Author: keith
Date: Tue Apr 22 00:49:23 2008
New Revision: 15924
Log:
Adding more documentation
Modified:
trunk/mashup/java/modules/javascriptdeployer/src/org/wso2/mashup/deployer/JSDeployer.java
Modified:
trunk/mashup/java/modules/javascriptdeployer/src/org/wso2/mashup/deployer/JSDeployer.java
==============================================================================
---
trunk/mashup/java/modules/javascriptdeployer/src/org/wso2/mashup/deployer/JSDeployer.java
(original)
+++
trunk/mashup/java/modules/javascriptdeployer/src/org/wso2/mashup/deployer/JSDeployer.java
Tue Apr 22 00:49:23 2008
@@ -911,6 +911,8 @@
}
private void initRegistry() throws MashupFault {
+
+ // flag used to decide weather the creation of a primary account is
needed or not
boolean createPrimary;
String primaryName = null;
String primaryPassword;
@@ -918,6 +920,7 @@
ServerConfiguration serverConfig = ServerConfiguration.getInstance();
+ // Get the database connection details for the registry database from
the server.xml
String registryDriverClass = serverConfig
.getFirstProperty(REGISTRY_CONFIG + "." + DATABASE_CONNECTION
+ "." + DRIVER_CLASS);
String registryUrl = serverConfig
@@ -933,6 +936,7 @@
"the registry. The driverClass and the url are
mandatory.");
}
+ // Get the database connection details for the usermanager database
from the server.xml
String usermanagerDriverClass = serverConfig
.getFirstProperty(
USERMANAGER_CONFIG + "." + DATABASE_CONNECTION + "." +
DRIVER_CLASS);
@@ -950,6 +954,10 @@
}
try {
+
+ // We need to create a new role called mashup_user so that all
users of the mashup
+ // server can be added to this role. We need this to set the
defaults permissions for
+ // users of the server
UserAdmin admin = new UserAdmin();
boolean hasMashupUserRole = false;
String[] roleNames = admin.getRoleNames();
@@ -962,6 +970,10 @@
if (!hasMashupUserRole) {
admin.addRole(MashupConstants.MASHUP_USER_ROLE, "Mashup User");
}
+
+ // We create a new WSASRegistryRealm here. The WSASRegistryRealm
is specially designed
+ // so that we have all the authentication details in the WSAS
database while we maintain
+ // the authorization details in a stripped down version of the
usermanager database
UserRealm realm = new WSASRegistryRealm();
DefaultRealmConfig config = (DefaultRealmConfig)
realm.getRealmConfiguration();
@@ -973,12 +985,32 @@
UserStoreAdmin us = realm.getUserStoreAdmin();
+ // We use this as a check to check weather the regiatry was
initialized. We dont need to
+ // execute these stuff each time the server is restarted. We need
it only on a first
+ // time start.
+
+ // Add a set of users and roles that is needed by the Mashup Server
if (!us.isExistingUser(RegistryConstants.ANONYMOUS_USER)) {
+
+ // Add a user called annonymous. All users not signed into the
server are in this
+ // role. Hence permissions assigned to these users are the
default permissions set
+ // for guests.
us.addUser(RegistryConstants.ANONYMOUS_USER,
RegistryConstants.ANONYMOUS_PASSWORD);
+
+ // Add a user called system. The system user is managed by the
mashup server and all
+ // server management tasks are performed using this user
account
us.addUser(RegistryConstants.SYSTEM_USER,
RegistryConstants.SYSTEM_PASSWORD);
+
+ // Add a user called samples. The sample user is managed by
the mashup server and all
+ // samples are deployed using this account
us.addUser(MashupConstants.SAMPLES_USER,
MashupConstants.SAMPLES_USER_PASSWORD);
+
+ // Add an admin role so that admins can be put into this role
us.addRole(RegistryConstants.ADMIN_ROLE);
+
+ // Add an everyone role so that all users are added to this
role
us.addRole(RegistryConstants.EVERYONE_ROLE);
+
// Assign system user the 'admin' role.
us.addUserToRole(MashupConstants.SYSTEM_USER,
RegistryConstants.ADMIN_ROLE);
}
@@ -986,6 +1018,9 @@
createPrimary = Boolean.parseBoolean(
serverConfig.getFirstProperty(MashupConstants.PRIMARY_USER_CONFIG + "." +
MashupConstants.CREATE_PRIMARY_USER));
+
+ // If the server.xml contains primary account details and if this
is the first startup
+ // then create the primary account
if (createPrimary && !MashupUtils.isInitialSetupComplete()) {
primaryName =
serverConfig.getFirstProperty(MashupConstants.PRIMARY_USER_CONFIG + "." +
@@ -1001,17 +1036,20 @@
registryPassword);
JDBCRegistry registry = new JDBCRegistry(datasource, realm);
+ // Add the realm and registry as parameters in the
AxisConfiguration so that they can be
+ // used later on as an when needed
configCtx.getAxisConfiguration().addParameter(RegistryConstants.REGISTRY,
registry);
configCtx.getAxisConfiguration().addParameter(RegistryConstants.REGISTRY_REALM,
realm);
- // Instantiating a secure registry, in order to create user
profiles.
+ // Instantiating a secure registry using the system account, in
order to create user
+ // profiles.
secureRegistry = RegistryUtils.createSecureRegistry(
MashupConstants.SYSTEM_USER,
MashupConstants.SYSTEM_USER_PASSWORD, registry,
realm);
if
(!registry.resourceExists(MashupConstants.QUERYSTORE_QUERY_PATH)) {
- // add queries to generate user profiles
+ // Create an area in the registry to add queries
Collection queryCollection = registry.newCollection();
registry.put(MashupConstants.QUERYSTORE_QUERY_PATH,
queryCollection);
@@ -1055,18 +1093,23 @@
RegistryConstants.RESOURCES_RESULT_TYPE
);
+ // Create a collection for users. All user related data will
go in here
Collection usersCollection = registry.newCollection();
registry.put("/users", usersCollection);
+ // Create a collection for profiles. All user profiles data
will go in here
Collection profileCollection = registry.newCollection();
registry.put("/users/profile", profileCollection);
+ // Create a collection for system. All system related data
will go in here
Collection systemCollection = registry.newCollection();
registry.put("/system", systemCollection);
+ // Create a collection for /system/queries. All system queries
will go in here
Collection queriesCollection = registry.newCollection();
registry.put("/system/queries", queriesCollection);
+ // Create a collection for mashups. All mashup related data
will go in here
Collection mashupsCollection = registry.newCollection();
registry.put("/mashups", mashupsCollection);
@@ -1133,9 +1176,9 @@
RegistryConstants.COMMENTS_RESULT_TYPE
);
- // add profile for the anonymous user.
AccessControlAdmin ac = realm.getAccessControlAdmin();
+ // Setting permissions for the admin role on user resources
ac.authorizeRole(RegistryConstants.ADMIN_ROLE,
AccessControlConstants.USER_RESOURCE,
AccessControlConstants.ADD);
ac.authorizeRole(RegistryConstants.ADMIN_ROLE,
AccessControlConstants.USER_RESOURCE,
@@ -1145,6 +1188,7 @@
ac.authorizeRole(RegistryConstants.ADMIN_ROLE,
AccessControlConstants.USER_RESOURCE,
AccessControlConstants.DELETE);
+ // Setting permissions for the admin role on role resources
ac.authorizeRole(RegistryConstants.ADMIN_ROLE,
AccessControlConstants.ROLE_RESOURCE,
AccessControlConstants.ADD);
ac.authorizeRole(RegistryConstants.ADMIN_ROLE,
AccessControlConstants.ROLE_RESOURCE,
@@ -1154,6 +1198,7 @@
ac.authorizeRole(RegistryConstants.ADMIN_ROLE,
AccessControlConstants.ROLE_RESOURCE,
AccessControlConstants.DELETE);
+ // Setting permissions for the admin role on setting
permissions
ac.authorizeRole(RegistryConstants.ADMIN_ROLE,
AccessControlConstants.USER_PERMISSION_RESOURCE,
AccessControlConstants.READ);
@@ -1167,6 +1212,8 @@
AccessControlConstants.USER_PERMISSION_RESOURCE,
AccessControlConstants.DELETE);
+ // Setting permissions for the admin role to GET, PUT and
DELETE data from any part
+ // of the registry
ac.authorizeRole(RegistryConstants.ADMIN_ROLE,
RegistryConstants.ROOT_PATH,
ActionConstants.GET);
ac.authorizeRole(RegistryConstants.ADMIN_ROLE,
RegistryConstants.ROOT_PATH,
@@ -1176,21 +1223,27 @@
ac.authorizeRole(RegistryConstants.ADMIN_ROLE,
RegistryConstants.ROOT_PATH,
AccessControlConstants.AUTHORIZE);
+ // Setting permissions for the everyone role to GET data from
any part
+ // of the registry
ac.authorizeRole(RegistryConstants.EVERYONE_ROLE,
RegistryConstants.ROOT_PATH,
ActionConstants.GET);
ac.authorizeRole(RegistryConstants.EVERYONE_ROLE,
RegistryConstants.ROOT_PATH,
ActionConstants.GET);
+ // Setting permissions for the everyone role to READ and EDIT
user resources
ac.authorizeRole(RegistryConstants.EVERYONE_ROLE,
AccessControlConstants.USER_RESOURCE,
AccessControlConstants.READ);
ac.authorizeRole(RegistryConstants.EVERYONE_ROLE,
AccessControlConstants.USER_RESOURCE,
AccessControlConstants.EDIT);
+
+ // Setting permissions for the everyone role to READ
permissions
ac.authorizeRole(RegistryConstants.EVERYONE_ROLE,
AccessControlConstants.ROLE_RESOURCE,
AccessControlConstants.READ);
ac.authorizeRole(RegistryConstants.EVERYONE_ROLE,
AccessControlConstants.USER_PERMISSION_RESOURCE,
AccessControlConstants.READ);
+ // Setting permissions for the everyone role to READ all
mashups and queries
ac.authorizeRole(MashupConstants.EVERYONE_ROLE,
MashupConstants.ALL_MASHUPS_PATH,
AccessControlConstants.READ);
ac.authorizeRole(MashupConstants.EVERYONE_ROLE,
@@ -1206,7 +1259,7 @@
RegistryUtils.createUser(secureRegistry, realm,
MashupConstants.SYSTEM_USER,
"System", "none", "System User");
- // Create the 'Samples' user and profile.
+ // Create the samples user and profile.
RegistryUtils.createUser(secureRegistry, realm,
MashupConstants.SAMPLES_USER,
"Samples", "none", "Samples User");
}
_______________________________________________
Mashup-dev mailing list
[email protected]
http://www.wso2.org/cgi-bin/mailman/listinfo/mashup-dev
