|
||||||||||
PREV CLASS NEXT CLASS | FRAMES NO FRAMES | |||||||||
SUMMARY: NESTED | FIELD | CONSTR | METHOD | DETAIL: FIELD | CONSTR | METHOD |
java.lang.Objectorg.apache.jackrabbit.core.DefaultSecurityManager
org.apache.jackrabbit.core.UserPerWorkspaceSecurityManager
public class UserPerWorkspaceSecurityManager
Derived security manager implementation that expects that users information
is present in each workspace instead of having a single, dedicated
"security-workspace" that provides user information. Consequently, the
UserManager used to retrieve and manipulate user content is always
bound to the Session
passed to getUserManager(Session)
.
DefaultSecurityManager
cannot be used to retrieve principals. Instead this implementation keeps
a distinct pp-registry for each workspace.
NOTE: While this security manager asserts that a minimal set of system
users (admin and anonymous) is present in each workspace
it doesn't make any attempt to set or define the access permissions on the
tree containing user related information.
Field Summary |
---|
Fields inherited from class org.apache.jackrabbit.core.DefaultSecurityManager |
---|
adminId, anonymousId |
Constructor Summary | |
---|---|
UserPerWorkspaceSecurityManager()
|
Method Summary | |
---|---|
void |
close()
Disposes this security manager instance and cleans all internal caches. |
protected PrincipalProvider |
createDefaultPrincipalProvider()
Always returns null . |
protected WorkspaceAccessManager |
createDefaultWorkspaceAccessManager()
Returns a new instance of SimpleWorkspaceAccessManager , since
with the DefaultLoginModule the existance of the user
is checked in order to successfully complete the login. |
protected PrincipalManager |
createPrincipalManager(SessionImpl session)
|
protected UserManagerImpl |
createUserManager(SessionImpl session)
Creates a new instanceof TransientChangeUserManagerImpl . |
void |
dispose(String workspaceName)
Disposes those parts of this security manager that are related to the workspace indicated by the given workspaceName . |
AuthContext |
getAuthContext(Credentials creds,
Subject subject,
String workspaceName)
Creates an AuthContext for the given Credentials and
Subject . |
protected UserManager |
getSystemUserManager(String workspaceName)
|
UserManager |
getUserManager(Session session)
As this implementation expectes that users information in present in every workspace, the UserManager is always created with the given session. |
void |
init(Repository repository,
Session systemSession)
|
Methods inherited from class org.apache.jackrabbit.core.DefaultSecurityManager |
---|
checkInitialized, getAccessManager, getAuthContextProvider, getConfig, getMembershipCache, getPrincipalManager, getPrincipalProviderRegistry, getRepository, getSystemSession, getUserID |
Methods inherited from class java.lang.Object |
---|
clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait |
Constructor Detail |
---|
public UserPerWorkspaceSecurityManager()
Method Detail |
---|
public void init(Repository repository, Session systemSession) throws RepositoryException
init
in interface JackrabbitSecurityManager
init
in class DefaultSecurityManager
RepositoryException
JackrabbitSecurityManager.init(Repository, Session)
public void dispose(String workspaceName)
JackrabbitSecurityManager
workspaceName
.
dispose
in interface JackrabbitSecurityManager
dispose
in class DefaultSecurityManager
workspaceName
- Name of the workspace that is being disposed.JackrabbitSecurityManager.dispose(String)
public void close()
JackrabbitSecurityManager
close
in interface JackrabbitSecurityManager
close
in class DefaultSecurityManager
JackrabbitSecurityManager.close()
public UserManager getUserManager(Session session) throws RepositoryException
getUserManager
in interface JackrabbitSecurityManager
getUserManager
in class DefaultSecurityManager
session
.
UnsupportedRepositoryOperationException
- If user management is
not supported.
RepositoryException
JackrabbitSecurityManager.getUserManager(javax.jcr.Session)
public AuthContext getAuthContext(Credentials creds, Subject subject, String workspaceName) throws RepositoryException
Credentials
and
Subject
.
getAuthContext
in interface JackrabbitSecurityManager
getAuthContext
in class DefaultSecurityManager
workspaceName
- The name of the workspace to login.
AuthContext
for the given Credentials, Subject
RepositoryException
- in other exceptional repository statesprotected PrincipalProvider createDefaultPrincipalProvider() throws RepositoryException
null
. The default principal provider is
workspace depending as users are expected to exist in every workspace.
createDefaultPrincipalProvider
in class DefaultSecurityManager
null
RepositoryException
protected UserManager getSystemUserManager(String workspaceName) throws RepositoryException
getSystemUserManager
in class DefaultSecurityManager
RepositoryException
protected UserManagerImpl createUserManager(SessionImpl session) throws RepositoryException
TransientChangeUserManagerImpl
.
createUserManager
in class DefaultSecurityManager
session
- session
TransientChangeUserManagerImpl
RepositoryException
protected PrincipalManager createPrincipalManager(SessionImpl session) throws RepositoryException
createPrincipalManager
in class DefaultSecurityManager
session
- Session for the principal manager must be created.
DefaultSecurityManager.getPrincipalProviderRegistry()
but has a workspace specific
default provider.
RepositoryException
protected WorkspaceAccessManager createDefaultWorkspaceAccessManager()
SimpleWorkspaceAccessManager
, since
with the DefaultLoginModule
the existance of the user
is checked in order to successfully complete the login. Since with this
SecurityManager users are stored separately in each workspace, a user
may only login to a workspace if the corresponding user node exists.
Consequently a lazy workspace access manager is sufficient.
If this SecurityManager is used with a distict LoginModule
implementation, the configuration
for WorkspaceAccessManager
should be adjusted as well.
createDefaultWorkspaceAccessManager
in class DefaultSecurityManager
SimpleWorkspaceAccessManager
.
|
||||||||||
PREV CLASS NEXT CLASS | FRAMES NO FRAMES | |||||||||
SUMMARY: NESTED | FIELD | CONSTR | METHOD | DETAIL: FIELD | CONSTR | METHOD |