Author: angela
Date: Tue Nov 12 16:17:24 2013
New Revision: 1541128
URL: http://svn.apache.org/r1541128
Log:
OAK-1105 : Osgi pluggability for the TokenProvider
Added:
jackrabbit/oak/trunk/oak-core/src/main/java/org/apache/jackrabbit/oak/security/authentication/token/TokenConfigurationImpl.java
jackrabbit/oak/trunk/oak-core/src/main/java/org/apache/jackrabbit/oak/spi/security/authentication/token/TokenConfiguration.java
Modified:
jackrabbit/oak/trunk/oak-core/src/main/java/org/apache/jackrabbit/oak/osgi/OsgiSecurityProvider.java
jackrabbit/oak/trunk/oak-core/src/main/java/org/apache/jackrabbit/oak/security/SecurityProviderImpl.java
jackrabbit/oak/trunk/oak-core/src/main/java/org/apache/jackrabbit/oak/security/authentication/AuthenticationConfigurationImpl.java
jackrabbit/oak/trunk/oak-core/src/main/java/org/apache/jackrabbit/oak/security/authentication/token/TokenLoginModule.java
jackrabbit/oak/trunk/oak-core/src/main/java/org/apache/jackrabbit/oak/security/authentication/token/TokenProviderImpl.java
jackrabbit/oak/trunk/oak-core/src/main/java/org/apache/jackrabbit/oak/spi/security/OpenSecurityProvider.java
jackrabbit/oak/trunk/oak-core/src/main/java/org/apache/jackrabbit/oak/spi/security/authentication/AuthenticationConfiguration.java
jackrabbit/oak/trunk/oak-core/src/main/java/org/apache/jackrabbit/oak/spi/security/authentication/OpenAuthenticationConfiguration.java
jackrabbit/oak/trunk/oak-core/src/test/java/org/apache/jackrabbit/oak/security/authentication/TokenDefaultLoginModuleTest.java
jackrabbit/oak/trunk/oak-core/src/test/java/org/apache/jackrabbit/oak/security/authentication/token/TokenLoginModuleTest.java
jackrabbit/oak/trunk/oak-doc/src/site/markdown/differences_authentication.md
Modified:
jackrabbit/oak/trunk/oak-core/src/main/java/org/apache/jackrabbit/oak/osgi/OsgiSecurityProvider.java
URL:
http://svn.apache.org/viewvc/jackrabbit/oak/trunk/oak-core/src/main/java/org/apache/jackrabbit/oak/osgi/OsgiSecurityProvider.java?rev=1541128&r1=1541127&r2=1541128&view=diff
==============================================================================
---
jackrabbit/oak/trunk/oak-core/src/main/java/org/apache/jackrabbit/oak/osgi/OsgiSecurityProvider.java
(original)
+++
jackrabbit/oak/trunk/oak-core/src/main/java/org/apache/jackrabbit/oak/osgi/OsgiSecurityProvider.java
Tue Nov 12 16:17:24 2013
@@ -16,15 +16,21 @@
*/
package org.apache.jackrabbit.oak.osgi;
+import java.util.ArrayList;
+import java.util.List;
import java.util.Map;
import javax.annotation.Nonnull;
import javax.annotation.Nullable;
import com.google.common.collect.Maps;
+import org.apache.jackrabbit.oak.api.Root;
import org.apache.jackrabbit.oak.spi.security.ConfigurationBase;
import org.apache.jackrabbit.oak.spi.security.ConfigurationParameters;
import org.apache.jackrabbit.oak.spi.security.SecurityConfiguration;
import org.apache.jackrabbit.oak.spi.security.SecurityProvider;
+import
org.apache.jackrabbit.oak.spi.security.authentication.token.CompositeTokenProvider;
+import
org.apache.jackrabbit.oak.spi.security.authentication.token.TokenConfiguration;
+import
org.apache.jackrabbit.oak.spi.security.authentication.token.TokenProvider;
import org.osgi.framework.ServiceReference;
/**
@@ -32,12 +38,14 @@ import org.osgi.framework.ServiceReferen
*/
public class OsgiSecurityProvider extends
AbstractServiceTracker<SecurityConfiguration> implements SecurityProvider {
+ private CompositeTokenConfiguration tokenConfiguration = new
CompositeTokenConfiguration();
private Map<String, SecurityConfiguration> serviceMap = Maps.newHashMap();
private ConfigurationParameters config;
public OsgiSecurityProvider(@Nonnull ConfigurationParameters config) {
super(SecurityConfiguration.class);
this.config = config;
+ serviceMap.put(TokenConfiguration.NAME, tokenConfiguration);
}
//-------------------------------------------< ServiceTrackerCustomizer
>---
@@ -46,8 +54,13 @@ public class OsgiSecurityProvider extend
Object service = super.addingService(reference);
if (service instanceof SecurityConfiguration) {
SecurityConfiguration sc = (SecurityConfiguration) service;
- synchronized (this) {
- serviceMap.put(sc.getName(), sc);
+
+ if (sc instanceof TokenConfiguration) {
+ tokenConfiguration.services.add((TokenConfiguration) sc);
+ } else {
+ synchronized (this) {
+ serviceMap.put(sc.getName(), sc);
+ }
}
if (service instanceof ConfigurationBase) {
@@ -61,8 +74,13 @@ public class OsgiSecurityProvider extend
public void removedService(ServiceReference reference, Object service) {
super.removedService(reference, service);
if (service instanceof SecurityConfiguration) {
- synchronized (this) {
- serviceMap.remove(((SecurityConfiguration) service).getName());
+ SecurityConfiguration sc = (SecurityConfiguration) service;
+ if (sc instanceof TokenConfiguration) {
+ tokenConfiguration.services.remove(sc);
+ } else {
+ synchronized (this) {
+ serviceMap.remove(((SecurityConfiguration)
service).getName());
+ }
}
}
}
@@ -100,4 +118,35 @@ public class OsgiSecurityProvider extend
}
throw new IllegalStateException("Unsupported configuration class " +
configClass.getName());
}
+
+ private final class CompositeTokenConfiguration extends ConfigurationBase
implements TokenConfiguration {
+
+ private List<TokenConfiguration> services = new
ArrayList<TokenConfiguration>();
+
+ @Nonnull
+ @Override
+ public TokenProvider getTokenProvider(Root root) {
+ List<TokenProvider> providers = new ArrayList<TokenProvider>();
+ for (TokenConfiguration tc : services) {
+ providers.add(tc.getTokenProvider(root));
+ }
+ return CompositeTokenProvider.newInstance(providers);
+ }
+
+ @Nonnull
+ @Override
+ public String getName() {
+ return TokenConfiguration.NAME;
+ }
+
+ @Nonnull
+ @Override
+ public ConfigurationParameters getParameters() {
+ ConfigurationParameters[] params = new
ConfigurationParameters[services.size()];
+ for (int i = 0; i < services.size(); i++) {
+ params[i] = services.get(i).getParameters();
+ }
+ return ConfigurationParameters.of(params);
+ }
+ }
}
\ No newline at end of file
Modified:
jackrabbit/oak/trunk/oak-core/src/main/java/org/apache/jackrabbit/oak/security/SecurityProviderImpl.java
URL:
http://svn.apache.org/viewvc/jackrabbit/oak/trunk/oak-core/src/main/java/org/apache/jackrabbit/oak/security/SecurityProviderImpl.java?rev=1541128&r1=1541127&r2=1541128&view=diff
==============================================================================
---
jackrabbit/oak/trunk/oak-core/src/main/java/org/apache/jackrabbit/oak/security/SecurityProviderImpl.java
(original)
+++
jackrabbit/oak/trunk/oak-core/src/main/java/org/apache/jackrabbit/oak/security/SecurityProviderImpl.java
Tue Nov 12 16:17:24 2013
@@ -21,6 +21,7 @@ import java.util.Set;
import javax.annotation.Nonnull;
import
org.apache.jackrabbit.oak.security.authentication.AuthenticationConfigurationImpl;
+import
org.apache.jackrabbit.oak.security.authentication.token.TokenConfigurationImpl;
import
org.apache.jackrabbit.oak.security.authorization.AuthorizationConfigurationImpl;
import org.apache.jackrabbit.oak.security.principal.PrincipalConfigurationImpl;
import org.apache.jackrabbit.oak.security.privilege.PrivilegeConfigurationImpl;
@@ -29,6 +30,7 @@ import org.apache.jackrabbit.oak.spi.sec
import org.apache.jackrabbit.oak.spi.security.SecurityConfiguration;
import org.apache.jackrabbit.oak.spi.security.SecurityProvider;
import
org.apache.jackrabbit.oak.spi.security.authentication.AuthenticationConfiguration;
+import
org.apache.jackrabbit.oak.spi.security.authentication.token.TokenConfiguration;
import
org.apache.jackrabbit.oak.spi.security.authorization.AuthorizationConfiguration;
import org.apache.jackrabbit.oak.spi.security.principal.PrincipalConfiguration;
import org.apache.jackrabbit.oak.spi.security.privilege.PrivilegeConfiguration;
@@ -65,6 +67,7 @@ public class SecurityProviderImpl implem
scs.add(getUserConfiguration());
scs.add(getPrincipalConfiguration());
scs.add(getPrivilegeConfiguration());
+ scs.add(getTokenConfiguration());
return scs;
}
@@ -81,6 +84,8 @@ public class SecurityProviderImpl implem
return (T) getPrincipalConfiguration();
} else if (PrivilegeConfiguration.class == configClass) {
return (T) getPrivilegeConfiguration();
+ } else if (TokenConfiguration.class == configClass) {
+ return (T) getTokenConfiguration();
} else {
throw new IllegalArgumentException("Unsupported security
configuration class " + configClass);
}
@@ -113,4 +118,9 @@ public class SecurityProviderImpl implem
private PrincipalConfiguration getPrincipalConfiguration() {
return new PrincipalConfigurationImpl(this);
}
+
+ @Nonnull
+ private TokenConfiguration getTokenConfiguration() {
+ return new TokenConfigurationImpl(this);
+ }
}
Modified:
jackrabbit/oak/trunk/oak-core/src/main/java/org/apache/jackrabbit/oak/security/authentication/AuthenticationConfigurationImpl.java
URL:
http://svn.apache.org/viewvc/jackrabbit/oak/trunk/oak-core/src/main/java/org/apache/jackrabbit/oak/security/authentication/AuthenticationConfigurationImpl.java?rev=1541128&r1=1541127&r2=1541128&view=diff
==============================================================================
---
jackrabbit/oak/trunk/oak-core/src/main/java/org/apache/jackrabbit/oak/security/authentication/AuthenticationConfigurationImpl.java
(original)
+++
jackrabbit/oak/trunk/oak-core/src/main/java/org/apache/jackrabbit/oak/security/authentication/AuthenticationConfigurationImpl.java
Tue Nov 12 16:17:24 2013
@@ -22,8 +22,6 @@ import javax.security.auth.login.Configu
import org.apache.felix.scr.annotations.Component;
import org.apache.felix.scr.annotations.Service;
import org.apache.jackrabbit.oak.api.ContentRepository;
-import org.apache.jackrabbit.oak.api.Root;
-import
org.apache.jackrabbit.oak.security.authentication.token.TokenProviderImpl;
import org.apache.jackrabbit.oak.spi.security.ConfigurationBase;
import org.apache.jackrabbit.oak.spi.security.ConfigurationParameters;
import org.apache.jackrabbit.oak.spi.security.SecurityConfiguration;
@@ -32,7 +30,6 @@ import org.apache.jackrabbit.oak.spi.sec
import org.apache.jackrabbit.oak.spi.security.authentication.ConfigurationUtil;
import
org.apache.jackrabbit.oak.spi.security.authentication.LoginContextProvider;
import
org.apache.jackrabbit.oak.spi.security.authentication.token.TokenProvider;
-import org.apache.jackrabbit.oak.spi.security.user.UserConfiguration;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;
@@ -118,25 +115,4 @@ public class AuthenticationConfiguration
}
return new LoginContextProviderImpl(appName, loginConfig,
contentRepository, getSecurityProvider());
}
-
- /**
- * Returns a new instance of {@link TokenProvider}.
- *
- * <h4>Configuration Options</h4>
- * <ul>
- * <li>{@link #PARAM_TOKEN_OPTIONS}: The configuration parameters for
- * the token provider which allows to change the default expiration
time
- * and the length of the generated token.</li>
- * </ul>
- *
- * @param root The target root.
- * @return A new instance of {@link TokenProvider}.
- */
- @Nonnull
- @Override
- public TokenProvider getTokenProvider(Root root) {
- ConfigurationParameters tokenOptions =
getParameters().getConfigValue(PARAM_TOKEN_OPTIONS,
ConfigurationParameters.EMPTY);
- UserConfiguration uc =
getSecurityProvider().getConfiguration(UserConfiguration.class);
- return new TokenProviderImpl(root, tokenOptions, uc);
- }
}
\ No newline at end of file
Added:
jackrabbit/oak/trunk/oak-core/src/main/java/org/apache/jackrabbit/oak/security/authentication/token/TokenConfigurationImpl.java
URL:
http://svn.apache.org/viewvc/jackrabbit/oak/trunk/oak-core/src/main/java/org/apache/jackrabbit/oak/security/authentication/token/TokenConfigurationImpl.java?rev=1541128&view=auto
==============================================================================
---
jackrabbit/oak/trunk/oak-core/src/main/java/org/apache/jackrabbit/oak/security/authentication/token/TokenConfigurationImpl.java
(added)
+++
jackrabbit/oak/trunk/oak-core/src/main/java/org/apache/jackrabbit/oak/security/authentication/token/TokenConfigurationImpl.java
Tue Nov 12 16:17:24 2013
@@ -0,0 +1,75 @@
+/*
+ * Licensed to the Apache Software Foundation (ASF) under one or more
+ * contributor license agreements. See the NOTICE file distributed with
+ * this work for additional information regarding copyright ownership.
+ * The ASF licenses this file to You under the Apache License, Version 2.0
+ * (the "License"); you may not use this file except in compliance with
+ * the License. You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+package org.apache.jackrabbit.oak.security.authentication.token;
+
+import javax.annotation.Nonnull;
+
+import org.apache.felix.scr.annotations.Component;
+import org.apache.felix.scr.annotations.Service;
+import org.apache.jackrabbit.oak.api.Root;
+import org.apache.jackrabbit.oak.spi.security.ConfigurationBase;
+import org.apache.jackrabbit.oak.spi.security.ConfigurationParameters;
+import org.apache.jackrabbit.oak.spi.security.SecurityConfiguration;
+import org.apache.jackrabbit.oak.spi.security.SecurityProvider;
+import
org.apache.jackrabbit.oak.spi.security.authentication.token.TokenConfiguration;
+import
org.apache.jackrabbit.oak.spi.security.authentication.token.TokenProvider;
+import org.apache.jackrabbit.oak.spi.security.user.UserConfiguration;
+
+/**
+ * Default implementation for the {@code TokenConfiguration} interface.
+ */
+@Component()
+@Service({TokenConfiguration.class, SecurityConfiguration.class})
+public class TokenConfigurationImpl extends ConfigurationBase implements
TokenConfiguration {
+
+ public TokenConfigurationImpl() {
+ super();
+ }
+
+ public TokenConfigurationImpl(SecurityProvider securityProvider) {
+ super(securityProvider);
+ }
+
+ //----------------------------------------------< SecurityConfiguration
>---
+ @Nonnull
+ @Override
+ public String getName() {
+ return NAME;
+ }
+
+ //-------------------------------------------------< TokenConfiguration
>---
+ /**
+ * Returns a new instance of {@link
org.apache.jackrabbit.oak.spi.security.authentication.token.TokenProvider}.
+ *
+ * <h4>Configuration Options</h4>
+ * <ul>
+ * <li>{@link #PARAM_TOKEN_OPTIONS}: The configuration parameters for
+ * the token provider which allows to change the default expiration
time
+ * and the length of the generated token.</li>
+ * </ul>
+ *
+ * @param root The target root.
+ * @return A new instance of {@link
org.apache.jackrabbit.oak.spi.security.authentication.token.TokenProvider}.
+ */
+ @Nonnull
+ @Override
+ public TokenProvider getTokenProvider(Root root) {
+ ConfigurationParameters tokenOptions =
getParameters().getConfigValue(PARAM_TOKEN_OPTIONS,
ConfigurationParameters.EMPTY);
+ UserConfiguration uc =
getSecurityProvider().getConfiguration(UserConfiguration.class);
+ return new TokenProviderImpl(root, tokenOptions, uc);
+ }
+}
\ No newline at end of file
Modified:
jackrabbit/oak/trunk/oak-core/src/main/java/org/apache/jackrabbit/oak/security/authentication/token/TokenLoginModule.java
URL:
http://svn.apache.org/viewvc/jackrabbit/oak/trunk/oak-core/src/main/java/org/apache/jackrabbit/oak/security/authentication/token/TokenLoginModule.java?rev=1541128&r1=1541127&r2=1541128&view=diff
==============================================================================
---
jackrabbit/oak/trunk/oak-core/src/main/java/org/apache/jackrabbit/oak/security/authentication/token/TokenLoginModule.java
(original)
+++
jackrabbit/oak/trunk/oak-core/src/main/java/org/apache/jackrabbit/oak/security/authentication/token/TokenLoginModule.java
Tue Nov 12 16:17:24 2013
@@ -32,11 +32,11 @@ import javax.security.auth.login.LoginEx
import
org.apache.jackrabbit.api.security.authentication.token.TokenCredentials;
import org.apache.jackrabbit.oak.api.AuthInfo;
import org.apache.jackrabbit.oak.api.Root;
-import org.apache.jackrabbit.oak.spi.security.authentication.AuthInfoImpl;
import org.apache.jackrabbit.oak.spi.security.SecurityProvider;
import
org.apache.jackrabbit.oak.spi.security.authentication.AbstractLoginModule;
-import
org.apache.jackrabbit.oak.spi.security.authentication.AuthenticationConfiguration;
+import org.apache.jackrabbit.oak.spi.security.authentication.AuthInfoImpl;
import
org.apache.jackrabbit.oak.spi.security.authentication.callback.TokenProviderCallback;
+import
org.apache.jackrabbit.oak.spi.security.authentication.token.TokenConfiguration;
import org.apache.jackrabbit.oak.spi.security.authentication.token.TokenInfo;
import
org.apache.jackrabbit.oak.spi.security.authentication.token.TokenProvider;
import org.slf4j.Logger;
@@ -215,8 +215,8 @@ public final class TokenLoginModule exte
SecurityProvider securityProvider = getSecurityProvider();
Root root = getRoot();
if (root != null && securityProvider != null) {
- AuthenticationConfiguration authConfig =
securityProvider.getConfiguration(AuthenticationConfiguration.class);
- provider = authConfig.getTokenProvider(root);
+ TokenConfiguration tokenConfig =
securityProvider.getConfiguration(TokenConfiguration.class);
+ provider = tokenConfig.getTokenProvider(root);
}
if (provider == null && callbackHandler != null) {
try {
Modified:
jackrabbit/oak/trunk/oak-core/src/main/java/org/apache/jackrabbit/oak/security/authentication/token/TokenProviderImpl.java
URL:
http://svn.apache.org/viewvc/jackrabbit/oak/trunk/oak-core/src/main/java/org/apache/jackrabbit/oak/security/authentication/token/TokenProviderImpl.java?rev=1541128&r1=1541127&r2=1541128&view=diff
==============================================================================
---
jackrabbit/oak/trunk/oak-core/src/main/java/org/apache/jackrabbit/oak/security/authentication/token/TokenProviderImpl.java
(original)
+++
jackrabbit/oak/trunk/oak-core/src/main/java/org/apache/jackrabbit/oak/security/authentication/token/TokenProviderImpl.java
Tue Nov 12 16:17:24 2013
@@ -89,7 +89,7 @@ import static org.apache.jackrabbit.oak.
* interface will not validate the node type of the token node associated with
* a given token.
*/
-public class TokenProviderImpl implements TokenProvider {
+class TokenProviderImpl implements TokenProvider {
private static final Logger log =
LoggerFactory.getLogger(TokenProviderImpl.class);
@@ -125,7 +125,7 @@ public class TokenProviderImpl implement
private final UserManager userManager;
private final IdentifierManager identifierManager;
- public TokenProviderImpl(Root root, ConfigurationParameters options,
UserConfiguration userConfiguration) {
+ TokenProviderImpl(Root root, ConfigurationParameters options,
UserConfiguration userConfiguration) {
this.root = root;
this.options = options;
Modified:
jackrabbit/oak/trunk/oak-core/src/main/java/org/apache/jackrabbit/oak/spi/security/OpenSecurityProvider.java
URL:
http://svn.apache.org/viewvc/jackrabbit/oak/trunk/oak-core/src/main/java/org/apache/jackrabbit/oak/spi/security/OpenSecurityProvider.java?rev=1541128&r1=1541127&r2=1541128&view=diff
==============================================================================
---
jackrabbit/oak/trunk/oak-core/src/main/java/org/apache/jackrabbit/oak/spi/security/OpenSecurityProvider.java
(original)
+++
jackrabbit/oak/trunk/oak-core/src/main/java/org/apache/jackrabbit/oak/spi/security/OpenSecurityProvider.java
Tue Nov 12 16:17:24 2013
@@ -24,9 +24,6 @@ import org.apache.jackrabbit.oak.spi.sec
import
org.apache.jackrabbit.oak.spi.security.authentication.OpenAuthenticationConfiguration;
import
org.apache.jackrabbit.oak.spi.security.authorization.AuthorizationConfiguration;
import
org.apache.jackrabbit.oak.spi.security.authorization.OpenAuthorizationConfiguration;
-import org.apache.jackrabbit.oak.spi.security.principal.PrincipalConfiguration;
-import org.apache.jackrabbit.oak.spi.security.privilege.PrivilegeConfiguration;
-import org.apache.jackrabbit.oak.spi.security.user.UserConfiguration;
/**
* OpenSecurityProvider... TODO: review if we really have the need for that
once TODO in InitialContent is resolved
@@ -52,12 +49,6 @@ public class OpenSecurityProvider implem
return (T) new OpenAuthenticationConfiguration();
} else if (AuthorizationConfiguration.class == configClass) {
return (T) new OpenAuthorizationConfiguration();
- } else if (UserConfiguration.class == configClass) {
- throw new UnsupportedOperationException();
- } else if (PrincipalConfiguration.class == configClass) {
- throw new UnsupportedOperationException();
- } else if (PrivilegeConfiguration.class == configClass) {
- throw new UnsupportedOperationException();
} else {
throw new IllegalArgumentException("Unsupported security
configuration class " + configClass);
}
Modified:
jackrabbit/oak/trunk/oak-core/src/main/java/org/apache/jackrabbit/oak/spi/security/authentication/AuthenticationConfiguration.java
URL:
http://svn.apache.org/viewvc/jackrabbit/oak/trunk/oak-core/src/main/java/org/apache/jackrabbit/oak/spi/security/authentication/AuthenticationConfiguration.java?rev=1541128&r1=1541127&r2=1541128&view=diff
==============================================================================
---
jackrabbit/oak/trunk/oak-core/src/main/java/org/apache/jackrabbit/oak/spi/security/authentication/AuthenticationConfiguration.java
(original)
+++
jackrabbit/oak/trunk/oak-core/src/main/java/org/apache/jackrabbit/oak/spi/security/authentication/AuthenticationConfiguration.java
Tue Nov 12 16:17:24 2013
@@ -19,9 +19,7 @@ package org.apache.jackrabbit.oak.spi.se
import javax.annotation.Nonnull;
import org.apache.jackrabbit.oak.api.ContentRepository;
-import org.apache.jackrabbit.oak.api.Root;
import org.apache.jackrabbit.oak.spi.security.SecurityConfiguration;
-import
org.apache.jackrabbit.oak.spi.security.authentication.token.TokenProvider;
/**
* Interface for the authentication setup.
@@ -30,13 +28,9 @@ public interface AuthenticationConfigura
String NAME = "org.apache.jackrabbit.oak.authentication";
- String PARAM_TOKEN_OPTIONS =
"org.apache.jackrabbit.oak.authentication.token";
String PARAM_APP_NAME = "org.apache.jackrabbit.oak.authentication.appName";
String DEFAULT_APP_NAME = "jackrabbit.oak";
@Nonnull
LoginContextProvider getLoginContextProvider(ContentRepository
contentRepository);
-
- @Nonnull
- TokenProvider getTokenProvider(Root root);
}
Modified:
jackrabbit/oak/trunk/oak-core/src/main/java/org/apache/jackrabbit/oak/spi/security/authentication/OpenAuthenticationConfiguration.java
URL:
http://svn.apache.org/viewvc/jackrabbit/oak/trunk/oak-core/src/main/java/org/apache/jackrabbit/oak/spi/security/authentication/OpenAuthenticationConfiguration.java?rev=1541128&r1=1541127&r2=1541128&view=diff
==============================================================================
---
jackrabbit/oak/trunk/oak-core/src/main/java/org/apache/jackrabbit/oak/spi/security/authentication/OpenAuthenticationConfiguration.java
(original)
+++
jackrabbit/oak/trunk/oak-core/src/main/java/org/apache/jackrabbit/oak/spi/security/authentication/OpenAuthenticationConfiguration.java
Tue Nov 12 16:17:24 2013
@@ -21,9 +21,7 @@ import javax.jcr.Credentials;
import javax.security.auth.Subject;
import org.apache.jackrabbit.oak.api.ContentRepository;
-import org.apache.jackrabbit.oak.api.Root;
import org.apache.jackrabbit.oak.spi.security.SecurityConfiguration;
-import
org.apache.jackrabbit.oak.spi.security.authentication.token.TokenProvider;
/**
* This implementation of the authentication configuration provides login
@@ -61,10 +59,4 @@ public class OpenAuthenticationConfigura
}
};
}
-
- @Nonnull
- @Override
- public TokenProvider getTokenProvider(Root root) {
- throw new UnsupportedOperationException();
- }
}
Added:
jackrabbit/oak/trunk/oak-core/src/main/java/org/apache/jackrabbit/oak/spi/security/authentication/token/TokenConfiguration.java
URL:
http://svn.apache.org/viewvc/jackrabbit/oak/trunk/oak-core/src/main/java/org/apache/jackrabbit/oak/spi/security/authentication/token/TokenConfiguration.java?rev=1541128&view=auto
==============================================================================
---
jackrabbit/oak/trunk/oak-core/src/main/java/org/apache/jackrabbit/oak/spi/security/authentication/token/TokenConfiguration.java
(added)
+++
jackrabbit/oak/trunk/oak-core/src/main/java/org/apache/jackrabbit/oak/spi/security/authentication/token/TokenConfiguration.java
Tue Nov 12 16:17:24 2013
@@ -0,0 +1,35 @@
+/*
+ * Licensed to the Apache Software Foundation (ASF) under one or more
+ * contributor license agreements. See the NOTICE file distributed with
+ * this work for additional information regarding copyright ownership.
+ * The ASF licenses this file to You under the Apache License, Version 2.0
+ * (the "License"); you may not use this file except in compliance with
+ * the License. You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+package org.apache.jackrabbit.oak.spi.security.authentication.token;
+
+import javax.annotation.Nonnull;
+
+import org.apache.jackrabbit.oak.api.Root;
+import org.apache.jackrabbit.oak.spi.security.SecurityConfiguration;
+
+/**
+ * TokenConfiguration... TODO
+ */
+public interface TokenConfiguration extends SecurityConfiguration {
+
+ String NAME = "org.apache.jackrabbit.oak.authentication.token";
+
+ String PARAM_TOKEN_OPTIONS =
"org.apache.jackrabbit.oak.authentication.token";
+
+ @Nonnull
+ TokenProvider getTokenProvider(Root root);
+}
\ No newline at end of file
Modified:
jackrabbit/oak/trunk/oak-core/src/test/java/org/apache/jackrabbit/oak/security/authentication/TokenDefaultLoginModuleTest.java
URL:
http://svn.apache.org/viewvc/jackrabbit/oak/trunk/oak-core/src/test/java/org/apache/jackrabbit/oak/security/authentication/TokenDefaultLoginModuleTest.java?rev=1541128&r1=1541127&r2=1541128&view=diff
==============================================================================
---
jackrabbit/oak/trunk/oak-core/src/test/java/org/apache/jackrabbit/oak/security/authentication/TokenDefaultLoginModuleTest.java
(original)
+++
jackrabbit/oak/trunk/oak-core/src/test/java/org/apache/jackrabbit/oak/security/authentication/TokenDefaultLoginModuleTest.java
Tue Nov 12 16:17:24 2013
@@ -30,8 +30,8 @@ import org.apache.jackrabbit.oak.api.Con
import org.apache.jackrabbit.oak.api.Root;
import
org.apache.jackrabbit.oak.security.authentication.token.TokenLoginModule;
import org.apache.jackrabbit.oak.spi.security.authentication.AuthInfoImpl;
-import
org.apache.jackrabbit.oak.spi.security.authentication.AuthenticationConfiguration;
import
org.apache.jackrabbit.oak.spi.security.authentication.ImpersonationCredentials;
+import
org.apache.jackrabbit.oak.spi.security.authentication.token.TokenConfiguration;
import org.apache.jackrabbit.oak.spi.security.authentication.token.TokenInfo;
import
org.apache.jackrabbit.oak.spi.security.authentication.token.TokenProvider;
import org.apache.jackrabbit.oak.security.authentication.user.LoginModuleImpl;
@@ -221,8 +221,8 @@ public class TokenDefaultLoginModuleTest
@Test
public void testValidTokenCredentials() throws Exception {
Root root = adminSession.getLatestRoot();
- AuthenticationConfiguration authConfig =
getSecurityProvider().getConfiguration(AuthenticationConfiguration.class);
- TokenProvider tp = authConfig.getTokenProvider(root);
+ TokenConfiguration tc =
getSecurityProvider().getConfiguration(TokenConfiguration.class);
+ TokenProvider tp = tc.getTokenProvider(root);
SimpleCredentials sc = (SimpleCredentials) getAdminCredentials();
TokenInfo info = tp.createToken(sc.getUserID(), Collections.<String,
Object>emptyMap());
Modified:
jackrabbit/oak/trunk/oak-core/src/test/java/org/apache/jackrabbit/oak/security/authentication/token/TokenLoginModuleTest.java
URL:
http://svn.apache.org/viewvc/jackrabbit/oak/trunk/oak-core/src/test/java/org/apache/jackrabbit/oak/security/authentication/token/TokenLoginModuleTest.java?rev=1541128&r1=1541127&r2=1541128&view=diff
==============================================================================
---
jackrabbit/oak/trunk/oak-core/src/test/java/org/apache/jackrabbit/oak/security/authentication/token/TokenLoginModuleTest.java
(original)
+++
jackrabbit/oak/trunk/oak-core/src/test/java/org/apache/jackrabbit/oak/security/authentication/token/TokenLoginModuleTest.java
Tue Nov 12 16:17:24 2013
@@ -27,7 +27,7 @@ import org.apache.jackrabbit.api.securit
import org.apache.jackrabbit.oak.AbstractSecurityTest;
import org.apache.jackrabbit.oak.api.ContentSession;
import org.apache.jackrabbit.oak.api.Root;
-import
org.apache.jackrabbit.oak.spi.security.authentication.AuthenticationConfiguration;
+import
org.apache.jackrabbit.oak.spi.security.authentication.token.TokenConfiguration;
import org.apache.jackrabbit.oak.spi.security.authentication.token.TokenInfo;
import
org.apache.jackrabbit.oak.spi.security.authentication.token.TokenProvider;
import org.junit.Test;
@@ -137,8 +137,8 @@ public class TokenLoginModuleTest extend
@Test
public void testValidTokenCredentials() throws Exception {
Root root = adminSession.getLatestRoot();
- AuthenticationConfiguration authConfig =
getSecurityProvider().getConfiguration(AuthenticationConfiguration.class);
- TokenProvider tp = authConfig.getTokenProvider(root);
+ TokenConfiguration tokenConfig =
getSecurityProvider().getConfiguration(TokenConfiguration.class);
+ TokenProvider tp = tokenConfig.getTokenProvider(root);
SimpleCredentials sc = (SimpleCredentials) getAdminCredentials();
TokenInfo info = tp.createToken(sc.getUserID(), Collections.<String,
Object>emptyMap());
Modified:
jackrabbit/oak/trunk/oak-doc/src/site/markdown/differences_authentication.md
URL:
http://svn.apache.org/viewvc/jackrabbit/oak/trunk/oak-doc/src/site/markdown/differences_authentication.md?rev=1541128&r1=1541127&r2=1541128&view=diff
==============================================================================
---
jackrabbit/oak/trunk/oak-doc/src/site/markdown/differences_authentication.md
(original)
+++
jackrabbit/oak/trunk/oak-doc/src/site/markdown/differences_authentication.md
Tue Nov 12 16:17:24 2013
@@ -176,6 +176,7 @@ org.apache.jackrabbit.oak.spi.security.a
org.apache.jackrabbit.oak.spi.security.authentication.token:
+- `TokenConfiguration`: Interface to obtain a `TokenProvider` instance.
- `TokenProvider`: Interface to manage login tokens.
- `TokenInfo`: Information related to a login token and token validity.
@@ -188,11 +189,13 @@ org.apache.jackrabbit.oak.spi.security.a
##### AuthenticationConfiguration [9]:
- `getLoginContextProvider` -> configuration of the login context
-- `getTokenProvider` -> configuration of the token management implementation
+
+##### TokenConfiguration [10]:
+- `getTokenProvider`
##### Utilities
There also exists a utility class that allows to obtain different
-`javax.security.auth.login.Configuration` for the most common setup [10]:
+`javax.security.auth.login.Configuration` for the most common setup [11]:
- `ConfigurationUtil#getDefaultConfiguration`: default OAK configuration
supporting uid/pw login configures `LoginModuleImpl` only
@@ -225,4 +228,6 @@ There also exists a utility class that a
[9]
http://svn.apache.org/repos/asf/jackrabbit/oak/trunk/oak-core/src/main/java/org/apache/jackrabbit/oak/spi/security/authentication/AuthenticationConfiguration.java
-[10]
http://svn.apache.org/repos/asf/jackrabbit/oak/trunk/oak-core/src/main/java/org/apache/jackrabbit/oak/spi/security/authentication/ConfigurationUtil.java
+[10]
http://svn.apache.org/repos/asf/jackrabbit/oak/trunk/oak-core/src/main/java/org/apache/jackrabbit/oak/spi/security/authentication/token/TokenConfiguration.java
+
+[11]
http://svn.apache.org/repos/asf/jackrabbit/oak/trunk/oak-core/src/main/java/org/apache/jackrabbit/oak/spi/security/authentication/ConfigurationUtil.java
