Author: angela
Date: Fri Jul 19 10:03:25 2013
New Revision: 1504813
URL: http://svn.apache.org/r1504813
Log:
OAK-50 : user mgt
Modified:
jackrabbit/oak/trunk/oak-core/src/main/java/org/apache/jackrabbit/oak/security/user/UserInitializer.java
jackrabbit/oak/trunk/oak-core/src/test/java/org/apache/jackrabbit/oak/security/user/UserInitializerTest.java
Modified:
jackrabbit/oak/trunk/oak-core/src/main/java/org/apache/jackrabbit/oak/security/user/UserInitializer.java
URL:
http://svn.apache.org/viewvc/jackrabbit/oak/trunk/oak-core/src/main/java/org/apache/jackrabbit/oak/security/user/UserInitializer.java?rev=1504813&r1=1504812&r2=1504813&view=diff
==============================================================================
---
jackrabbit/oak/trunk/oak-core/src/main/java/org/apache/jackrabbit/oak/security/user/UserInitializer.java
(original)
+++
jackrabbit/oak/trunk/oak-core/src/main/java/org/apache/jackrabbit/oak/security/user/UserInitializer.java
Fri Jul 19 10:03:25 2013
@@ -16,11 +16,10 @@
*/
package org.apache.jackrabbit.oak.security.user;
-import static com.google.common.base.Preconditions.checkNotNull;
-
import javax.annotation.Nonnull;
import javax.jcr.RepositoryException;
+import com.google.common.base.Strings;
import org.apache.jackrabbit.JcrConstants;
import org.apache.jackrabbit.api.security.user.UserManager;
import org.apache.jackrabbit.oak.api.CommitFailedException;
@@ -30,10 +29,10 @@ import org.apache.jackrabbit.oak.namepat
import org.apache.jackrabbit.oak.plugins.index.IndexConstants;
import org.apache.jackrabbit.oak.plugins.index.IndexUtils;
import org.apache.jackrabbit.oak.plugins.memory.MemoryNodeStore;
-import org.apache.jackrabbit.oak.spi.commit.PostCommitHook;
import org.apache.jackrabbit.oak.security.authentication.SystemSubject;
import org.apache.jackrabbit.oak.spi.commit.CommitHook;
import org.apache.jackrabbit.oak.spi.commit.EmptyHook;
+import org.apache.jackrabbit.oak.spi.commit.PostCommitHook;
import org.apache.jackrabbit.oak.spi.lifecycle.WorkspaceInitializer;
import org.apache.jackrabbit.oak.spi.query.QueryIndexProvider;
import org.apache.jackrabbit.oak.spi.security.ConfigurationParameters;
@@ -47,6 +46,8 @@ import org.apache.jackrabbit.oak.util.No
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;
+import static com.google.common.base.Preconditions.checkNotNull;
+
/**
* Creates initial set of users to be present in a given workspace. This
* implementation uses the {@code UserManager} such as defined by the
@@ -127,8 +128,8 @@ class UserInitializer implements Workspa
boolean omitPw = params.getConfigValue(PARAM_OMIT_ADMIN_PW,
false);
userManager.createUser(adminId, (omitPw) ? null : adminId);
}
- String anonymousId = params.getConfigValue(PARAM_ANONYMOUS_ID,
DEFAULT_ANONYMOUS_ID);
- if (userManager.getAuthorizable(anonymousId) == null) {
+ String anonymousId =
Strings.emptyToNull(params.getNullableConfigValue(PARAM_ANONYMOUS_ID,
DEFAULT_ANONYMOUS_ID));
+ if (anonymousId != null &&
userManager.getAuthorizable(anonymousId) == null) {
userManager.createUser(anonymousId, null);
}
if (root.hasPendingChanges()) {
Modified:
jackrabbit/oak/trunk/oak-core/src/test/java/org/apache/jackrabbit/oak/security/user/UserInitializerTest.java
URL:
http://svn.apache.org/viewvc/jackrabbit/oak/trunk/oak-core/src/test/java/org/apache/jackrabbit/oak/security/user/UserInitializerTest.java?rev=1504813&r1=1504812&r2=1504813&view=diff
==============================================================================
---
jackrabbit/oak/trunk/oak-core/src/test/java/org/apache/jackrabbit/oak/security/user/UserInitializerTest.java
(original)
+++
jackrabbit/oak/trunk/oak-core/src/test/java/org/apache/jackrabbit/oak/security/user/UserInitializerTest.java
Fri Jul 19 10:03:25 2013
@@ -19,6 +19,7 @@ package org.apache.jackrabbit.oak.securi
import java.security.PrivilegedExceptionAction;
import java.util.HashMap;
import java.util.Map;
+import javax.jcr.GuestCredentials;
import javax.jcr.SimpleCredentials;
import javax.security.auth.Subject;
import javax.security.auth.login.LoginException;
@@ -185,6 +186,53 @@ public class UserInitializerTest extends
}
}
+ /**
+ * @since OAK 1.0 The anonymous user is optional.
+ */
+ @Test
+ public void testAnonymousConfiguration() throws Exception {
+ Map<String,Object> userParams = new HashMap();
+ userParams.put(UserConstants.PARAM_ANONYMOUS_ID, "");
+
+ ConfigurationParameters params = new
ConfigurationParameters(ImmutableMap.of(UserConfiguration.NAME, new
ConfigurationParameters(userParams)));
+ SecurityProvider sp = new SecurityProviderImpl(params);
+ final ContentRepository repo = new Oak().with(new InitialContent())
+ .with(new PropertyIndexEditorProvider())
+ .with(new PropertyIndexProvider())
+ .with(new RegistrationEditorProvider())
+ .with(sp)
+ .createContentRepository();
+
+ ContentSession cs = Subject.doAs(SystemSubject.INSTANCE, new
PrivilegedExceptionAction<ContentSession>() {
+ @Override
+ public ContentSession run() throws Exception {
+ return repo.login(null, null);
+ }
+ });
+ try {
+ Root root = cs.getLatestRoot();
+ UserConfiguration uc =
sp.getConfiguration(UserConfiguration.class);
+ UserManager umgr = uc.getUserManager(root, NamePathMapper.DEFAULT);
+ Authorizable anonymous =
umgr.getAuthorizable(UserConstants.DEFAULT_ANONYMOUS_ID);
+ assertNull(anonymous);
+ } finally {
+ cs.close();
+ }
+
+ // login as admin should fail
+ ContentSession anonymousSession = null;
+ try {
+ anonymousSession = repo.login(new GuestCredentials(), null);
+ fail();
+ } catch (LoginException e) {
+ //success
+ } finally {
+ if (anonymousSession != null) {
+ anonymousSession.close();
+ }
+ }
+ }
+
private static void assertIndexDefinition(Tree tree, String propName,
boolean isUnique) {
assertTrue(tree.exists());
