Overview  Package   Class  Use  Tree  Deprecated  Index  Help 
 PREV CLASS   NEXT CLASS FRAMES    NO FRAMES    
SUMMARY: NESTED | FIELD | CONSTR | METHOD DETAIL: FIELD | CONSTR | METHOD

org.apache.jackrabbit.core.security.principal
Class DefaultPrincipalProvider

java.lang.Object
  extended by org.apache.jackrabbit.core.security.principal.AbstractPrincipalProvider
      extended by org.apache.jackrabbit.core.security.principal.DefaultPrincipalProvider
All Implemented Interfaces:
EventListener, SynchronousEventListener, PrincipalProvider
public class DefaultPrincipalProvider
extends AbstractPrincipalProvider
implements SynchronousEventListener

Provides principals for the users contained within the Repository.

Each Authorizable accessible via UserManager is respected and the provider serves Principals retrieved from those Authorizable objects.

In addition this provider exposes the everyone principal, which has no content (user/group) representation.

Unless explicitly configured (see negative entry option this implementation of the PrincipalProvider interface caches both positive and negative (null) results of the providePrincipal(java.lang.String) method. The cache is kept up to date by observation listening to creation and removal of users and groups.

Membership cache:
In addition to the caching provided by AbstractPrincipalProvider this implementation keeps an extra membership cache, which is notified in case of changes made to the members of any group.

Field Summary
 
Fields inherited from class org.apache.jackrabbit.core.security.principal.AbstractPrincipalProvider
MAXSIZE_KEY, NEGATIVE_ENTRY_KEY
 
Constructor Summary
DefaultPrincipalProvider(Session systemSession, UserManagerImpl systemUserManager)
          Creates a new DefaultPrincipalProvider reading the principals from the storage below the given security root node.
 
Method Summary
 boolean canReadPrincipal(Session session, Principal principal)
          Tests if the provided session is allowed to read the given principal.
 void close()
          Clears the cache and calls the implementation to close their resources
 PrincipalIterator findPrincipals(String simpleFilter)
          Searches for Principals that match the given String.
 PrincipalIterator findPrincipals(String simpleFilter, int searchType)
          Searches for Principals that match the given String.
 PrincipalIterator getGroupMembership(Principal userPrincipal)
          Returns an iterator over all group principals for which the given principal is either direct or indirect member of.
 PrincipalIterator getPrincipals(int searchType)
          Returns an iterator over all principals that match the given search type.
 void init(Properties options)
          Sets the AbstractPrincipalProvider.NEGATIVE_ENTRY_KEY option value to true if it isn't included yet in the passed options, before calling the init method of the base class.
 void onEvent(EventIterator eventIterator)
           
protected  Principal providePrincipal(String principalName)
          Called if the cache does not contain the principal requested.
 
Methods inherited from class org.apache.jackrabbit.core.security.principal.AbstractPrincipalProvider
addToCache, checkInitialized, clearCache, getPrincipal
 
Methods inherited from class java.lang.Object
clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait
 

Constructor Detail

DefaultPrincipalProvider

public DefaultPrincipalProvider(Session systemSession,
                                UserManagerImpl systemUserManager)
                         throws RepositoryException
Creates a new DefaultPrincipalProvider reading the principals from the storage below the given security root node.

Parameters:
systemSession - for repository access.
systemUserManager - Used to retrieve the principals.
Throws:
RepositoryException - if an error accessing the repository occurs.
Method Detail

providePrincipal

protected Principal providePrincipal(String principalName)
Called if the cache does not contain the principal requested.
Implementations should return a Principal from their source, if it contains one for the given name or null.

This implementation uses the user and node resolver to find the appropriate nodes.

Specified by:
providePrincipal in class AbstractPrincipalProvider
Parameters:
principalName - Name of the principal to be returned.
Returns:
Principal or null, if non provided for the given name
See Also:
AbstractPrincipalProvider.getPrincipal(String)

init

public void init(Properties options)
Sets the AbstractPrincipalProvider.NEGATIVE_ENTRY_KEY option value to true if it isn't included yet in the passed options, before calling the init method of the base class.

Specified by:
init in interface PrincipalProvider
Overrides:
init in class AbstractPrincipalProvider
Parameters:
options -
See Also:
PrincipalProvider.init(java.util.Properties)

findPrincipals

public PrincipalIterator findPrincipals(String simpleFilter)
Description copied from interface: PrincipalProvider
Searches for Principals that match the given String. NOTE: Groups are included in the search result.

Specified by:
findPrincipals in interface PrincipalProvider
Returns:
See Also:
PrincipalProvider.findPrincipals(String)

findPrincipals

public PrincipalIterator findPrincipals(String simpleFilter,
                                        int searchType)
Description copied from interface: PrincipalProvider
Searches for Principals that match the given String.

Specified by:
findPrincipals in interface PrincipalProvider
searchType - searchType Any of the following constants:
Returns:
See Also:
PrincipalProvider.findPrincipals(String, int)

getPrincipals

public PrincipalIterator getPrincipals(int searchType)
Description copied from interface: PrincipalProvider
Returns an iterator over all principals that match the given search type.

Specified by:
getPrincipals in interface PrincipalProvider
Parameters:
searchType - Any of the following search types:
Returns:
an iterator over all principals that match the given search type.
See Also:
PrincipalProvider.getPrincipals(int), PrincipalProvider.getPrincipals(int)

getGroupMembership

public PrincipalIterator getGroupMembership(Principal userPrincipal)
Description copied from interface: PrincipalProvider
Returns an iterator over all group principals for which the given principal is either direct or indirect member of. If a principal is a direct member of a group, then Group.isMember(Principal) evaluates to true. A principal is an indirect member of a group if any of its groups (to any degree of separation) is direct memeber of the group.

Example:
If Principal is member of Group A, and Group A is member of Group B, this method will return Group A and Group B.

Specified by:
getGroupMembership in interface PrincipalProvider
Parameters:
userPrincipal - the principal to return it's membership from.
Returns:
an iterator returning all groups the given principal is member of.
See Also:
PrincipalProvider.getGroupMembership(Principal)

close

public void close()
Description copied from class: AbstractPrincipalProvider
Clears the cache and calls the implementation to close their resources

Specified by:
close in interface PrincipalProvider
Overrides:
close in class AbstractPrincipalProvider
See Also:
PrincipalProvider.close()

canReadPrincipal

public boolean canReadPrincipal(Session session,
                                Principal principal)
Description copied from interface: PrincipalProvider
Tests if the provided session is allowed to read the given principal. Since the principal providers do not restrict the access on the prinicipals they provide, this method is used by the PrincipalManger to ensure proper access rights for the client requesting the principals.

Specified by:
canReadPrincipal in interface PrincipalProvider
principal - The principal to be accessed by the specified subject.
Returns:
true if the session is allowed to read the principal; false otherwise.
See Also:
PrincipalProvider.canReadPrincipal(javax.jcr.Session,java.security.Principal)

onEvent

public void onEvent(EventIterator eventIterator)
Specified by:
onEvent in interface EventListener
See Also:
EventListener.onEvent(EventIterator)
Overview  Package   Class  Use  Tree  Deprecated  Index  Help 
 PREV CLASS   NEXT CLASS FRAMES    NO FRAMES    
SUMMARY: NESTED | FIELD | CONSTR | METHOD DETAIL: FIELD | CONSTR | METHOD
Copyright © 2004-2010 The Apache Software Foundation. All Rights Reserved.