Author: baedke
Date: Tue Sep 20 15:50:39 2016
New Revision: 1761598
URL: http://svn.apache.org/viewvc?rev=1761598&view=rev
Log:
OAK-4820: oak-auth-external can't handle full-width logins
The UsernameCaseMapped profile defined in RFC7613 may now optionally be enabled
for username comparison and/or username normalization.
Modified:
jackrabbit/oak/trunk/oak-auth-external/src/main/java/org/apache/jackrabbit/oak/spi/security/authentication/external/basic/DefaultSyncConfig.java
jackrabbit/oak/trunk/oak-auth-external/src/main/java/org/apache/jackrabbit/oak/spi/security/authentication/external/basic/DefaultSyncContext.java
jackrabbit/oak/trunk/oak-auth-external/src/main/java/org/apache/jackrabbit/oak/spi/security/authentication/external/basic/package-info.java
jackrabbit/oak/trunk/oak-auth-external/src/main/java/org/apache/jackrabbit/oak/spi/security/authentication/external/impl/DefaultSyncConfigImpl.java
jackrabbit/oak/trunk/oak-core/src/main/java/org/apache/jackrabbit/oak/security/user/AuthorizableBaseProvider.java
jackrabbit/oak/trunk/oak-core/src/main/java/org/apache/jackrabbit/oak/security/user/GroupImpl.java
jackrabbit/oak/trunk/oak-core/src/main/java/org/apache/jackrabbit/oak/security/user/UserConfigurationImpl.java
jackrabbit/oak/trunk/oak-core/src/main/java/org/apache/jackrabbit/oak/security/user/UserProvider.java
jackrabbit/oak/trunk/oak-core/src/main/java/org/apache/jackrabbit/oak/security/user/UserValidator.java
jackrabbit/oak/trunk/oak-core/src/main/java/org/apache/jackrabbit/oak/spi/security/user/UserConstants.java
jackrabbit/oak/trunk/oak-core/src/main/java/org/apache/jackrabbit/oak/spi/security/user/package-info.java
jackrabbit/oak/trunk/oak-core/src/test/java/org/apache/jackrabbit/oak/security/user/AddMembersByIdBestEffortTest.java
jackrabbit/oak/trunk/oak-core/src/test/java/org/apache/jackrabbit/oak/security/user/MembershipProviderTest.java
jackrabbit/oak/trunk/oak-core/src/test/java/org/apache/jackrabbit/oak/security/user/UserValidatorTest.java
Modified:
jackrabbit/oak/trunk/oak-auth-external/src/main/java/org/apache/jackrabbit/oak/spi/security/authentication/external/basic/DefaultSyncConfig.java
URL:
http://svn.apache.org/viewvc/jackrabbit/oak/trunk/oak-auth-external/src/main/java/org/apache/jackrabbit/oak/spi/security/authentication/external/basic/DefaultSyncConfig.java?rev=1761598&r1=1761597&r2=1761598&view=diff
==============================================================================
---
jackrabbit/oak/trunk/oak-auth-external/src/main/java/org/apache/jackrabbit/oak/spi/security/authentication/external/basic/DefaultSyncConfig.java
(original)
+++
jackrabbit/oak/trunk/oak-auth-external/src/main/java/org/apache/jackrabbit/oak/spi/security/authentication/external/basic/DefaultSyncConfig.java
Tue Sep 20 15:50:39 2016
@@ -87,6 +87,8 @@ public class DefaultSyncConfig {
private String pathPrefix;
+ private boolean applyRFC7613UsernameCaseMapped;
+
/**
* Returns the duration in milliseconds until a synced authorizable
gets expired. An expired authorizable will
* be re-synced.
@@ -108,6 +110,27 @@ public class DefaultSyncConfig {
return this;
}
+ /**
+ * Returns true if new AuthorizableIDs will be normalized according to
+ * the UsernameCaseMapped profile defined in RFC7613
+ * @return true if new AuthorizableIDs will be normalized.
+ */
+ public boolean isApplyRFC7613UsernameCaseMapped() {
+ return applyRFC7613UsernameCaseMapped;
+ }
+
+ /**
+ * Set to true if new AuthorizableIDs shall be normalized according to
+ * the UsernameCaseMapped profile defined in RFC7613.
+ * @param true if the UsernameCaseMapped profile shall be used for
normalization.
+ * @return {@code this}
+ * @see #isApplyRFC7613UsernameCaseMapped()
+ */
+ public Authorizable setApplyRFC7613UsernameCaseMapped(boolean
applyRFC7613UsernameCaseMapped) {
+ this.applyRFC7613UsernameCaseMapped =
applyRFC7613UsernameCaseMapped;
+ return this;
+ }
+
/**
* Defines the set of group names that are automatically added to
synced authorizable.
* @return set of group names.
Modified:
jackrabbit/oak/trunk/oak-auth-external/src/main/java/org/apache/jackrabbit/oak/spi/security/authentication/external/basic/DefaultSyncContext.java
URL:
http://svn.apache.org/viewvc/jackrabbit/oak/trunk/oak-auth-external/src/main/java/org/apache/jackrabbit/oak/spi/security/authentication/external/basic/DefaultSyncContext.java?rev=1761598&r1=1761597&r2=1761598&view=diff
==============================================================================
---
jackrabbit/oak/trunk/oak-auth-external/src/main/java/org/apache/jackrabbit/oak/spi/security/authentication/external/basic/DefaultSyncContext.java
(original)
+++
jackrabbit/oak/trunk/oak-auth-external/src/main/java/org/apache/jackrabbit/oak/spi/security/authentication/external/basic/DefaultSyncContext.java
Tue Sep 20 15:50:39 2016
@@ -374,8 +374,10 @@ public class DefaultSyncContext implemen
@Nonnull
protected User createUser(@Nonnull ExternalUser externalUser) throws
RepositoryException {
Principal principal = new
PrincipalImpl(externalUser.getPrincipalName());
+ String authId = config.user().isApplyRFC7613UsernameCaseMapped() ?
+
java.text.Normalizer.normalize(externalUser.getId().toLowerCase(),
java.text.Normalizer.Form.NFKC) : externalUser.getId();
User user = userManager.createUser(
- externalUser.getId(),
+ authId,
null,
principal,
PathUtils.concatRelativePaths(config.user().getPathPrefix(),
externalUser.getIntermediatePath())
Modified:
jackrabbit/oak/trunk/oak-auth-external/src/main/java/org/apache/jackrabbit/oak/spi/security/authentication/external/basic/package-info.java
URL:
http://svn.apache.org/viewvc/jackrabbit/oak/trunk/oak-auth-external/src/main/java/org/apache/jackrabbit/oak/spi/security/authentication/external/basic/package-info.java?rev=1761598&r1=1761597&r2=1761598&view=diff
==============================================================================
---
jackrabbit/oak/trunk/oak-auth-external/src/main/java/org/apache/jackrabbit/oak/spi/security/authentication/external/basic/package-info.java
(original)
+++
jackrabbit/oak/trunk/oak-auth-external/src/main/java/org/apache/jackrabbit/oak/spi/security/authentication/external/basic/package-info.java
Tue Sep 20 15:50:39 2016
@@ -14,7 +14,7 @@
* See the License for the specific language governing permissions and
* limitations under the License.
*/
-@Version("1.1.0")
+@Version("1.2.0")
@Export
package org.apache.jackrabbit.oak.spi.security.authentication.external.basic;
Modified:
jackrabbit/oak/trunk/oak-auth-external/src/main/java/org/apache/jackrabbit/oak/spi/security/authentication/external/impl/DefaultSyncConfigImpl.java
URL:
http://svn.apache.org/viewvc/jackrabbit/oak/trunk/oak-auth-external/src/main/java/org/apache/jackrabbit/oak/spi/security/authentication/external/impl/DefaultSyncConfigImpl.java?rev=1761598&r1=1761597&r2=1761598&view=diff
==============================================================================
---
jackrabbit/oak/trunk/oak-auth-external/src/main/java/org/apache/jackrabbit/oak/spi/security/authentication/external/impl/DefaultSyncConfigImpl.java
(original)
+++
jackrabbit/oak/trunk/oak-auth-external/src/main/java/org/apache/jackrabbit/oak/spi/security/authentication/external/impl/DefaultSyncConfigImpl.java
Tue Sep 20 15:50:39 2016
@@ -239,6 +239,21 @@ public class DefaultSyncConfigImpl exten
)
public static final String PARAM_GROUP_PATH_PREFIX = "group.pathPrefix";
+ /**
+ * Default value for {@link #PARAM_ENABLE_RFC7613_USERCASE_MAPPED_PROFILE}
+ */
+ public static final boolean
PARAM_ENABLE_RFC7613_USERCASE_MAPPED_PROFILE_DEFAULT = false;
+
+ /**
+ * @see Authorizable#isApplyRFC7613UsernameCaseMapped()
+ */
+ @Property(
+ label = "RFC7613 Username Normalization Profile",
+ description = "Enable the UsercaseMappedProfile defined in RFC7613
for username normalization.",
+ boolValue = PARAM_ENABLE_RFC7613_USERCASE_MAPPED_PROFILE_DEFAULT
+ )
+ public static final String PARAM_ENABLE_RFC7613_USERCASE_MAPPED_PROFILE =
"enableRFC7613UsercaseMappedProfile";
+
private static final long MILLIS_PER_HOUR = 60 * 60 * 1000;
private static final ConfigurationParameters.Milliseconds ONE_HOUR =
ConfigurationParameters.Milliseconds.of(MILLIS_PER_HOUR);
private static final ConfigurationParameters.Milliseconds ONE_DAY =
ConfigurationParameters.Milliseconds.of(24 * MILLIS_PER_HOUR);
@@ -257,6 +272,7 @@ public class DefaultSyncConfigImpl exten
.setMembershipNestingDepth(params.getConfigValue(PARAM_USER_MEMBERSHIP_NESTING_DEPTH,
PARAM_USER_MEMBERSHIP_NESTING_DEPTH_DEFAULT))
.setDynamicMembership(params.getConfigValue(PARAM_USER_DYNAMIC_MEMBERSHIP,
PARAM_USER_DYNAMIC_MEMBERSHIP_DEFAULT))
.setExpirationTime(getMilliSeconds(params,
PARAM_USER_EXPIRATION_TIME, PARAM_USER_EXPIRATION_TIME_DEFAULT, ONE_HOUR))
+
.setApplyRFC7613UsernameCaseMapped(params.getConfigValue(PARAM_ENABLE_RFC7613_USERCASE_MAPPED_PROFILE,
PARAM_ENABLE_RFC7613_USERCASE_MAPPED_PROFILE_DEFAULT))
.setPathPrefix(params.getConfigValue(PARAM_USER_PATH_PREFIX,
PARAM_USER_PATH_PREFIX_DEFAULT))
.setAutoMembership(params.getConfigValue(PARAM_USER_AUTO_MEMBERSHIP,
PARAM_USER_AUTO_MEMBERSHIP_DEFAULT))
.setPropertyMapping(createMapping(
@@ -264,6 +280,7 @@ public class DefaultSyncConfigImpl exten
cfg.group()
.setExpirationTime(getMilliSeconds(params,
PARAM_GROUP_EXPIRATION_TIME, PARAM_GROUP_EXPIRATION_TIME_DEFAULT, ONE_DAY))
+
.setApplyRFC7613UsernameCaseMapped(params.getConfigValue(PARAM_ENABLE_RFC7613_USERCASE_MAPPED_PROFILE,
PARAM_ENABLE_RFC7613_USERCASE_MAPPED_PROFILE_DEFAULT))
.setPathPrefix(params.getConfigValue(PARAM_GROUP_PATH_PREFIX,
PARAM_GROUP_PATH_PREFIX_DEFAULT))
.setAutoMembership(params.getConfigValue(PARAM_GROUP_AUTO_MEMBERSHIP,
PARAM_GROUP_AUTO_MEMBERSHIP_DEFAULT))
.setPropertyMapping(createMapping(
Modified:
jackrabbit/oak/trunk/oak-core/src/main/java/org/apache/jackrabbit/oak/security/user/AuthorizableBaseProvider.java
URL:
http://svn.apache.org/viewvc/jackrabbit/oak/trunk/oak-core/src/main/java/org/apache/jackrabbit/oak/security/user/AuthorizableBaseProvider.java?rev=1761598&r1=1761597&r2=1761598&view=diff
==============================================================================
---
jackrabbit/oak/trunk/oak-core/src/main/java/org/apache/jackrabbit/oak/security/user/AuthorizableBaseProvider.java
(original)
+++
jackrabbit/oak/trunk/oak-core/src/main/java/org/apache/jackrabbit/oak/security/user/AuthorizableBaseProvider.java
Tue Sep 20 15:50:39 2016
@@ -48,7 +48,7 @@ abstract class AuthorizableBaseProvider
@CheckForNull
Tree getByID(@Nonnull String authorizableId, @Nonnull AuthorizableType
authorizableType) {
- return getByContentID(getContentID(authorizableId), authorizableType);
+ return getByContentID(getContentID(authorizableId,
config.getConfigValue(PARAM_ENABLE_RFC7613_USERCASE_MAPPED_PROFILE,
DEFAULT_ENABLE_RFC7613_USERCASE_MAPPED_PROFILE)), authorizableType);
}
@CheckForNull
@@ -77,7 +77,11 @@ abstract class AuthorizableBaseProvider
}
@Nonnull
- static String getContentID(@Nonnull String authorizableId) {
- return generateUUID(authorizableId.toLowerCase());
+ static String getContentID(@Nonnull String authorizableId, boolean
usercaseMappedProfile) {
+ String s = authorizableId.toLowerCase();
+ if (usercaseMappedProfile) {
+ s = java.text.Normalizer.normalize(s,
java.text.Normalizer.Form.NFKC);
+ }
+ return generateUUID(s);
}
}
\ No newline at end of file
Modified:
jackrabbit/oak/trunk/oak-core/src/main/java/org/apache/jackrabbit/oak/security/user/GroupImpl.java
URL:
http://svn.apache.org/viewvc/jackrabbit/oak/trunk/oak-core/src/main/java/org/apache/jackrabbit/oak/security/user/GroupImpl.java?rev=1761598&r1=1761597&r2=1761598&view=diff
==============================================================================
---
jackrabbit/oak/trunk/oak-core/src/main/java/org/apache/jackrabbit/oak/security/user/GroupImpl.java
(original)
+++
jackrabbit/oak/trunk/oak-core/src/main/java/org/apache/jackrabbit/oak/security/user/GroupImpl.java
Tue Sep 20 15:50:39 2016
@@ -283,7 +283,7 @@ class GroupImpl extends AuthorizableImpl
}
idIterator.remove();
- updateMap.put(AuthorizableBaseProvider.getContentID(memberId),
memberId);
+ updateMap.put(AuthorizableBaseProvider.getContentID(memberId,
getUserManager().getConfig().getConfigValue(PARAM_ENABLE_RFC7613_USERCASE_MAPPED_PROFILE,
DEFAULT_ENABLE_RFC7613_USERCASE_MAPPED_PROFILE)), memberId);
}
Set<String> processedIds = Sets.newHashSet(updateMap.values());
Modified:
jackrabbit/oak/trunk/oak-core/src/main/java/org/apache/jackrabbit/oak/security/user/UserConfigurationImpl.java
URL:
http://svn.apache.org/viewvc/jackrabbit/oak/trunk/oak-core/src/main/java/org/apache/jackrabbit/oak/security/user/UserConfigurationImpl.java?rev=1761598&r1=1761597&r2=1761598&view=diff
==============================================================================
---
jackrabbit/oak/trunk/oak-core/src/main/java/org/apache/jackrabbit/oak/security/user/UserConfigurationImpl.java
(original)
+++
jackrabbit/oak/trunk/oak-core/src/main/java/org/apache/jackrabbit/oak/security/user/UserConfigurationImpl.java
Tue Sep 20 15:50:39 2016
@@ -120,7 +120,11 @@ import org.apache.jackrabbit.oak.spi.xml
description = "Optional configuration defining the number of
milliseconds " +
"until the principal cache expires (NOTE: currently
only respected for principal resolution with the internal system session such
as used for login). " +
"If not set or equal/lower than zero no caches are
created/evaluated.",
- longValue = UserPrincipalProvider.EXPIRATION_NO_CACHE)
+ longValue = UserPrincipalProvider.EXPIRATION_NO_CACHE),
+ @Property(name =
UserConstants.PARAM_ENABLE_RFC7613_USERCASE_MAPPED_PROFILE,
+ label = "RFC7613 Username Comparison Profile",
+ description = "Enable the UsercaseMappedProfile defined in
RFC7613 for username comparison.",
+ boolValue = false)
})
public class UserConfigurationImpl extends ConfigurationBase implements
UserConfiguration, SecurityConfiguration {
Modified:
jackrabbit/oak/trunk/oak-core/src/main/java/org/apache/jackrabbit/oak/security/user/UserProvider.java
URL:
http://svn.apache.org/viewvc/jackrabbit/oak/trunk/oak-core/src/main/java/org/apache/jackrabbit/oak/security/user/UserProvider.java?rev=1761598&r1=1761597&r2=1761598&view=diff
==============================================================================
---
jackrabbit/oak/trunk/oak-core/src/main/java/org/apache/jackrabbit/oak/security/user/UserProvider.java
(original)
+++
jackrabbit/oak/trunk/oak-core/src/main/java/org/apache/jackrabbit/oak/security/user/UserProvider.java
Tue Sep 20 15:50:39 2016
@@ -270,7 +270,7 @@ class UserProvider extends AuthorizableB
String userId =
Strings.nullToEmpty(root.getContentSession().getAuthInfo().getUserID());
Tree authorizableNode = TreeUtil.addChild(folder, nodeName, ntName,
typeRoot, userId);
authorizableNode.setProperty(REP_AUTHORIZABLE_ID, authorizableId);
- authorizableNode.setProperty(JcrConstants.JCR_UUID,
getContentID(authorizableId));
+ authorizableNode.setProperty(JcrConstants.JCR_UUID,
getContentID(authorizableId,
config.getConfigValue(PARAM_ENABLE_RFC7613_USERCASE_MAPPED_PROFILE,
DEFAULT_ENABLE_RFC7613_USERCASE_MAPPED_PROFILE)));
return authorizableNode;
}
Modified:
jackrabbit/oak/trunk/oak-core/src/main/java/org/apache/jackrabbit/oak/security/user/UserValidator.java
URL:
http://svn.apache.org/viewvc/jackrabbit/oak/trunk/oak-core/src/main/java/org/apache/jackrabbit/oak/security/user/UserValidator.java?rev=1761598&r1=1761597&r2=1761598&view=diff
==============================================================================
---
jackrabbit/oak/trunk/oak-core/src/main/java/org/apache/jackrabbit/oak/security/user/UserValidator.java
(original)
+++
jackrabbit/oak/trunk/oak-core/src/main/java/org/apache/jackrabbit/oak/security/user/UserValidator.java
Tue Sep 20 15:50:39 2016
@@ -223,9 +223,9 @@ class UserValidator extends DefaultValid
}
}
- private static boolean isValidUUID(@Nonnull Tree parent, @Nonnull String
uuid) {
+ private boolean isValidUUID(@Nonnull Tree parent, @Nonnull String uuid) {
String id = UserUtil.getAuthorizableId(parent);
- return id != null && uuid.equals(UserProvider.getContentID(id));
+ return id != null && uuid.equals(UserProvider.getContentID(id,
provider.getConfig().getConfigValue(PARAM_ENABLE_RFC7613_USERCASE_MAPPED_PROFILE,
DEFAULT_ENABLE_RFC7613_USERCASE_MAPPED_PROFILE)));
}
private static boolean isUser(@Nullable Tree tree) {
Modified:
jackrabbit/oak/trunk/oak-core/src/main/java/org/apache/jackrabbit/oak/spi/security/user/UserConstants.java
URL:
http://svn.apache.org/viewvc/jackrabbit/oak/trunk/oak-core/src/main/java/org/apache/jackrabbit/oak/spi/security/user/UserConstants.java?rev=1761598&r1=1761597&r2=1761598&view=diff
==============================================================================
---
jackrabbit/oak/trunk/oak-core/src/main/java/org/apache/jackrabbit/oak/spi/security/user/UserConstants.java
(original)
+++
jackrabbit/oak/trunk/oak-core/src/main/java/org/apache/jackrabbit/oak/spi/security/user/UserConstants.java
Tue Sep 20 15:50:39 2016
@@ -170,6 +170,19 @@ public interface UserConstants {
String PARAM_PASSWORD_SALT_SIZE = "passwordSaltSize";
/**
+ * Optionally enables the UsernameCaseMapped profile defined in
+ * https://tools.ietf.org/html/rfc7613#section-3.2 for user name
comparison.
+ * Use this if half-width and full-width user names should be considered
+ * equal.
+ */
+ String PARAM_ENABLE_RFC7613_USERCASE_MAPPED_PROFILE =
"enableRFC7613UsercaseMappedProfile";
+
+ /**
+ * Default value for {@link #PARAM_ENABLE_RFC7613_USERCASE_MAPPED_PROFILE}
+ */
+ boolean DEFAULT_ENABLE_RFC7613_USERCASE_MAPPED_PROFILE = false;
+
+ /**
* Optional configuration parameter defining how to generate the name of
the
* authorizable node from the ID of the new authorizable that is being
created.
* The value is expected to be an instance of {@link AuthorizableNodeName}.
Modified:
jackrabbit/oak/trunk/oak-core/src/main/java/org/apache/jackrabbit/oak/spi/security/user/package-info.java
URL:
http://svn.apache.org/viewvc/jackrabbit/oak/trunk/oak-core/src/main/java/org/apache/jackrabbit/oak/spi/security/user/package-info.java?rev=1761598&r1=1761597&r2=1761598&view=diff
==============================================================================
---
jackrabbit/oak/trunk/oak-core/src/main/java/org/apache/jackrabbit/oak/spi/security/user/package-info.java
(original)
+++
jackrabbit/oak/trunk/oak-core/src/main/java/org/apache/jackrabbit/oak/spi/security/user/package-info.java
Tue Sep 20 15:50:39 2016
@@ -14,7 +14,7 @@
* See the License for the specific language governing permissions and
* limitations under the License.
*/
-@Version("2.1.0")
+@Version("2.2.0")
@Export(optional = "provide:=true")
package org.apache.jackrabbit.oak.spi.security.user;
Modified:
jackrabbit/oak/trunk/oak-core/src/test/java/org/apache/jackrabbit/oak/security/user/AddMembersByIdBestEffortTest.java
URL:
http://svn.apache.org/viewvc/jackrabbit/oak/trunk/oak-core/src/test/java/org/apache/jackrabbit/oak/security/user/AddMembersByIdBestEffortTest.java?rev=1761598&r1=1761597&r2=1761598&view=diff
==============================================================================
---
jackrabbit/oak/trunk/oak-core/src/test/java/org/apache/jackrabbit/oak/security/user/AddMembersByIdBestEffortTest.java
(original)
+++
jackrabbit/oak/trunk/oak-core/src/test/java/org/apache/jackrabbit/oak/security/user/AddMembersByIdBestEffortTest.java
Tue Sep 20 15:50:39 2016
@@ -126,7 +126,8 @@ public class AddMembersByIdBestEffortTes
@Test
public void testAddByContentID() throws Exception {
- Set<String> failed =
testGroup.addMembers(AuthorizableBaseProvider.getContentID(getTestUser().getID()));
+ //TODO
+ Set<String> failed =
testGroup.addMembers(AuthorizableBaseProvider.getContentID(getTestUser().getID(),
false));
assertTrue(failed.isEmpty());
assertFalse(testGroup.isMember(getTestUser()));
Modified:
jackrabbit/oak/trunk/oak-core/src/test/java/org/apache/jackrabbit/oak/security/user/MembershipProviderTest.java
URL:
http://svn.apache.org/viewvc/jackrabbit/oak/trunk/oak-core/src/test/java/org/apache/jackrabbit/oak/security/user/MembershipProviderTest.java?rev=1761598&r1=1761597&r2=1761598&view=diff
==============================================================================
---
jackrabbit/oak/trunk/oak-core/src/test/java/org/apache/jackrabbit/oak/security/user/MembershipProviderTest.java
(original)
+++
jackrabbit/oak/trunk/oak-core/src/test/java/org/apache/jackrabbit/oak/security/user/MembershipProviderTest.java
Tue Sep 20 15:50:39 2016
@@ -518,8 +518,9 @@ public class MembershipProviderTest exte
// 4. remove members from the initial set => ref nodes as before,
rep:members prop on group modified
memberIds.clear();
- memberIds.put(MembershipProvider.getContentID("member1"), "member1");
- memberIds.put(MembershipProvider.getContentID("member2"), "member2");
+ //TODO
+ memberIds.put(MembershipProvider.getContentID("member1", false),
"member1");
+ memberIds.put(MembershipProvider.getContentID("member2", false),
"member2");
mp.removeMembers(groupTree, Maps.newHashMap(memberIds));
assertMemberList(groupTree, 3, 5);
@@ -570,7 +571,8 @@ public class MembershipProviderTest exte
Map<String, String> memberIds = Maps.newLinkedHashMap();
for (int i = start; i < end; i++) {
String memberId = "member" + i;
- memberIds.put(MembershipProvider.getContentID(memberId), memberId);
+ //TODO
+ memberIds.put(MembershipProvider.getContentID(memberId, false),
memberId);
}
return memberIds;
}
Modified:
jackrabbit/oak/trunk/oak-core/src/test/java/org/apache/jackrabbit/oak/security/user/UserValidatorTest.java
URL:
http://svn.apache.org/viewvc/jackrabbit/oak/trunk/oak-core/src/test/java/org/apache/jackrabbit/oak/security/user/UserValidatorTest.java?rev=1761598&r1=1761597&r2=1761598&view=diff
==============================================================================
---
jackrabbit/oak/trunk/oak-core/src/test/java/org/apache/jackrabbit/oak/security/user/UserValidatorTest.java
(original)
+++
jackrabbit/oak/trunk/oak-core/src/test/java/org/apache/jackrabbit/oak/security/user/UserValidatorTest.java
Tue Sep 20 15:50:39 2016
@@ -287,7 +287,8 @@ public class UserValidatorTest extends A
}
Tree userTree = parent.addChild("testUser");
userTree.setProperty(JcrConstants.JCR_PRIMARYTYPE,
NT_REP_USER, Type.NAME);
- userTree.setProperty(JcrConstants.JCR_UUID,
UserProvider.getContentID("testUser"));
+ //TODO
+ userTree.setProperty(JcrConstants.JCR_UUID,
UserProvider.getContentID("testUser", false));
userTree.setProperty(REP_PRINCIPAL_NAME, "testUser");
root.commit();
fail("Invalid hierarchy should be detected");
