Author: angela
Date: Wed Jun 15 16:07:25 2016
New Revision: 1748603
URL: http://svn.apache.org/viewvc?rev=1748603&view=rev
Log:
OAK-4218 : Base SyncMBeanImpl on Oak API
Added:
jackrabbit/oak/trunk/oak-auth-external/src/test/java/org/apache/jackrabbit/oak/spi/security/authentication/external/impl/jmx/SynMBeanImplOSGiTest.java
Modified:
jackrabbit/oak/trunk/oak-auth-external/pom.xml
jackrabbit/oak/trunk/oak-auth-external/src/main/java/org/apache/jackrabbit/oak/spi/security/authentication/external/impl/ExternalLoginModuleFactory.java
jackrabbit/oak/trunk/oak-auth-external/src/main/java/org/apache/jackrabbit/oak/spi/security/authentication/external/impl/jmx/Delegatee.java
jackrabbit/oak/trunk/oak-auth-external/src/main/java/org/apache/jackrabbit/oak/spi/security/authentication/external/impl/jmx/SyncMBeanImpl.java
jackrabbit/oak/trunk/oak-auth-external/src/test/java/org/apache/jackrabbit/oak/spi/security/authentication/external/ExternalLoginModuleTestBase.java
jackrabbit/oak/trunk/oak-auth-external/src/test/java/org/apache/jackrabbit/oak/spi/security/authentication/external/impl/jmx/AbstractJmxTest.java
jackrabbit/oak/trunk/oak-auth-external/src/test/java/org/apache/jackrabbit/oak/spi/security/authentication/external/impl/jmx/DelegateeTest.java
jackrabbit/oak/trunk/oak-auth-external/src/test/java/org/apache/jackrabbit/oak/spi/security/authentication/external/impl/jmx/SyncMBeanImplTest.java
Modified: jackrabbit/oak/trunk/oak-auth-external/pom.xml
URL:
http://svn.apache.org/viewvc/jackrabbit/oak/trunk/oak-auth-external/pom.xml?rev=1748603&r1=1748602&r2=1748603&view=diff
==============================================================================
--- jackrabbit/oak/trunk/oak-auth-external/pom.xml (original)
+++ jackrabbit/oak/trunk/oak-auth-external/pom.xml Wed Jun 15 16:07:25 2016
@@ -100,12 +100,7 @@
<artifactId>guava</artifactId>
</dependency>
- <!-- JCR and Jackrabbit dependencies -->
- <dependency>
- <groupId>javax.jcr</groupId>
- <artifactId>jcr</artifactId>
- <version>2.0</version>
- </dependency>
+ <!-- Jackrabbit dependencies -->
<dependency>
<groupId>org.apache.jackrabbit</groupId>
<artifactId>jackrabbit-api</artifactId>
Modified:
jackrabbit/oak/trunk/oak-auth-external/src/main/java/org/apache/jackrabbit/oak/spi/security/authentication/external/impl/ExternalLoginModuleFactory.java
URL:
http://svn.apache.org/viewvc/jackrabbit/oak/trunk/oak-auth-external/src/main/java/org/apache/jackrabbit/oak/spi/security/authentication/external/impl/ExternalLoginModuleFactory.java?rev=1748603&r1=1748602&r2=1748603&view=diff
==============================================================================
---
jackrabbit/oak/trunk/oak-auth-external/src/main/java/org/apache/jackrabbit/oak/spi/security/authentication/external/impl/ExternalLoginModuleFactory.java
(original)
+++
jackrabbit/oak/trunk/oak-auth-external/src/main/java/org/apache/jackrabbit/oak/spi/security/authentication/external/impl/ExternalLoginModuleFactory.java
Wed Jun 15 16:07:25 2016
@@ -17,7 +17,6 @@
package org.apache.jackrabbit.oak.spi.security.authentication.external.impl;
import java.util.Hashtable;
-import javax.jcr.Repository;
import javax.management.MalformedObjectNameException;
import javax.management.ObjectName;
import javax.security.auth.spi.LoginModule;
@@ -30,15 +29,20 @@ import org.apache.felix.scr.annotations.
import org.apache.felix.scr.annotations.Deactivate;
import org.apache.felix.scr.annotations.Property;
import org.apache.felix.scr.annotations.Reference;
+import org.apache.felix.scr.annotations.ReferenceCardinality;
+import org.apache.felix.scr.annotations.ReferencePolicy;
import org.apache.felix.scr.annotations.Service;
+import org.apache.jackrabbit.oak.api.ContentRepository;
import org.apache.jackrabbit.oak.osgi.OsgiWhiteboard;
import org.apache.jackrabbit.oak.spi.security.ConfigurationParameters;
+import org.apache.jackrabbit.oak.spi.security.SecurityProvider;
import
org.apache.jackrabbit.oak.spi.security.authentication.external.ExternalIdentityProviderManager;
import
org.apache.jackrabbit.oak.spi.security.authentication.external.SyncManager;
import
org.apache.jackrabbit.oak.spi.security.authentication.external.impl.jmx.SyncMBeanImpl;
import
org.apache.jackrabbit.oak.spi.security.authentication.external.impl.jmx.SynchronizationMBean;
import org.apache.jackrabbit.oak.spi.whiteboard.Registration;
import org.apache.jackrabbit.oak.spi.whiteboard.Whiteboard;
+import org.osgi.framework.BundleContext;
import org.osgi.service.component.ComponentContext;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;
@@ -99,19 +103,24 @@ public class ExternalLoginModuleFactory
)
public static final String PARAM_SYNC_HANDLER_NAME =
SyncHandlerMapping.PARAM_SYNC_HANDLER_NAME;
+ @Reference(cardinality = ReferenceCardinality.OPTIONAL_UNARY, policy =
ReferencePolicy.DYNAMIC)
+ private SecurityProvider securityProvider;
+
+ @Reference(cardinality = ReferenceCardinality.OPTIONAL_UNARY, policy =
ReferencePolicy.DYNAMIC)
+ private ContentRepository contentRepository;
+
@Reference
private SyncManager syncManager;
@Reference
private ExternalIdentityProviderManager idpManager;
- @Reference
- private Repository repository;
-
/**
* default configuration for the login modules
*/
- private ConfigurationParameters osgiConfig;
+ private ConfigurationParameters osgiConfig = ConfigurationParameters.EMPTY;
+
+ private BundleContext bundleContext;
/**
* whiteboard registration handle of the manager mbean
@@ -128,32 +137,89 @@ public class ExternalLoginModuleFactory
private void activate(ComponentContext context) {
//noinspection unchecked
osgiConfig = ConfigurationParameters.of(context.getProperties());
- String idpName = osgiConfig.getConfigValue(PARAM_IDP_NAME, "");
- String sncName = osgiConfig.getConfigValue(PARAM_SYNC_HANDLER_NAME,
"");
+ bundleContext = context.getBundleContext();
+
+ mayRegisterSyncMBean();
+ }
+
+ @SuppressWarnings("UnusedDeclaration")
+ @Deactivate
+ private void deactivate() {
+ unregisterSyncMBean();
+ }
+
+ @SuppressWarnings("UnusedDeclaration")
+ public void bindContentRepository(ContentRepository contentRepository) {
+ this.contentRepository = contentRepository;
+ mayRegisterSyncMBean();
+ }
+
+ @SuppressWarnings("UnusedDeclaration")
+ public void unbindContentRepository(ContentRepository contentRepository) {
+ this.contentRepository = null;
+ unregisterSyncMBean();
+ }
- Whiteboard whiteboard = new OsgiWhiteboard(context.getBundleContext());
+ @SuppressWarnings("UnusedDeclaration")
+ public void bindSecurityProvider(SecurityProvider securityProvider) {
+ this.securityProvider = securityProvider;
+ mayRegisterSyncMBean();
+ }
+
+ @SuppressWarnings("UnusedDeclaration")
+ public void unbindSecurityProvider(SecurityProvider securityProvider) {
+ this.securityProvider = null;
+ unregisterSyncMBean();
+ }
+
+ private void mayRegisterSyncMBean() {
+ log.debug("Trying to register SynchronizationMBean");
+
+ if (mbeanRegistration != null) {
+ log.debug("SynchronizationMBean already registered");
+ return;
+ }
+ if (bundleContext == null) {
+ log.debug("Cannot register SynchronizationMBean; not yet
activated.");
+ return;
+ }
+ if (contentRepository == null || securityProvider == null) {
+ log.debug("Cannot register SynchronizationMBean; waiting for
references to ContentRepository|SecurityProvider.");
+ return;
+ }
+
+ Whiteboard whiteboard = new OsgiWhiteboard(bundleContext);
try {
- SyncMBeanImpl bean = new SyncMBeanImpl(repository, syncManager,
sncName, idpManager, idpName);
- Hashtable<String, String> table = new Hashtable<String, String>();
+ log.debug("Registering SynchronizationMBean");
+
+ String idpName = osgiConfig.getConfigValue(PARAM_IDP_NAME, "");
+ String sncName =
osgiConfig.getConfigValue(PARAM_SYNC_HANDLER_NAME, "");
+
+ SyncMBeanImpl bean = new SyncMBeanImpl(contentRepository,
securityProvider, syncManager, sncName, idpManager, idpName);
+ Hashtable<String, String> table = new Hashtable();
table.put("type", "UserManagement");
table.put("name", "External Identity Synchronization Management");
table.put("handler", ObjectName.quote(sncName));
table.put("idp", ObjectName.quote(idpName));
mbeanRegistration =
whiteboard.register(SynchronizationMBean.class, bean, ImmutableMap.of(
- "jmx.objectname",
- new ObjectName("org.apache.jackrabbit.oak", table))
+ "jmx.objectname",
+ new ObjectName("org.apache.jackrabbit.oak", table))
);
+ log.debug("Registration of SynchronizationMBean completed");
} catch (MalformedObjectNameException e) {
- log.error("Unable to register SynchronizationMBean.", e);
+ log.error("Unable to register SynchronizationMBean", e);
}
}
- @SuppressWarnings("UnusedDeclaration")
- @Deactivate
- private void deactivate() {
+ private void unregisterSyncMBean() {
if (mbeanRegistration != null) {
+ log.debug("Unregistering SynchronizationMBean");
+
mbeanRegistration.unregister();
mbeanRegistration = null;
+ log.debug("Unregister SynchronizationMBean: completed");
+ } else {
+ log.debug("Unable to unregister SynchronizationMBean; missing
registration.");
}
}
Modified:
jackrabbit/oak/trunk/oak-auth-external/src/main/java/org/apache/jackrabbit/oak/spi/security/authentication/external/impl/jmx/Delegatee.java
URL:
http://svn.apache.org/viewvc/jackrabbit/oak/trunk/oak-auth-external/src/main/java/org/apache/jackrabbit/oak/spi/security/authentication/external/impl/jmx/Delegatee.java?rev=1748603&r1=1748602&r2=1748603&view=diff
==============================================================================
---
jackrabbit/oak/trunk/oak-auth-external/src/main/java/org/apache/jackrabbit/oak/spi/security/authentication/external/impl/jmx/Delegatee.java
(original)
+++
jackrabbit/oak/trunk/oak-auth-external/src/main/java/org/apache/jackrabbit/oak/spi/security/authentication/external/impl/jmx/Delegatee.java
Wed Jun 15 16:07:25 2016
@@ -16,6 +16,7 @@
*/
package
org.apache.jackrabbit.oak.spi.security.authentication.external.impl.jmx;
+import java.io.IOException;
import java.security.PrivilegedActionException;
import java.security.PrivilegedExceptionAction;
import java.util.ArrayList;
@@ -24,18 +25,23 @@ import java.util.List;
import javax.annotation.CheckForNull;
import javax.annotation.Nonnull;
import javax.annotation.Nullable;
-import javax.jcr.Repository;
+import javax.jcr.NoSuchWorkspaceException;
import javax.jcr.RepositoryException;
-import javax.jcr.Session;
import javax.security.auth.Subject;
+import javax.security.auth.login.LoginException;
import com.google.common.base.Function;
import com.google.common.base.Predicates;
import com.google.common.collect.Iterators;
-import org.apache.jackrabbit.api.JackrabbitRepository;
-import org.apache.jackrabbit.api.JackrabbitSession;
import org.apache.jackrabbit.api.security.user.UserManager;
import org.apache.jackrabbit.commons.json.JsonUtil;
+import org.apache.jackrabbit.oak.api.CommitFailedException;
+import org.apache.jackrabbit.oak.api.ContentRepository;
+import org.apache.jackrabbit.oak.api.ContentSession;
+import org.apache.jackrabbit.oak.api.Root;
+import org.apache.jackrabbit.oak.namepath.NamePathMapper;
+import org.apache.jackrabbit.oak.plugins.value.ValueFactoryImpl;
+import org.apache.jackrabbit.oak.spi.security.SecurityProvider;
import org.apache.jackrabbit.oak.spi.security.authentication.SystemSubject;
import
org.apache.jackrabbit.oak.spi.security.authentication.external.ExternalIdentity;
import
org.apache.jackrabbit.oak.spi.security.authentication.external.ExternalIdentityException;
@@ -49,6 +55,7 @@ import org.apache.jackrabbit.oak.spi.sec
import
org.apache.jackrabbit.oak.spi.security.authentication.external.SyncedIdentity;
import
org.apache.jackrabbit.oak.spi.security.authentication.external.basic.DefaultSyncResultImpl;
import
org.apache.jackrabbit.oak.spi.security.authentication.external.basic.DefaultSyncedIdentity;
+import org.apache.jackrabbit.oak.spi.security.user.UserConfiguration;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;
@@ -65,75 +72,73 @@ final class Delegatee {
private final SyncHandler handler;
private final ExternalIdentityProvider idp;
private final UserManager userMgr;
- private final Session systemSession;
+
+ private final ContentSession systemSession;
+ private final Root root;
private final int batchSize;
private SyncContext context;
private Delegatee(@Nonnull SyncHandler handler, @Nonnull
ExternalIdentityProvider idp,
- @Nonnull JackrabbitSession systemSession, int batchSize)
throws SyncException, RepositoryException {
+ @Nonnull ContentSession systemSession, @Nonnull
SecurityProvider securityProvider, int batchSize) throws SyncException {
this.handler = handler;
this.idp = idp;
this.systemSession = systemSession;
- this.userMgr = systemSession.getUserManager();
- this.context = handler.createContext(idp, userMgr,
systemSession.getValueFactory());
this.batchSize = batchSize;
- log.info("Created delegatee for SyncMBean with session: {} {}",
systemSession, systemSession.getUserID());
+ root = systemSession.getLatestRoot();
+ userMgr =
securityProvider.getConfiguration(UserConfiguration.class).getUserManager(root,
NamePathMapper.DEFAULT);
+ context = handler.createContext(idp, userMgr, new
ValueFactoryImpl(root, NamePathMapper.DEFAULT));
+
+ log.info("Created delegatee for SyncMBean with session: {} {}",
systemSession, systemSession.getAuthInfo().getUserID());
}
- static Delegatee createInstance(@Nonnull final Repository repository,
- @Nonnull SyncHandler handler,
- @Nonnull ExternalIdentityProvider idp) {
- return createInstance(repository, handler, idp, DEFAULT_BATCH_SIZE);
+ static Delegatee createInstance(@Nonnull ContentRepository repository,
@Nonnull SecurityProvider securityProvider,
+ @Nonnull SyncHandler handler, @Nonnull
ExternalIdentityProvider idp) {
+ return createInstance(repository, securityProvider, handler, idp,
DEFAULT_BATCH_SIZE);
}
- static Delegatee createInstance(@Nonnull final Repository repository,
+ static Delegatee createInstance(@Nonnull final ContentRepository
repository,
+ @Nonnull SecurityProvider securityProvider,
@Nonnull SyncHandler handler,
@Nonnull ExternalIdentityProvider idp,
int batchSize) {
- Session systemSession;
+ ContentSession systemSession;
try {
- systemSession = Subject.doAs(SystemSubject.INSTANCE, new
PrivilegedExceptionAction<Session>() {
+ systemSession = Subject.doAs(SystemSubject.INSTANCE, new
PrivilegedExceptionAction<ContentSession>() {
@Override
- public Session run() throws RepositoryException {
- if (repository instanceof JackrabbitRepository) {
- // this is to bypass GuestCredentials injection in the
"AbstractSlingRepository2"
- return ((JackrabbitRepository) repository).login(null,
null, null);
- } else {
- return repository.login(null, null);
- }
+ public ContentSession run() throws NoSuchWorkspaceException,
LoginException {
+ return repository.login(null, null);
}
});
} catch (PrivilegedActionException e) {
throw new SyncRuntimeException(ERROR_CREATE_DELEGATEE, e);
}
- if (!(systemSession instanceof JackrabbitSession)) {
- systemSession.logout();
- throw new SyncRuntimeException("Unable to create SyncContext:
JackrabbitSession required.");
- }
try {
- return new Delegatee(handler, idp, (JackrabbitSession)
systemSession, batchSize);
- } catch (RepositoryException e) {
- systemSession.logout();
- throw new SyncRuntimeException(ERROR_CREATE_DELEGATEE, e);
+ return new Delegatee(handler, idp, systemSession,
securityProvider, batchSize);
} catch (SyncException e) {
- systemSession.logout();
+ close(systemSession);
throw new SyncRuntimeException(ERROR_CREATE_DELEGATEE, e);
}
}
+ private static void close(@Nonnull ContentSession systemSession) {
+ try {
+ systemSession.close();
+ } catch (IOException e) {
+ log.error("Error while closing ContentSession {}", systemSession);
+ }
+ }
+
void close() {
if (context != null) {
context.close();
context = null;
}
- if (systemSession.isLive()) {
- systemSession.logout();
- }
+ close(systemSession);
}
/**
@@ -306,17 +311,13 @@ final class Delegatee {
return resultList;
} else {
try {
- systemSession.save();
+ root.commit();
append(list, resultList);
- } catch (RepositoryException e) {
+ } catch (CommitFailedException e) {
append(list, resultList, e);
} finally {
// make sure there are not pending changes that would fail the
next batches
- try {
- systemSession.refresh(false);
- } catch (RepositoryException e) {
- log.warn(e.getMessage());
- }
+ root.refresh();
}
return new ArrayList<SyncResult>(size);
}
Modified:
jackrabbit/oak/trunk/oak-auth-external/src/main/java/org/apache/jackrabbit/oak/spi/security/authentication/external/impl/jmx/SyncMBeanImpl.java
URL:
http://svn.apache.org/viewvc/jackrabbit/oak/trunk/oak-auth-external/src/main/java/org/apache/jackrabbit/oak/spi/security/authentication/external/impl/jmx/SyncMBeanImpl.java?rev=1748603&r1=1748602&r2=1748603&view=diff
==============================================================================
---
jackrabbit/oak/trunk/oak-auth-external/src/main/java/org/apache/jackrabbit/oak/spi/security/authentication/external/impl/jmx/SyncMBeanImpl.java
(original)
+++
jackrabbit/oak/trunk/oak-auth-external/src/main/java/org/apache/jackrabbit/oak/spi/security/authentication/external/impl/jmx/SyncMBeanImpl.java
Wed Jun 15 16:07:25 2016
@@ -17,8 +17,9 @@
package
org.apache.jackrabbit.oak.spi.security.authentication.external.impl.jmx;
import javax.annotation.Nonnull;
-import javax.jcr.Repository;
+import org.apache.jackrabbit.oak.api.ContentRepository;
+import org.apache.jackrabbit.oak.spi.security.SecurityProvider;
import
org.apache.jackrabbit.oak.spi.security.authentication.external.ExternalIdentityProvider;
import
org.apache.jackrabbit.oak.spi.security.authentication.external.ExternalIdentityProviderManager;
import
org.apache.jackrabbit.oak.spi.security.authentication.external.SyncHandler;
@@ -33,7 +34,9 @@ public class SyncMBeanImpl implements Sy
private static final Logger log =
LoggerFactory.getLogger(SyncMBeanImpl.class);
- private final Repository repository;
+ private final ContentRepository repository;
+
+ private final SecurityProvider securityProvider;
private final SyncManager syncManager;
@@ -43,9 +46,11 @@ public class SyncMBeanImpl implements Sy
private final String idpName;
- public SyncMBeanImpl(Repository repository, SyncManager syncManager,
String syncName,
- ExternalIdentityProviderManager idpManager, String
idpName) {
+ public SyncMBeanImpl(@Nonnull ContentRepository repository, @Nonnull
SecurityProvider securityProvider,
+ @Nonnull SyncManager syncManager, @Nonnull String
syncName,
+ @Nonnull ExternalIdentityProviderManager idpManager,
@Nonnull String idpName) {
this.repository = repository;
+ this.securityProvider = securityProvider;
this.syncManager = syncManager;
this.syncName = syncName;
this.idpManager = idpManager;
@@ -64,7 +69,7 @@ public class SyncMBeanImpl implements Sy
log.error("No idp available for name", idpName);
throw new IllegalArgumentException("No idp manager available for
name " + idpName);
}
- return Delegatee.createInstance(repository, handler, idp);
+ return Delegatee.createInstance(repository, securityProvider, handler,
idp);
}
//-----------------------------------------------< SynchronizationMBean
>---
Modified:
jackrabbit/oak/trunk/oak-auth-external/src/test/java/org/apache/jackrabbit/oak/spi/security/authentication/external/ExternalLoginModuleTestBase.java
URL:
http://svn.apache.org/viewvc/jackrabbit/oak/trunk/oak-auth-external/src/test/java/org/apache/jackrabbit/oak/spi/security/authentication/external/ExternalLoginModuleTestBase.java?rev=1748603&r1=1748602&r2=1748603&view=diff
==============================================================================
---
jackrabbit/oak/trunk/oak-auth-external/src/test/java/org/apache/jackrabbit/oak/spi/security/authentication/external/ExternalLoginModuleTestBase.java
(original)
+++
jackrabbit/oak/trunk/oak-auth-external/src/test/java/org/apache/jackrabbit/oak/spi/security/authentication/external/ExternalLoginModuleTestBase.java
Wed Jun 15 16:07:25 2016
@@ -28,6 +28,7 @@ import org.apache.jackrabbit.oak.spi.sec
import
org.apache.jackrabbit.oak.spi.security.authentication.external.impl.ExternalIDPManagerImpl;
import
org.apache.jackrabbit.oak.spi.security.authentication.external.impl.ExternalLoginModule;
import
org.apache.jackrabbit.oak.spi.security.authentication.external.impl.SyncManagerImpl;
+import
org.apache.jackrabbit.oak.spi.security.authentication.external.impl.jmx.SyncMBeanImpl;
import
org.apache.jackrabbit.oak.spi.security.authentication.external.impl.jmx.SynchronizationMBean;
import org.apache.jackrabbit.oak.spi.whiteboard.Registration;
import org.apache.jackrabbit.oak.spi.whiteboard.Whiteboard;
@@ -91,11 +92,7 @@ public abstract class ExternalLoginModul
}
protected SynchronizationMBean createMBean() {
- // todo: how to retrieve JCR repository here? maybe we should base the
sync mbean on oak directly (=> OAK-4218).
- // JackrabbitRepository repository = null;
- // return new SyncMBeanImpl(repository, syncManager, "default",
idpManager, idp.getName());
-
- throw new UnsupportedOperationException("creating the mbean is not
supported yet.");
+ return new SyncMBeanImpl(getContentRepository(),
getSecurityProvider(), syncManager, syncConfig.getName(), idpManager,
idp.getName());
}
protected void setSyncConfig(DefaultSyncConfig cfg) {
Modified:
jackrabbit/oak/trunk/oak-auth-external/src/test/java/org/apache/jackrabbit/oak/spi/security/authentication/external/impl/jmx/AbstractJmxTest.java
URL:
http://svn.apache.org/viewvc/jackrabbit/oak/trunk/oak-auth-external/src/test/java/org/apache/jackrabbit/oak/spi/security/authentication/external/impl/jmx/AbstractJmxTest.java?rev=1748603&r1=1748602&r2=1748603&view=diff
==============================================================================
---
jackrabbit/oak/trunk/oak-auth-external/src/test/java/org/apache/jackrabbit/oak/spi/security/authentication/external/impl/jmx/AbstractJmxTest.java
(original)
+++
jackrabbit/oak/trunk/oak-auth-external/src/test/java/org/apache/jackrabbit/oak/spi/security/authentication/external/impl/jmx/AbstractJmxTest.java
Wed Jun 15 16:07:25 2016
@@ -16,27 +16,15 @@
*/
package
org.apache.jackrabbit.oak.spi.security.authentication.external.impl.jmx;
-import java.util.Iterator;
import java.util.Map;
-import java.util.Set;
import javax.annotation.Nonnull;
-import javax.annotation.Nullable;
-import javax.jcr.Repository;
-import javax.jcr.RepositoryException;
-import javax.jcr.Session;
-import javax.jcr.SimpleCredentials;
-import com.google.common.base.Function;
-import com.google.common.base.Predicates;
import com.google.common.collect.ImmutableMap;
-import com.google.common.collect.Iterators;
-import com.google.common.collect.Sets;
-import org.apache.jackrabbit.api.JackrabbitSession;
import org.apache.jackrabbit.api.security.user.Authorizable;
import org.apache.jackrabbit.api.security.user.Group;
import org.apache.jackrabbit.api.security.user.User;
import org.apache.jackrabbit.api.security.user.UserManager;
-import org.apache.jackrabbit.oak.jcr.Jcr;
+import
org.apache.jackrabbit.oak.spi.security.authentication.external.AbstractExternalAuthTest;
import
org.apache.jackrabbit.oak.spi.security.authentication.external.ExternalIdentity;
import
org.apache.jackrabbit.oak.spi.security.authentication.external.ExternalIdentityProvider;
import
org.apache.jackrabbit.oak.spi.security.authentication.external.ExternalIdentityRef;
@@ -44,90 +32,24 @@ import org.apache.jackrabbit.oak.spi.sec
import
org.apache.jackrabbit.oak.spi.security.authentication.external.SyncContext;
import
org.apache.jackrabbit.oak.spi.security.authentication.external.SyncResult;
import
org.apache.jackrabbit.oak.spi.security.authentication.external.TestIdentityProvider;
-import
org.apache.jackrabbit.oak.spi.security.authentication.external.basic.DefaultSyncConfig;
import
org.apache.jackrabbit.oak.spi.security.authentication.external.basic.DefaultSyncContext;
-import org.junit.After;
import org.junit.Before;
-import org.junit.BeforeClass;
import static org.junit.Assert.assertEquals;
import static org.junit.Assert.assertNotNull;
import static org.junit.Assert.assertTrue;
-public abstract class AbstractJmxTest {
+public abstract class AbstractJmxTest extends AbstractExternalAuthTest {
- static Repository REPOSITORY;
-
- Session session;
- UserManager userManager;
-
- DefaultSyncConfig syncConfig;
-
- ExternalIdentityProvider idp;
ExternalIdentityProvider foreignIDP;
- private Set<String> ids;
-
- @BeforeClass
- public static void beforeClass() {
- REPOSITORY = new Jcr().createRepository();
- }
-
@Before
public void before() throws Exception {
- session = REPOSITORY.login(new SimpleCredentials("admin",
"admin".toCharArray()));
- if (!(session instanceof JackrabbitSession)) {
- throw new IllegalStateException();
- } else {
- userManager = ((JackrabbitSession) session).getUserManager();
- }
- ids = Sets.newHashSet(getAllAuthorizableIds(userManager));
+ super.before();
- syncConfig = new DefaultSyncConfig();
- syncConfig.user().setMembershipNestingDepth(1);
-
- idp = new TestIdentityProvider();
foreignIDP = new TestIdentityProvider("anotherIDP");
}
- @After
- public void after() throws Exception {
- try {
- session.refresh(false);
- Iterator<String> iter = getAllAuthorizableIds(userManager);
- while (iter.hasNext()) {
- String id = iter.next();
- if (!ids.remove(id)) {
- Authorizable a = userManager.getAuthorizable(id);
- if (a != null) {
- a.remove();
- }
- }
- }
- session.save();
- } finally {
- session.logout();
- }
- }
-
- private static Iterator<String> getAllAuthorizableIds(@Nonnull UserManager
userManager) throws Exception {
- Iterator<Authorizable> it =
userManager.findAuthorizables("jcr:primaryType", null);
- return Iterators.filter(Iterators.transform(it, new
Function<Authorizable, String>() {
- @Nullable
- @Override
- public String apply(Authorizable input) {
- try {
- if (input != null) {
- return input.getID();
- }
- } catch (RepositoryException e) {
- // failed to retrieve ID
- }
- return null;
- }
- }), Predicates.notNull());
- }
-
static void assertResultMessages(@Nonnull String[] resultMessages, String
uid, @Nonnull String expectedOperation) {
assertResultMessages(resultMessages, ImmutableMap.of(uid,
expectedOperation));
}
@@ -163,9 +85,14 @@ public abstract class AbstractJmxTest {
}
SyncResult sync(@Nonnull ExternalIdentity externalIdentity, @Nonnull
ExternalIdentityProvider idp) throws Exception {
- SyncContext ctx = new DefaultSyncContext(syncConfig, idp, userManager,
session.getValueFactory());
+ SyncContext ctx = new DefaultSyncContext(syncConfig, idp,
getUserManager(root), getValueFactory(root));
SyncResult res = ctx.sync(externalIdentity);
- session.save();
+ root.commit();
return res;
}
+
+ UserManager getUserManager() {
+ root.refresh();
+ return getUserManager(root);
+ }
}
\ No newline at end of file
Modified:
jackrabbit/oak/trunk/oak-auth-external/src/test/java/org/apache/jackrabbit/oak/spi/security/authentication/external/impl/jmx/DelegateeTest.java
URL:
http://svn.apache.org/viewvc/jackrabbit/oak/trunk/oak-auth-external/src/test/java/org/apache/jackrabbit/oak/spi/security/authentication/external/impl/jmx/DelegateeTest.java?rev=1748603&r1=1748602&r2=1748603&view=diff
==============================================================================
---
jackrabbit/oak/trunk/oak-auth-external/src/test/java/org/apache/jackrabbit/oak/spi/security/authentication/external/impl/jmx/DelegateeTest.java
(original)
+++
jackrabbit/oak/trunk/oak-auth-external/src/test/java/org/apache/jackrabbit/oak/spi/security/authentication/external/impl/jmx/DelegateeTest.java
Wed Jun 15 16:07:25 2016
@@ -18,29 +18,21 @@ package org.apache.jackrabbit.oak.spi.se
import java.io.IOException;
import java.io.InputStream;
-import java.io.OutputStream;
import java.lang.reflect.Field;
-import java.security.AccessControlException;
import java.util.ArrayList;
import java.util.Iterator;
import java.util.List;
+import java.util.Map;
+import javax.annotation.CheckForNull;
import javax.annotation.Nonnull;
-import javax.jcr.Credentials;
-import javax.jcr.Item;
-import javax.jcr.Node;
-import javax.jcr.Property;
-import javax.jcr.Repository;
-import javax.jcr.RepositoryException;
-import javax.jcr.Session;
-import javax.jcr.ValueFactory;
-import javax.jcr.Workspace;
-import javax.jcr.retention.RetentionManager;
-import javax.jcr.security.AccessControlManager;
import com.google.common.collect.ImmutableMap;
-import org.apache.jackrabbit.api.JackrabbitSession;
-import org.apache.jackrabbit.api.security.principal.PrincipalManager;
-import org.apache.jackrabbit.api.security.user.UserManager;
+import org.apache.jackrabbit.oak.api.Blob;
+import org.apache.jackrabbit.oak.api.CommitFailedException;
+import org.apache.jackrabbit.oak.api.ContentSession;
+import org.apache.jackrabbit.oak.api.QueryEngine;
+import org.apache.jackrabbit.oak.api.Root;
+import org.apache.jackrabbit.oak.api.Tree;
import
org.apache.jackrabbit.oak.spi.security.authentication.external.ExternalIdentityException;
import
org.apache.jackrabbit.oak.spi.security.authentication.external.ExternalIdentityProvider;
import
org.apache.jackrabbit.oak.spi.security.authentication.external.ExternalIdentityRef;
@@ -49,8 +41,6 @@ import org.apache.jackrabbit.oak.spi.sec
import
org.apache.jackrabbit.oak.spi.security.authentication.external.impl.DefaultSyncHandler;
import org.junit.Before;
import org.junit.Test;
-import org.xml.sax.ContentHandler;
-import org.xml.sax.SAXException;
import static org.junit.Assert.assertFalse;
@@ -86,17 +76,17 @@ public class DelegateeTest extends Abstr
}
private Delegatee createDelegatee(@Nonnull ExternalIdentityProvider idp) {
- return Delegatee.createInstance(REPOSITORY, new
DefaultSyncHandler(syncConfig), idp, getBatchSize());
+ return Delegatee.createInstance(getContentRepository(),
getSecurityProvider(), new DefaultSyncHandler(syncConfig), idp, getBatchSize());
}
- private static Session preventSessionSave(@Nonnull Delegatee delegatee)
throws Exception {
- Field sessionField = Delegatee.class.getDeclaredField("systemSession");
- sessionField.setAccessible(true);
+ private static Root preventRootCommit(@Nonnull Delegatee delegatee) throws
Exception {
+ Field rootField = Delegatee.class.getDeclaredField("root");
+ rootField.setAccessible(true);
- JackrabbitSession s = (JackrabbitSession) sessionField.get(delegatee);
- s.refresh(false);
- sessionField.set(delegatee, new ThrowingSession(s));
- return s;
+ Root r = (Root) rootField.get(delegatee);
+ r.refresh();
+ rootField.set(delegatee, new ThrowingRoot(r));
+ return r;
}
@Test
@@ -107,14 +97,14 @@ public class DelegateeTest extends Abstr
@Test
public void testSyncUsersBeforeSaveError() throws Exception {
- Session s = preventSessionSave(delegatee);;
+ Root r = preventRootCommit(delegatee);;
String[] result = delegatee.syncUsers(TEST_IDS, false);
assertResultMessages(result, ImmutableMap.of(
TestIdentityProvider.ID_TEST_USER, "nsa",
TestIdentityProvider.ID_SECOND_USER, "nsa",
TestIdentityProvider.ID_WILDCARD_USER, "nsa"));
- assertFalse(s.hasPendingChanges());
+ assertFalse(r.hasPendingChanges());
}
@Test
@@ -123,7 +113,7 @@ public class DelegateeTest extends Abstr
sync(foreignIDP, TestIdentityProvider.ID_SECOND_USER, false);
// don't sync ID_WILDCARD_USER
- Session s = preventSessionSave(delegatee);
+ Root r = preventRootCommit(delegatee);
String[] result = delegatee.syncUsers(new String[] {
TestIdentityProvider.ID_TEST_USER,
@@ -133,16 +123,16 @@ public class DelegateeTest extends Abstr
TestIdentityProvider.ID_TEST_USER, "ERR",
TestIdentityProvider.ID_SECOND_USER, "for",
TestIdentityProvider.ID_WILDCARD_USER, "nsa"));
- assertFalse(s.hasPendingChanges());
+ assertFalse(r.hasPendingChanges());
}
@Test
public void testSyncAllUsersBeforeSaveError() throws Exception {
- Session s = preventSessionSave(delegatee);;
+ Root r = preventRootCommit(delegatee);;
String[] result = delegatee.syncAllUsers(false);
assertResultMessages(result, ImmutableMap.<String,String>of());
- assertFalse(s.hasPendingChanges());
+ assertFalse(r.hasPendingChanges());
}
@Test
@@ -152,7 +142,7 @@ public class DelegateeTest extends Abstr
sync(new TestIdentityProvider.TestUser("third", idp.getName()), idp);
sync(foreignIDP, TestIdentityProvider.ID_WILDCARD_USER, false);
- Session s = preventSessionSave(delegatee);;
+ Root r = preventRootCommit(delegatee);;
ImmutableMap<String, String> expected = ImmutableMap.<String,
String>builder()
.put(TestIdentityProvider.ID_TEST_USER, "ERR")
@@ -166,7 +156,7 @@ public class DelegateeTest extends Abstr
String[] result = delegatee.syncAllUsers(false);
assertResultMessages(result, expected);
// NOTE: foreign user is not included in the results
- assertFalse(s.hasPendingChanges());
+ assertFalse(r.hasPendingChanges());
}
@Test
@@ -176,7 +166,7 @@ public class DelegateeTest extends Abstr
sync(new TestIdentityProvider.TestUser("third", idp.getName()), idp);
sync(foreignIDP, TestIdentityProvider.ID_WILDCARD_USER, false);
- Session s = preventSessionSave(delegatee);;
+ Root r = preventRootCommit(delegatee);;
ImmutableMap<String, String> expected = ImmutableMap.<String,
String>builder()
.put(TestIdentityProvider.ID_TEST_USER, "ERR")
@@ -190,39 +180,39 @@ public class DelegateeTest extends Abstr
String[] result = delegatee.syncAllUsers(true);
assertResultMessages(result, expected);
// NOTE: foreign user is not included in the results
- assertFalse(s.hasPendingChanges());
+ assertFalse(r.hasPendingChanges());
}
@Test
public void testSyncNonExistingExternalUserSaveError() throws Exception {
- Session s = preventSessionSave(delegatee);;
+ Root r = preventRootCommit(delegatee);;
String[] result = delegatee.syncExternalUsers(new String[] {new
ExternalIdentityRef("nonExisting", idp.getName()).getString()});
assertResultMessages(result, "", "nsi");
- assertFalse(s.hasPendingChanges());
+ assertFalse(r.hasPendingChanges());
}
@Test
public void testSyncForeignExternalUserSaveError() throws Exception {
- Session s = preventSessionSave(delegatee);;
+ Root r = preventRootCommit(delegatee);;
String[] result = delegatee.syncExternalUsers(new String[] {new
ExternalIdentityRef(TestIdentityProvider.ID_TEST_USER,
foreignIDP.getName()).getString()});
assertResultMessages(result, TestIdentityProvider.ID_TEST_USER, "for");
- assertFalse(s.hasPendingChanges());
+ assertFalse(r.hasPendingChanges());
}
@Test
public void testSyncThrowingExternalUserSaveError() throws Exception {
- Session s = preventSessionSave(delegatee);;
+ Root r = preventRootCommit(delegatee);;
String[] result = delegatee.syncExternalUsers(new String[] {new
ExternalIdentityRef(TestIdentityProvider.ID_EXCEPTION,
idp.getName()).getString()});
assertResultMessages(result, TestIdentityProvider.ID_EXCEPTION, "ERR");
- assertFalse(s.hasPendingChanges());
+ assertFalse(r.hasPendingChanges());
}
@Test
public void testSyncExternalUsersSaveError() throws Exception {
- Session s = preventSessionSave(delegatee);;
+ Root r = preventRootCommit(delegatee);;
List<String> externalIds = new ArrayList();
for (String id : TEST_IDS) {
@@ -233,19 +223,19 @@ public class DelegateeTest extends Abstr
TestIdentityProvider.ID_TEST_USER, "ERR",
TestIdentityProvider.ID_SECOND_USER, "ERR",
TestIdentityProvider.ID_WILDCARD_USER, "ERR"));
- assertFalse(s.hasPendingChanges());
+ assertFalse(r.hasPendingChanges());
}
@Test
public void testSyncAllExternalUsersSaveError() throws Exception {
- Session s = preventSessionSave(delegatee);;
+ Root r = preventRootCommit(delegatee);;
String[] result = delegatee.syncAllExternalUsers();
assertResultMessages(result, ImmutableMap.of(
TestIdentityProvider.ID_TEST_USER, "ERR",
TestIdentityProvider.ID_SECOND_USER, "ERR",
TestIdentityProvider.ID_WILDCARD_USER, "ERR"));
- assertFalse(s.hasPendingChanges());
+ assertFalse(r.hasPendingChanges());
}
@@ -269,256 +259,81 @@ public class DelegateeTest extends Abstr
sync(new TestIdentityProvider.TestUser("forth", idp.getName()), idp);
sync(idp, TestIdentityProvider.ID_TEST_USER, false);
- Session s = preventSessionSave(delegatee);;
+ Root r = preventRootCommit(delegatee);;
String[] result = delegatee.purgeOrphanedUsers();
assertResultMessages(result, ImmutableMap.of(
"third", "ERR",
"forth", "ERR"));
- assertFalse(s.hasPendingChanges());
+ assertFalse(r.hasPendingChanges());
}
- private static final class ThrowingSession implements JackrabbitSession {
+ private static final class ThrowingRoot implements Root {
- private JackrabbitSession base;
+ private Root base;
- private ThrowingSession(@Nonnull JackrabbitSession session) {
- this.base = session;
- }
- @Override
- public boolean hasPermission(@Nonnull String s, @Nonnull String...
strings) throws RepositoryException {
- return base.hasPermission(s, strings);
- }
-
- @Override
- public PrincipalManager getPrincipalManager() throws
RepositoryException {
- return base.getPrincipalManager();
- }
-
- @Override
- public UserManager getUserManager() throws RepositoryException {
- return base.getUserManager();
- }
-
- @Override
- public Item getItemOrNull(String s) throws RepositoryException {
- return base.getItemOrNull(s);
- }
-
- @Override
- public Property getPropertyOrNull(String s) throws RepositoryException
{
- return base.getPropertyOrNull(s);
- }
-
- @Override
- public Node getNodeOrNull(String s) throws RepositoryException {
- return getNodeOrNull(s);
- }
-
- @Override
- public Repository getRepository() {
- return base.getRepository();
- }
-
- @Override
- public String getUserID() {
- return base.getUserID();
- }
-
- @Override
- public String[] getAttributeNames() {
- return base.getAttributeNames();
- }
-
- @Override
- public Object getAttribute(String name) {
- return base.getAttribute(name);
- }
-
- @Override
- public Workspace getWorkspace() {
- return base.getWorkspace();
- }
-
- @Override
- public Node getRootNode() throws RepositoryException {
- return base.getRootNode();
- }
-
- @Override
- public Session impersonate(Credentials credentials) throws
RepositoryException {
- return base.impersonate(credentials);
- }
-
- @Override
- public Node getNodeByUUID(String uuid) throws RepositoryException {
- return base.getNodeByUUID(uuid);
- }
-
- @Override
- public Node getNodeByIdentifier(String id) throws RepositoryException {
- return base.getNodeByIdentifier(id);
- }
-
- @Override
- public Item getItem(String absPath) throws RepositoryException {
- return base.getItem(absPath);
- }
-
- @Override
- public Node getNode(String absPath) throws RepositoryException {
- return base.getNode(absPath);
- }
-
- @Override
- public Property getProperty(String absPath) throws RepositoryException
{
- return base.getProperty(absPath);
- }
-
- @Override
- public boolean itemExists(String absPath) throws RepositoryException {
- return base.itemExists(absPath);
+ private ThrowingRoot(@Nonnull Root base) {
+ this.base = base;
}
@Override
- public boolean nodeExists(String absPath) throws RepositoryException {
- return base.nodeExists(absPath);
+ public boolean move(String srcAbsPath, String destAbsPath) {
+ return base.move(srcAbsPath, destAbsPath);
}
+ @Nonnull
@Override
- public boolean propertyExists(String absPath) throws
RepositoryException {
- return base.propertyExists(absPath);
+ public Tree getTree(@Nonnull String path) {
+ return base.getTree(path);
}
@Override
- public void move(String srcAbsPath, String destAbsPath) throws
RepositoryException {
- base.move(srcAbsPath, destAbsPath);
+ public void rebase() {
+ base.rebase();
}
@Override
- public void removeItem(String absPath) throws RepositoryException {
- base.removeItem(absPath);
+ public void refresh() {
+ base.refresh();
}
@Override
- public void save() throws RepositoryException {
- throw new RepositoryException();
-
+ public void commit() throws CommitFailedException {
+ commit(ImmutableMap.<String, Object>of());
}
@Override
- public void refresh(boolean keepChanges) throws RepositoryException {
- base.refresh(keepChanges);
+ public void commit(@Nonnull Map<String, Object> info) throws
CommitFailedException {
+ throw new CommitFailedException(CommitFailedException.OAK, 0,
"failed");
}
@Override
- public boolean hasPendingChanges() throws RepositoryException {
+ public boolean hasPendingChanges() {
return base.hasPendingChanges();
}
+ @Nonnull
@Override
- public ValueFactory getValueFactory() throws RepositoryException {
- return base.getValueFactory();
- }
-
- @Override
- public boolean hasPermission(String absPath, String actions) throws
RepositoryException {
- return base.hasPermission(absPath, actions);
- }
-
- @Override
- public void checkPermission(String absPath, String actions) throws
AccessControlException, RepositoryException {
- base.checkPermission(absPath, actions);
- }
-
- @Override
- public boolean hasCapability(String methodName, Object target,
Object[] arguments) throws RepositoryException {
- return base.hasCapability(methodName, target, arguments);
- }
-
- @Override
- public ContentHandler getImportContentHandler(String parentAbsPath,
int uuidBehavior) throws RepositoryException {
- return base.getImportContentHandler(parentAbsPath, uuidBehavior);
- }
-
- @Override
- public void importXML(String parentAbsPath, InputStream in, int
uuidBehavior) throws IOException, RepositoryException {
- base.importXML(parentAbsPath, in, uuidBehavior);
- }
-
- @Override
- public void exportSystemView(String absPath, ContentHandler
contentHandler, boolean skipBinary, boolean noRecurse) throws SAXException,
RepositoryException {
- base.exportSystemView(absPath, contentHandler, skipBinary,
noRecurse);
- }
-
- @Override
- public void exportSystemView(String absPath, OutputStream out, boolean
skipBinary, boolean noRecurse) throws IOException, RepositoryException {
- base.exportSystemView(absPath, out, skipBinary, noRecurse);
- }
-
- @Override
- public void exportDocumentView(String absPath, ContentHandler
contentHandler, boolean skipBinary, boolean noRecurse) throws SAXException,
RepositoryException {
- base.exportDocumentView(absPath, contentHandler, skipBinary,
noRecurse);
- }
-
- @Override
- public void exportDocumentView(String absPath, OutputStream out,
boolean skipBinary, boolean noRecurse) throws IOException, RepositoryException {
- base.exportDocumentView(absPath, out, skipBinary, noRecurse);
- }
-
- @Override
- public void setNamespacePrefix(String prefix, String uri) throws
RepositoryException {
- base.setNamespacePrefix(prefix, uri);
- }
-
- @Override
- public String[] getNamespacePrefixes() throws RepositoryException {
- return base.getNamespacePrefixes();
- }
-
- @Override
- public String getNamespaceURI(String prefix) throws
RepositoryException {
- return base.getNamespaceURI(prefix);
- }
-
- @Override
- public String getNamespacePrefix(String uri) throws
RepositoryException {
- return base.getNamespacePrefix(uri);
- }
-
- @Override
- public void logout() {
- base.logout();
- }
-
- @Override
- public boolean isLive() {
- return base.isLive();
- }
-
- @Override
- public void addLockToken(String lt) {
- base.addLockToken(lt);
- }
-
- @Override
- public String[] getLockTokens() {
- return base.getLockTokens();
+ public QueryEngine getQueryEngine() {
+ return base.getQueryEngine();
}
+ @Nonnull
@Override
- public void removeLockToken(String lt) {
- base.removeLockToken(lt);
+ public Blob createBlob(@Nonnull InputStream stream) throws IOException
{
+ return base.createBlob(stream);
}
+ @CheckForNull
@Override
- public AccessControlManager getAccessControlManager() throws
RepositoryException {
- return base.getAccessControlManager();
+ public Blob getBlob(@Nonnull String reference) {
+ return base.getBlob(reference);
}
+ @Nonnull
@Override
- public RetentionManager getRetentionManager() throws
RepositoryException {
- return base.getRetentionManager();
+ public ContentSession getContentSession() {
+ return base.getContentSession();
}
}
}
\ No newline at end of file
Added:
jackrabbit/oak/trunk/oak-auth-external/src/test/java/org/apache/jackrabbit/oak/spi/security/authentication/external/impl/jmx/SynMBeanImplOSGiTest.java
URL:
http://svn.apache.org/viewvc/jackrabbit/oak/trunk/oak-auth-external/src/test/java/org/apache/jackrabbit/oak/spi/security/authentication/external/impl/jmx/SynMBeanImplOSGiTest.java?rev=1748603&view=auto
==============================================================================
---
jackrabbit/oak/trunk/oak-auth-external/src/test/java/org/apache/jackrabbit/oak/spi/security/authentication/external/impl/jmx/SynMBeanImplOSGiTest.java
(added)
+++
jackrabbit/oak/trunk/oak-auth-external/src/test/java/org/apache/jackrabbit/oak/spi/security/authentication/external/impl/jmx/SynMBeanImplOSGiTest.java
Wed Jun 15 16:07:25 2016
@@ -0,0 +1,145 @@
+/*
+ * Licensed to the Apache Software Foundation (ASF) under one or more
+ * contributor license agreements. See the NOTICE file distributed with
+ * this work for additional information regarding copyright ownership.
+ * The ASF licenses this file to You under the Apache License, Version 2.0
+ * (the "License"); you may not use this file except in compliance with
+ * the License. You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+package
org.apache.jackrabbit.oak.spi.security.authentication.external.impl.jmx;
+
+import java.lang.reflect.Field;
+import javax.security.auth.login.AppConfigurationEntry;
+import javax.security.auth.login.Configuration;
+
+import org.apache.felix.jaas.boot.ProxyLoginModule;
+import org.apache.jackrabbit.oak.Oak;
+import org.apache.jackrabbit.oak.api.ContentRepository;
+import org.apache.jackrabbit.oak.spi.security.SecurityProvider;
+import
org.apache.jackrabbit.oak.spi.security.authentication.external.ExternalIdentityProviderManager;
+import
org.apache.jackrabbit.oak.spi.security.authentication.external.ExternalLoginModuleTestBase;
+import
org.apache.jackrabbit.oak.spi.security.authentication.external.SyncManager;
+import
org.apache.jackrabbit.oak.spi.security.authentication.external.impl.ExternalIDPManagerImpl;
+import
org.apache.jackrabbit.oak.spi.security.authentication.external.impl.ExternalLoginModuleFactory;
+import
org.apache.jackrabbit.oak.spi.security.authentication.external.impl.SyncManagerImpl;
+import org.apache.sling.testing.mock.osgi.MockOsgi;
+import org.apache.sling.testing.mock.osgi.junit.OsgiContext;
+import org.junit.Rule;
+import org.junit.Test;
+
+import static org.junit.Assert.assertNotNull;
+import static org.junit.Assert.assertNull;
+
+public class SynMBeanImplOSGiTest extends ExternalLoginModuleTestBase {
+
+ @Rule
+ public final OsgiContext context = new OsgiContext();
+
+ private ExternalLoginModuleFactory externalLoginModuleFactory;
+
+ @Override
+ public void before() throws Exception {
+ super.before();
+
+ context.registerService(SyncManager.class, new
SyncManagerImpl(whiteboard));
+ context.registerService(ExternalIdentityProviderManager.class, new
ExternalIDPManagerImpl(whiteboard));
+
+ externalLoginModuleFactory = new ExternalLoginModuleFactory();
+
+ context.registerInjectActivateService(externalLoginModuleFactory);
+ assertSyncBeanRegistration(externalLoginModuleFactory, false);
+ }
+
+ @Override
+ protected Oak withEditors(Oak oak) {
+ super.withEditors(oak);
+ //Just grab the whiteboard but do not register any manager here
+ //This would ensure that LoginModule would only work if the required
managers
+ //are preset
+ whiteboard = oak.getWhiteboard();
+ return oak;
+ }
+
+ protected Configuration getConfiguration() {
+ return new Configuration() {
+ @Override
+ public AppConfigurationEntry[] getAppConfigurationEntry(String s) {
+ AppConfigurationEntry entry = new AppConfigurationEntry(
+ //Use ProxyLoginModule so that factory mode can be used
+ ProxyLoginModule.class.getName(),
+ AppConfigurationEntry.LoginModuleControlFlag.REQUIRED,
+ options);
+ return new AppConfigurationEntry[]{entry};
+ }
+ };
+ }
+
+ @Test
+ public void testRegisterContentRepository() throws Exception {
+ context.registerService(ContentRepository.class,
getContentRepository());
+ assertSyncBeanRegistration(externalLoginModuleFactory, false);
+ }
+
+ @Test
+ public void testRegisterSecurityProvider() throws Exception {
+ context.registerService(SecurityProvider.class, getSecurityProvider());
+ assertSyncBeanRegistration(externalLoginModuleFactory, false);
+ }
+
+ @Test
+ public void testContentRepositoryAndSecurityProviderServices() throws
Exception {
+ context.registerService(ContentRepository.class,
getContentRepository());
+ context.registerService(SecurityProvider.class, getSecurityProvider());
+ assertSyncBeanRegistration(externalLoginModuleFactory, true);
+ }
+
+ @Test
+ public void testBind() throws Exception {
+ externalLoginModuleFactory.bindSecurityProvider(getSecurityProvider());
+ assertSyncBeanRegistration(externalLoginModuleFactory, false);
+
+
externalLoginModuleFactory.bindContentRepository(getContentRepository());
+ assertSyncBeanRegistration(externalLoginModuleFactory, true);
+ }
+
+ @Test
+ public void testUnbind() throws Exception {
+ externalLoginModuleFactory.bindSecurityProvider(getSecurityProvider());
+
externalLoginModuleFactory.bindContentRepository(getContentRepository());
+
+
externalLoginModuleFactory.unbindContentRepository(getContentRepository());
+ assertSyncBeanRegistration(externalLoginModuleFactory, false);
+
+
externalLoginModuleFactory.unbindSecurityProvider(getSecurityProvider());
+ assertSyncBeanRegistration(externalLoginModuleFactory, false);
+ }
+
+ @Test
+ public void testDeactivateFactory() throws Exception {
+ context.registerService(ContentRepository.class,
getContentRepository());
+ context.registerService(SecurityProvider.class, getSecurityProvider());
+
+ MockOsgi.deactivate(externalLoginModuleFactory);
+ assertSyncBeanRegistration(externalLoginModuleFactory, false);
+ }
+
+ private static void assertSyncBeanRegistration(ExternalLoginModuleFactory
externalLoginModuleFactory, boolean exists) throws Exception {
+ Field f =
ExternalLoginModuleFactory.class.getDeclaredField("mbeanRegistration");
+ f.setAccessible(true);
+
+ Object mbeanRegistration = f.get(externalLoginModuleFactory);
+ if (exists) {
+ assertNotNull(mbeanRegistration);
+ } else {
+ assertNull(mbeanRegistration);
+ }
+ }
+}
\ No newline at end of file
Modified:
jackrabbit/oak/trunk/oak-auth-external/src/test/java/org/apache/jackrabbit/oak/spi/security/authentication/external/impl/jmx/SyncMBeanImplTest.java
URL:
http://svn.apache.org/viewvc/jackrabbit/oak/trunk/oak-auth-external/src/test/java/org/apache/jackrabbit/oak/spi/security/authentication/external/impl/jmx/SyncMBeanImplTest.java?rev=1748603&r1=1748602&r2=1748603&view=diff
==============================================================================
---
jackrabbit/oak/trunk/oak-auth-external/src/test/java/org/apache/jackrabbit/oak/spi/security/authentication/external/impl/jmx/SyncMBeanImplTest.java
(original)
+++
jackrabbit/oak/trunk/oak-auth-external/src/test/java/org/apache/jackrabbit/oak/spi/security/authentication/external/impl/jmx/SyncMBeanImplTest.java
Wed Jun 15 16:07:25 2016
@@ -95,7 +95,8 @@ public class SyncMBeanImplTest extends A
}
}
};
- syncMBean = new SyncMBeanImpl(REPOSITORY, syncMgr, SYNC_NAME, idpMgr,
idp.getName());
+
+ syncMBean = createSyncMBeanImpl(SYNC_NAME, idp.getName());
}
private Map<String, String> getExpectedUserResult(String expectedOp,
boolean includeGroups) throws ExternalIdentityException {
@@ -113,9 +114,13 @@ public class SyncMBeanImplTest extends A
return expected;
}
+ private SyncMBeanImpl createSyncMBeanImpl(@Nonnull String syncHandlerName,
@Nonnull String idpName) {
+ return new SyncMBeanImpl(getContentRepository(),
getSecurityProvider(), syncMgr, syncHandlerName, idpMgr, idpName);
+ }
+
private SyncMBeanImpl createThrowingSyncMBean(boolean allowListIdentities)
{
String name = (allowListIdentities) ?
ThrowingSyncHandler.NAME_ALLOWS_IDENTITY_LISTING : ThrowingSyncHandler.NAME;
- return new SyncMBeanImpl(REPOSITORY, syncMgr, name, idpMgr,
idp.getName());
+ return new SyncMBeanImpl(getContentRepository(),
getSecurityProvider(), syncMgr, name, idpMgr, idp.getName());
}
@Test
@@ -125,7 +130,7 @@ public class SyncMBeanImplTest extends A
@Test
public void testInvalidSyncHandlerName() {
- SyncMBeanImpl syncMBean = new SyncMBeanImpl(REPOSITORY, syncMgr,
"invalid", idpMgr, idp.getName());
+ SyncMBeanImpl syncMBean = createSyncMBeanImpl("invalid",
idp.getName());
assertEquals("invalid", syncMBean.getSyncHandlerName());
// calling any sync-operation must fail due to the invalid
configuration
@@ -144,7 +149,7 @@ public class SyncMBeanImplTest extends A
@Test
public void testInvalidIDPName() {
- SyncMBeanImpl syncMBean = new SyncMBeanImpl(REPOSITORY, syncMgr,
SYNC_NAME, idpMgr, "invalid");
+ SyncMBeanImpl syncMBean = createSyncMBeanImpl(SYNC_NAME, "invalid");
assertEquals("invalid", syncMBean.getIDPName());
// calling any sync-operation must fail due to the invalid
configuration
@@ -210,6 +215,7 @@ public class SyncMBeanImplTest extends A
sync(new TestIdentityProvider.TestUser("thirdUser", idp.getName()),
idp);
sync(new TestIdentityProvider.TestGroup("gr", idp.getName()), idp);
+ UserManager userManager = getUserManager();
Authorizable[] authorizables = new Authorizable[] {
userManager.getAuthorizable("thirdUser"),
userManager.getAuthorizable("gr")
@@ -223,7 +229,7 @@ public class SyncMBeanImplTest extends A
result = syncMBean.syncUsers(ids, true);
assertResultMessages(result, a.getID(), "del");
- assertNull(userManager.getAuthorizable(a.getID()));
+ assertNull(getUserManager().getAuthorizable(a.getID()));
}
}
@@ -244,43 +250,43 @@ public class SyncMBeanImplTest extends A
String[] result = syncMBean.syncUsers(new String[]
{UserConstants.DEFAULT_ANONYMOUS_ID}, true);
assertResultMessages(result, UserConstants.DEFAULT_ANONYMOUS_ID,
"for");
-
assertNotNull(userManager.getAuthorizable(UserConstants.DEFAULT_ANONYMOUS_ID));
+
assertNotNull(getUserManager().getAuthorizable(UserConstants.DEFAULT_ANONYMOUS_ID));
}
@Test
public void testSyncUsersForeign() throws Exception {
// sync user from foreign IDP into the repository
SyncResult res = sync(foreignIDP, TestIdentityProvider.ID_TEST_USER,
false);
-
assertNotNull(userManager.getAuthorizable(TestIdentityProvider.ID_TEST_USER));
+
assertNotNull(getUserManager().getAuthorizable(TestIdentityProvider.ID_TEST_USER));
assertEquals(foreignIDP.getUser(TestIdentityProvider.ID_TEST_USER).getExternalId(),
res.getIdentity().getExternalIdRef());
// syncUsers with testIDP must detect the foreign status
String[] result = syncMBean.syncUsers(new
String[]{TestIdentityProvider.ID_TEST_USER}, false);
assertResultMessages(result, TestIdentityProvider.ID_TEST_USER, "for");
-
assertNotNull(userManager.getAuthorizable(TestIdentityProvider.ID_TEST_USER));
+
assertNotNull(getUserManager().getAuthorizable(TestIdentityProvider.ID_TEST_USER));
// same expected with 'purge' set to true
result = syncMBean.syncUsers(new String[]
{TestIdentityProvider.ID_TEST_USER}, true);
assertResultMessages(result, TestIdentityProvider.ID_TEST_USER, "for");
-
assertNotNull(userManager.getAuthorizable(TestIdentityProvider.ID_TEST_USER));
+
assertNotNull(getUserManager().getAuthorizable(TestIdentityProvider.ID_TEST_USER));
}
@Test
public void testSyncGroupsForeign() throws Exception {
// sync user from foreign IDP into the repository
SyncResult res = sync(foreignIDP, "a", true);
- assertNotNull(userManager.getAuthorizable("a"));
+ assertNotNull(getUserManager().getAuthorizable("a"));
assertEquals(foreignIDP.getGroup("a").getExternalId(),
res.getIdentity().getExternalIdRef());
// syncUsers with testIDP must detect the foreign status
String[] result = syncMBean.syncUsers(new String[]{"a"}, false);
assertResultMessages(result, "a", "for");
- assertNotNull(userManager.getAuthorizable("a"));
+ assertNotNull(getUserManager().getAuthorizable("a"));
// same expected with 'purge' set to true
result = syncMBean.syncUsers(new String[] {"a"}, true);
assertResultMessages(result, "a", "for");
- assertNotNull(userManager.getAuthorizable("a"));
+ assertNotNull(getUserManager().getAuthorizable("a"));
}
/**
@@ -288,9 +294,9 @@ public class SyncMBeanImplTest extends A
*/
@Test
public void testSyncUserException() throws Exception {
- User u = userManager.createUser(TestIdentityProvider.ID_EXCEPTION,
null);
- u.setProperty(DefaultSyncContext.REP_EXTERNAL_ID,
session.getValueFactory().createValue(new
ExternalIdentityRef(TestIdentityProvider.ID_EXCEPTION,
idp.getName()).getString()));
- session.save();
+ User u =
getUserManager().createUser(TestIdentityProvider.ID_EXCEPTION, null);
+ u.setProperty(DefaultSyncContext.REP_EXTERNAL_ID,
getValueFactory().createValue(new
ExternalIdentityRef(TestIdentityProvider.ID_EXCEPTION,
idp.getName()).getString()));
+ root.commit();
String[] result = syncMBean.syncUsers(new
String[]{TestIdentityProvider.ID_EXCEPTION}, false);
assertResultMessages(result, TestIdentityProvider.ID_EXCEPTION, "ERR");
@@ -312,6 +318,7 @@ public class SyncMBeanImplTest extends A
String[] result = syncMBean.syncExternalUsers(externalId);
assertResultMessages(result, TestIdentityProvider.ID_TEST_USER, "add");
+ UserManager userManager = getUserManager();
User testUser = userManager.getAuthorizable(externalUser.getId(),
User.class);
assertNotNull(testUser);
@@ -330,6 +337,7 @@ public class SyncMBeanImplTest extends A
String[] result = syncMBean.syncExternalUsers(externalId);
assertResultMessages(result, TestIdentityProvider.ID_TEST_USER, "add");
+ UserManager userManager = getUserManager();
User testUser = userManager.getAuthorizable(externalUser.getId(),
User.class);
assertNotNull(testUser);
@@ -344,6 +352,7 @@ public class SyncMBeanImplTest extends A
String[] externalId = new
String[]{externalUser.getExternalId().getString()};
syncMBean.syncExternalUsers(externalId);
+ UserManager userManager = getUserManager();
User testUser = userManager.getAuthorizable(externalUser.getId(),
User.class);
long lastSynced =
testUser.getProperty(DefaultSyncContext.REP_LAST_SYNCED)[0].getLong();
@@ -360,6 +369,7 @@ public class SyncMBeanImplTest extends A
// default value for forceGroup sync is defined to be 'true' => verify
result
syncMBean.syncExternalUsers(externalId);
+ userManager = getUserManager();
testUser = userManager.getAuthorizable(externalUser.getId(),
User.class);
long lastSynced2 =
testUser.getProperty(DefaultSyncContext.REP_LAST_SYNCED)[0].getLong();
@@ -380,6 +390,7 @@ public class SyncMBeanImplTest extends A
String[] result = syncMBean.syncExternalUsers(externalId);
assertResultMessages(result, "a", "add");
+ UserManager userManager = getUserManager();
Group aGroup = userManager.getAuthorizable(externalGroup.getId(),
Group.class);
assertNotNull(aGroup);
@@ -455,6 +466,8 @@ public class SyncMBeanImplTest extends A
Map<String, String> expected = getExpectedUserResult("upd", true);
assertResultMessages(result, expected);
+
+ UserManager userManager = getUserManager();
for (String id : expected.keySet()) {
ExternalIdentity ei = idp.getUser(id);
if (ei == null) {
@@ -479,6 +492,7 @@ public class SyncMBeanImplTest extends A
String[] result = syncMBean.syncAllUsers(false);
assertResultMessages(result, expected);
+ UserManager userManager = getUserManager();
for (String id : expected.keySet()) {
ExternalIdentity ei = idp.getGroup(id);
assertSync(ei, userManager);
@@ -495,6 +509,7 @@ public class SyncMBeanImplTest extends A
String[] result = syncMBean.syncAllUsers(false);
assertResultMessages(result, ImmutableMap.of("thirdUser", "mis", "g",
"mis"));
+ UserManager userManager = getUserManager();
assertNotNull(userManager.getAuthorizable("thirdUser"));
assertNotNull(userManager.getAuthorizable("g"));
}
@@ -509,6 +524,7 @@ public class SyncMBeanImplTest extends A
String[] result = syncMBean.syncAllUsers(true);
assertResultMessages(result, ImmutableMap.of("thirdUser", "del", "g",
"del"));
+ UserManager userManager = getUserManager();
assertNull(userManager.getAuthorizable("thirdUser"));
assertNull(userManager.getAuthorizable("g"));
}
@@ -534,6 +550,7 @@ public class SyncMBeanImplTest extends A
idp.getGroup("a"),
foreignIDP.getGroup("aa")
};
+ UserManager userManager = getUserManager();
for (ExternalIdentity externalIdentity : expectedIds) {
assertSync(externalIdentity, userManager);
}
@@ -541,9 +558,9 @@ public class SyncMBeanImplTest extends A
@Test
public void testSyncAllUsersException() throws Exception {
- User u = userManager.createUser(TestIdentityProvider.ID_EXCEPTION,
null);
- u.setProperty(DefaultSyncContext.REP_EXTERNAL_ID,
session.getValueFactory().createValue(new
ExternalIdentityRef(TestIdentityProvider.ID_EXCEPTION,
idp.getName()).getString()));
- session.save();
+ User u =
getUserManager().createUser(TestIdentityProvider.ID_EXCEPTION, null);
+ u.setProperty(DefaultSyncContext.REP_EXTERNAL_ID,
getValueFactory().createValue(new
ExternalIdentityRef(TestIdentityProvider.ID_EXCEPTION,
idp.getName()).getString()));
+ root.commit();
String[] result = syncMBean.syncAllUsers(false);
assertResultMessages(result, TestIdentityProvider.ID_EXCEPTION, "ERR");
@@ -574,6 +591,7 @@ public class SyncMBeanImplTest extends A
Map<String, String> expected = getExpectedUserResult("add", false);
assertResultMessages(result, expected);
+ UserManager userManager = getUserManager();
for (String id : expected.keySet()) {
ExternalIdentity ei = idp.getUser(id);
if (ei == null) {
@@ -594,6 +612,7 @@ public class SyncMBeanImplTest extends A
Map<String, String> expected = getExpectedUserResult("upd", false);
assertResultMessages(result, expected);
+ UserManager userManager = getUserManager();
for (String id : expected.keySet()) {
ExternalIdentity ei = idp.getUser(id);
if (ei == null) {
@@ -637,9 +656,9 @@ public class SyncMBeanImplTest extends A
@Test
public void testListOrphanedUsersException () throws Exception {
- User u = userManager.createUser(TestIdentityProvider.ID_EXCEPTION,
null);
- u.setProperty(DefaultSyncContext.REP_EXTERNAL_ID,
session.getValueFactory().createValue(new
ExternalIdentityRef(TestIdentityProvider.ID_EXCEPTION,
idp.getName()).getString()));
- session.save();
+ User u =
getUserManager().createUser(TestIdentityProvider.ID_EXCEPTION, null);
+ u.setProperty(DefaultSyncContext.REP_EXTERNAL_ID,
getValueFactory().createValue(new
ExternalIdentityRef(TestIdentityProvider.ID_EXCEPTION,
idp.getName()).getString()));
+ root.commit();
String[] result = syncMBean.listOrphanedUsers();
assertEquals(0, result.length);
@@ -676,6 +695,7 @@ public class SyncMBeanImplTest extends A
String[] result = syncMBean.purgeOrphanedUsers();
assertResultMessages(result, ImmutableMap.of("thirdUser", "del", "g",
"del"));
+ UserManager userManager = getUserManager();
assertNull(userManager.getAuthorizable("thirdUser"));
assertNull(userManager.getAuthorizable("g"));
}
@@ -691,9 +711,9 @@ public class SyncMBeanImplTest extends A
@Test
public void testPurgeOrphanedUsersException() throws Exception {
- User u = userManager.createUser(TestIdentityProvider.ID_EXCEPTION,
null);
- u.setProperty(DefaultSyncContext.REP_EXTERNAL_ID,
session.getValueFactory().createValue(new
ExternalIdentityRef(TestIdentityProvider.ID_EXCEPTION,
idp.getName()).getString()));
- session.save();
+ User u =
getUserManager().createUser(TestIdentityProvider.ID_EXCEPTION, null);
+ u.setProperty(DefaultSyncContext.REP_EXTERNAL_ID,
getValueFactory().createValue(new
ExternalIdentityRef(TestIdentityProvider.ID_EXCEPTION,
idp.getName()).getString()));
+ root.commit();
String[] result = syncMBean.purgeOrphanedUsers();
assertEquals(0, result.length);
@@ -706,6 +726,8 @@ public class SyncMBeanImplTest extends A
String[] result = createThrowingSyncMBean(false).purgeOrphanedUsers();
assertEquals(0, result.length);
+
+ UserManager userManager = getUserManager();
assertNotNull(userManager.getAuthorizable("thirdUser"));
assertNotNull(userManager.getAuthorizable("g"));
}
@@ -720,6 +742,8 @@ public class SyncMBeanImplTest extends A
String[] result = createThrowingSyncMBean(true).purgeOrphanedUsers();
assertResultMessages(result, ImmutableMap.of("thirdUser", "ERR", "g",
"ERR"));
+
+ UserManager userManager = getUserManager();
assertNotNull(userManager.getAuthorizable("thirdUser"));
assertNotNull(userManager.getAuthorizable("g"));
}
