitializer
Methods inherited from class java.lang.Object
clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait
Methods inherited from interface org.apache.jackrabbit.oak.spi.security.SecurityConfiguration
getCommitHooks, getContext, getParameters, getWorkspaceInitializer
-
Constructor Details
-
ExternalPrincipalConfiguration
public ExternalPrincipalConfiguration() -
ExternalPrincipalConfiguration
-
-
Method Details
-
getPrincipalManager
@NotNull public @NotNull PrincipalManager getPrincipalManager(Root root, NamePathMapper namePathMapper) Description copied from interface:PrincipalConfiguration
Returns an instance ofPrincipalManager
that can be used to query and retrieve principals such as needed for JCR access control management.- Specified by:
getPrincipalManager
in interfacePrincipalConfiguration
- Parameters:
root
- The target root.namePathMapper
- TheNamePathMapper
to be used.- Returns:
- An instance of
PrincipalManager
. - See Also:
-
getPrincipalProvider
@NotNull public @NotNull PrincipalProvider getPrincipalProvider(Root root, NamePathMapper namePathMapper) Description copied from interface:PrincipalConfiguration
Returns an instance of the OAKPrincipalProvider
.Backwards compatibility with Jackrabbit 2.x
Configuration of Principal Providers
In Jackrabbit 2.x the configuration of principal providers was tied to the LoginModule configuration and thus mixing authentication concerns with the principal management. Since OAK makes thePrincipalProvider
a public interface of the SPI, it's configuration goes along with the configuration of the JCR levelPrincipalManager
. The authentication setup may have access to the principal configuration if theSecurityProvider
is made available in theAuthenticationConfiguration
.Multiple Sources for Principals
In Jackrabbit 2.x it was possible to configure multiple principal providers. As of OAK there is only one single principal provider implementation responsible for a given configuration. If principals originate from different sources it is recommended to define a separatePrincipalConfiguration
for each source.- Specified by:
getPrincipalProvider
in interfacePrincipalConfiguration
- Parameters:
root
- The targetRoot
.namePathMapper
- TheNamePathMapper
to be used.- Returns:
- An instance of
PrincipalProvider
.
-
getName
Description copied from interface:SecurityConfiguration
Returns the name of this security configuration.- Specified by:
getName
in interfaceSecurityConfiguration
- Overrides:
getName
in classSecurityConfiguration.Default
- Returns:
- The name of this configuration.
-
getRepositoryInitializer
Description copied from interface:SecurityConfiguration
Returns a repository initializer for this security configuration. If this configuration doesn't require any specific repository initializationRepositoryInitializer.DEFAULT
should be returned.- Specified by:
getRepositoryInitializer
in interfaceSecurityConfiguration
- Overrides:
getRepositoryInitializer
in classSecurityConfiguration.Default
- Returns:
- An instance of
RepositoryInitializer
.
-
getValidators
@NotNull public @NotNull List<? extends ValidatorProvider> getValidators(@NotNull @NotNull String workspaceName, @NotNull @NotNull Set<Principal> principals, @NotNull @NotNull MoveTracker moveTracker) Description copied from interface:SecurityConfiguration
Returns the list of validators that need to be executed for the specified workspace name.- Specified by:
getValidators
in interfaceSecurityConfiguration
- Overrides:
getValidators
in classSecurityConfiguration.Default
- Parameters:
workspaceName
- The name of the workspace.principals
- The set of principals associated with the subject that is committing modifications.moveTracker
- The move tracker associated with the commit.- Returns:
- A list of validators.
-
getProtectedItemImporters
- Specified by:
getProtectedItemImporters
in interfaceSecurityConfiguration
- Overrides:
getProtectedItemImporters
in classSecurityConfiguration.Default
- Returns:
- The list of protected item importers defined by this configuration.
-
getMonitors
@NotNull public @NotNull Iterable<Monitor<?>> getMonitors(@NotNull @NotNull StatisticsProvider statisticsProvider) - Specified by:
getMonitors
in interfaceSecurityConfiguration
-
getConflictHandlers
Description copied from interface:SecurityConfiguration
Returns the list of conflict handlers available for this security configuration.- Specified by:
getConflictHandlers
in interfaceSecurityConfiguration
- Overrides:
getConflictHandlers
in classSecurityConfiguration.Default
- Returns:
- A list of
ThreeWayConflictHandler
.
-