svn commit: r1858932 - in /jackrabbit/oak/branches/1.10: ./ oak-core/src/main/java/org/apache/jackrabbit/oak/security/user/UserPrincipalProvider.java oak-core/src/test/java/org/apache/jackrabbit/oak/s
Author: stillalex Date: Wed May 8 16:08:59 2019 New Revision: 1858932 URL: http://svn.apache.org/viewvc?rev=1858932=rev Log: OAK-8306 Empty PrincipalProvider cache breaks membership collection Modified: jackrabbit/oak/branches/1.10/ (props changed) jackrabbit/oak/branches/1.10/oak-core/src/main/java/org/apache/jackrabbit/oak/security/user/UserPrincipalProvider.java jackrabbit/oak/branches/1.10/oak-core/src/test/java/org/apache/jackrabbit/oak/security/user/UserPrincipalProviderWithCacheTest.java Propchange: jackrabbit/oak/branches/1.10/ -- --- svn:mergeinfo (original) +++ svn:mergeinfo Wed May 8 16:08:59 2019 @@ -1,3 +1,3 @@ /jackrabbit/oak/branches/1.0:1665962 -/jackrabbit/oak/trunk:1850874,1850882,1851236,1851253,1851451,1851533-1851535,1851619,1852052,1852084,1852120,1852451,1852492-1852493,1852528,1852582,1852584,1852601,1852920,1853083,1853141,1853229,1853393,1853429,1853433,1853441,1853866,1853868,1853870,1853893,1853969,1853997,1854034,1854044,1854055,1854058,1854113,1854373,1854377,1854380,1854385,1854401,1854403,1854455,1854461-1854462,1854466,1854468,1854515,1854533,1854539,1854701,1854773-1854774,1854827,1854848,1854859,1854930,1854990-1854991,1855032,1855221,1855477-1855478,1855776,1855993,1856049,1856056,1856538,1856545,1857000,1857010,1857104,1857159,1857212,1857221,1857238,1857247,1857253,1857294,1857314,1857577,1857635,1857638,1857640,1857687,1857936,1858032,1858053,1858123,1858139,1858571,1858578,1858810 +/jackrabbit/oak/trunk:1850874,1850882,1851236,1851253,1851451,1851533-1851535,1851619,1852052,1852084,1852120,1852451,1852492-1852493,1852528,1852582,1852584,1852601,1852920,1853083,1853141,1853229,1853393,1853429,1853433,1853441,1853866,1853868,1853870,1853893,1853969,1853997,1854034,1854044,1854055,1854058,1854113,1854373,1854377,1854380,1854385,1854401,1854403,1854455,1854461-1854462,1854466,1854468,1854515,1854533,1854539,1854701,1854773-1854774,1854827,1854848,1854859,1854930,1854990-1854991,1855032,1855221,1855477-1855478,1855776,1855993,1856049,1856056,1856538,1856545,1857000,1857010,1857104,1857159,1857212,1857221,1857238,1857247,1857253,1857294,1857314,1857577,1857635,1857638,1857640,1857687,1857936,1858032,1858053,1858123,1858139,1858571,1858578,1858810,1858931 /jackrabbit/trunk:1345480 Modified: jackrabbit/oak/branches/1.10/oak-core/src/main/java/org/apache/jackrabbit/oak/security/user/UserPrincipalProvider.java URL: http://svn.apache.org/viewvc/jackrabbit/oak/branches/1.10/oak-core/src/main/java/org/apache/jackrabbit/oak/security/user/UserPrincipalProvider.java?rev=1858932=1858931=1858932=diff == --- jackrabbit/oak/branches/1.10/oak-core/src/main/java/org/apache/jackrabbit/oak/security/user/UserPrincipalProvider.java (original) +++ jackrabbit/oak/branches/1.10/oak-core/src/main/java/org/apache/jackrabbit/oak/security/user/UserPrincipalProvider.java Wed May 8 16:08:59 2019 @@ -316,7 +316,7 @@ class UserPrincipalProvider implements P String str = TreeUtil.getString(principalCache, CacheConstants.REP_GROUP_PRINCIPAL_NAMES); if (str == null || str.isEmpty()) { -return Collections.emptySet(); +return new HashSet<>(1); } Set groups = new HashSet<>(); Modified: jackrabbit/oak/branches/1.10/oak-core/src/test/java/org/apache/jackrabbit/oak/security/user/UserPrincipalProviderWithCacheTest.java URL: http://svn.apache.org/viewvc/jackrabbit/oak/branches/1.10/oak-core/src/test/java/org/apache/jackrabbit/oak/security/user/UserPrincipalProviderWithCacheTest.java?rev=1858932=1858931=1858932=diff == --- jackrabbit/oak/branches/1.10/oak-core/src/test/java/org/apache/jackrabbit/oak/security/user/UserPrincipalProviderWithCacheTest.java (original) +++ jackrabbit/oak/branches/1.10/oak-core/src/test/java/org/apache/jackrabbit/oak/security/user/UserPrincipalProviderWithCacheTest.java Wed May 8 16:08:59 2019 @@ -51,7 +51,6 @@ import org.apache.jackrabbit.oak.spi.sec import org.apache.jackrabbit.oak.spi.security.principal.PrincipalImpl; import org.apache.jackrabbit.oak.spi.security.principal.PrincipalProvider; import org.apache.jackrabbit.oak.spi.security.user.UserConfiguration; -import org.apache.jackrabbit.oak.util.NodeUtil; import org.apache.jackrabbit.oak.plugins.tree.TreeUtil; import org.jetbrains.annotations.Nullable; import org.junit.Test; @@ -414,8 +413,13 @@ public class UserPrincipalProviderWithCa // verify that the cache has really been updated cache = getCacheTree(systemRoot); -assertNotSame(2, new NodeUtil(cache).getLong(CacheConstants.REP_EXPIRATION, 2)); +assertNotSame(2, TreeUtil.getLong(cache, CacheConstants.REP_EXPIRATION, 2)); assertEquals("", Tr
svn commit: r1858931 - in /jackrabbit/oak/trunk/oak-core/src: main/java/org/apache/jackrabbit/oak/security/user/UserPrincipalProvider.java test/java/org/apache/jackrabbit/oak/security/user/UserPrincip
Author: stillalex Date: Wed May 8 15:42:19 2019 New Revision: 1858931 URL: http://svn.apache.org/viewvc?rev=1858931=rev Log: OAK-8306 Empty PrincipalProvider cache breaks membership collection Modified: jackrabbit/oak/trunk/oak-core/src/main/java/org/apache/jackrabbit/oak/security/user/UserPrincipalProvider.java jackrabbit/oak/trunk/oak-core/src/test/java/org/apache/jackrabbit/oak/security/user/UserPrincipalProviderWithCacheTest.java Modified: jackrabbit/oak/trunk/oak-core/src/main/java/org/apache/jackrabbit/oak/security/user/UserPrincipalProvider.java URL: http://svn.apache.org/viewvc/jackrabbit/oak/trunk/oak-core/src/main/java/org/apache/jackrabbit/oak/security/user/UserPrincipalProvider.java?rev=1858931=1858930=1858931=diff == --- jackrabbit/oak/trunk/oak-core/src/main/java/org/apache/jackrabbit/oak/security/user/UserPrincipalProvider.java (original) +++ jackrabbit/oak/trunk/oak-core/src/main/java/org/apache/jackrabbit/oak/security/user/UserPrincipalProvider.java Wed May 8 15:42:19 2019 @@ -352,7 +352,7 @@ class UserPrincipalProvider implements P String str = TreeUtil.getString(principalCache, CacheConstants.REP_GROUP_PRINCIPAL_NAMES); if (str == null || str.isEmpty()) { -return Collections.emptySet(); +return new HashSet<>(1); } Set groups = new HashSet<>(); Modified: jackrabbit/oak/trunk/oak-core/src/test/java/org/apache/jackrabbit/oak/security/user/UserPrincipalProviderWithCacheTest.java URL: http://svn.apache.org/viewvc/jackrabbit/oak/trunk/oak-core/src/test/java/org/apache/jackrabbit/oak/security/user/UserPrincipalProviderWithCacheTest.java?rev=1858931=1858930=1858931=diff == --- jackrabbit/oak/trunk/oak-core/src/test/java/org/apache/jackrabbit/oak/security/user/UserPrincipalProviderWithCacheTest.java (original) +++ jackrabbit/oak/trunk/oak-core/src/test/java/org/apache/jackrabbit/oak/security/user/UserPrincipalProviderWithCacheTest.java Wed May 8 15:42:19 2019 @@ -51,7 +51,6 @@ import org.apache.jackrabbit.oak.spi.sec import org.apache.jackrabbit.oak.spi.security.principal.PrincipalImpl; import org.apache.jackrabbit.oak.spi.security.principal.PrincipalProvider; import org.apache.jackrabbit.oak.spi.security.user.UserConfiguration; -import org.apache.jackrabbit.oak.util.NodeUtil; import org.apache.jackrabbit.oak.plugins.tree.TreeUtil; import org.jetbrains.annotations.NotNull; import org.jetbrains.annotations.Nullable; @@ -416,8 +415,13 @@ public class UserPrincipalProviderWithCa // verify that the cache has really been updated cache = getCacheTree(systemRoot); -assertNotSame(2, new NodeUtil(cache).getLong(CacheConstants.REP_EXPIRATION, 2)); +assertNotSame(2, TreeUtil.getLong(cache, CacheConstants.REP_EXPIRATION, 2)); assertEquals("", TreeUtil.getString(cache, CacheConstants.REP_GROUP_PRINCIPAL_NAMES)); + +// check that an cached empty membership set doesn't break the retrieval (OAK-8306) +principalsAgain = pp.getPrincipals(userId); +assertFalse(principals.equals(principalsAgain)); +assertPrincipals(principalsAgain, EveryonePrincipal.getInstance(), getTestUser().getPrincipal()); } @Test
svn commit: r1858836 - in /jackrabbit/oak/branches/1.8: ./ oak-jcr/ oak-jcr/src/test/java/org/apache/jackrabbit/oak/jcr/security/user/ oak-security-spi/src/main/java/org/apache/jackrabbit/oak/spi/secu
Author: stillalex Date: Tue May 7 09:53:00 2019 New Revision: 1858836 URL: http://svn.apache.org/viewvc?rev=1858836=rev Log: OAK-7778 PasswordUtil#isPlainTextPassword doesn't validate PBKDF2 scheme Modified: jackrabbit/oak/branches/1.8/ (props changed) jackrabbit/oak/branches/1.8/oak-jcr/ (props changed) jackrabbit/oak/branches/1.8/oak-jcr/src/test/java/org/apache/jackrabbit/oak/jcr/security/user/UserImportTest.java jackrabbit/oak/branches/1.8/oak-security-spi/src/main/java/org/apache/jackrabbit/oak/spi/security/user/util/PasswordUtil.java jackrabbit/oak/branches/1.8/oak-security-spi/src/test/java/org/apache/jackrabbit/oak/spi/security/user/util/PasswordUtilTest.java Propchange: jackrabbit/oak/branches/1.8/ -- --- svn:mergeinfo (original) +++ svn:mergeinfo Tue May 7 09:53:00 2019 @@ -1,3 +1,3 @@ /jackrabbit/oak/branches/1.0:1665962 -/jackrabbit/oak/trunk:1820660-1820661,1820729,1820734,1820859,1820861,1820878,1820888,1820947,1821027,1821130,1821140-1821141,1821178,1821237,1821240,1821249,1821258,1821325,1821358,1821361-1821362,1821370,1821375,1821393,1821477,1821487,1821516,1821617,1821663,1821665,1821668,1821681,1821847,1821975-1821983,1822121,1822182,1822201,1822207,1822527,1822642,1822723,1822808,1822850,1822934,1823135,1823163,1823169,1823172,1823655,1823669,1824196,1824198,1824253,1824255,1824896,1824962,1825065,1825362,1825381,1825442,1825448,1825466,1825470-1825471,1825475,1825523,1825525,1825561,1825619-1825621,1825651,1825654,1825992,1826079,1826090,1826096,1826216,1826237,1826338,1826516,1826532,1826551,1826560,1826638,1826640,1826730,1826833,1826932,1826957,1827423,1827472,1827486,1827816,1827977,1828349,1828439,1828502,1828529,1828827,1828868,1828948,1829527,1829534,1829546,1829569,1829587,1829665,1829854,1829864,1829978,1829985,1829987,1829998,1830019,1830048,1830160,1830171,1830197,1830209,1830239 ,1830347,1830748,1830911,1830923,1831157-1831158,1831163,1831190,1831374,1831560,1831689,1832258,1832376,1832379,1832535,1833308,1833347,1833702,1833833,1834109,1834112,1834117,1834287,1834291,1834302,1834312,1834326,1834328,1834336,1834428,1834468,1834483,1834610,1834648-1834649,1834681,1834823,1834857-1834858,1835060,1835518,1835521,1835635,1835642,1835780,1835819,1836082,1836121,1836167-1836168,1836170-1836187,1836189-1836196,1836206,1836487,1836493,1836548,1837057,1837274,1837296,1837326,1837475,1837503,1837547,1837569,1837596,1837600,1837657,1837718,1837998,1838076,1838637,1839549,1839570,1839637,1839746,1840019,1840024,1840031,1840226,1840455,1840462,1840574,1840769,1841314,1841352,1842089,1842677,1843175,1843222,1843231,1843398,1843618,1843621,1843637,1843652,1843669,1843905,1843911,1844070,1844110,1844325,1844549,1844625,1844627,1844642,1844728,1844775,1844932,1845135,1845336,1845405,1845415,1845730-1845731,1845863,1845865,1846057,1846396,1846429,1846581,1846617,1847088,1847 096,1848073,1848181-1848182,1848191,1848217,1848822-1848823,1850221,1850837,1850874,1851533-1851535,1851619,1852120,1852451,1852492-1852493,1852528,1852582,1852584,1852601,1853141,1853229,1853393,1853429,1853433,1853866,1853868,1853870,1853893,1853969,1853997,1854034,1854044,1854055,1854455,1854461-1854462,1854466,1854515,1854539,1854701,1854773,1854827,1854848,1854859,1854930,1855032,1855776,1856818,1857010,1857247,1857253,1857294,1857314,1857638,1857936,1858032,1858571,1858578,1858810 +/jackrabbit/oak/trunk:1820660-1820661,1820729,1820734,1820859,1820861,1820878,1820888,1820947,1821027,1821130,1821140-1821141,1821178,1821237,1821240,1821249,1821258,1821325,1821358,1821361-1821362,1821370,1821375,1821393,1821477,1821487,1821516,1821617,1821663,1821665,1821668,1821681,1821847,1821975-1821983,1822121,1822182,1822201,1822207,1822527,1822642,1822723,1822808,1822850,1822934,1823135,1823163,1823169,1823172,1823655,1823669,1824196,1824198,1824253,1824255,1824896,1824962,1825065,1825362,1825381,1825442,1825448,1825466,1825470-1825471,1825475,1825523,1825525,1825561,1825619-1825621,1825651,1825654,1825992,1826079,1826090,1826096,1826216,1826237,1826338,1826516,1826532,1826551,1826560,1826638,1826640,1826730,1826833,1826932,1826957,1827423,1827472,1827486,1827816,1827977,1828349,1828439,1828502,1828529,1828827,1828868,1828948,1829527,1829534,1829546,1829569,1829587,1829665,1829854,1829864,1829978,1829985,1829987,1829998,1830019,1830048,1830160,1830171,1830197,1830209,1830239 ,1830347,1830748,1830911,1830923,1831157-1831158,1831163,1831190,1831374,1831560,1831689,1832258,1832376,1832379,1832535,1833308,1833347,1833702,1833833,1834109,1834112,1834117,1834287,1834291,1834302,1834312,1834326,1834328,1834336,1834428,1834468,1834483,1834610,1834648-1834649,1834681,1834823,1834857-1834858,1835060,1835518,1835521,1835635,1835642,1835780,1835819,1836082,1836121,1836167-1836168,1836170-1836187,1836189
svn commit: r1858758 - in /jackrabbit/oak/trunk/oak-commons/src/main/java/org/apache/jackrabbit/oak/commons: LazyValue.java package-info.java
Author: stillalex Date: Mon May 6 08:26:19 2019 New Revision: 1858758 URL: http://svn.apache.org/viewvc?rev=1858758=rev Log: OAK-8283 Make LazyValue implement Supplier Modified: jackrabbit/oak/trunk/oak-commons/src/main/java/org/apache/jackrabbit/oak/commons/LazyValue.java jackrabbit/oak/trunk/oak-commons/src/main/java/org/apache/jackrabbit/oak/commons/package-info.java Modified: jackrabbit/oak/trunk/oak-commons/src/main/java/org/apache/jackrabbit/oak/commons/LazyValue.java URL: http://svn.apache.org/viewvc/jackrabbit/oak/trunk/oak-commons/src/main/java/org/apache/jackrabbit/oak/commons/LazyValue.java?rev=1858758=1858757=1858758=diff == --- jackrabbit/oak/trunk/oak-commons/src/main/java/org/apache/jackrabbit/oak/commons/LazyValue.java (original) +++ jackrabbit/oak/trunk/oak-commons/src/main/java/org/apache/jackrabbit/oak/commons/LazyValue.java Mon May 6 08:26:19 2019 @@ -16,6 +16,8 @@ */ package org.apache.jackrabbit.oak.commons; +import java.util.function.Supplier; + /** * An instances of this class represents a lazy value of type {@code T}. * {@code LazyValue} implements an evaluate by need semantics: @@ -24,7 +26,7 @@ package org.apache.jackrabbit.oak.common * * {@code LazyValue} instances are thread safe. */ -public abstract class LazyValue { +public abstract class LazyValue implements Supplier { private volatile T value; /** @@ -44,6 +46,7 @@ public abstract class LazyValue { * Get value. Calls {@link #createValue()} if called for the first time. * @return the value */ +@Override public T get () { // Double checked locking is fine since Java 5 as long as value is volatile. // See http://www.cs.umd.edu/~pugh/java/memoryModel/DoubleCheckedLocking.html Modified: jackrabbit/oak/trunk/oak-commons/src/main/java/org/apache/jackrabbit/oak/commons/package-info.java URL: http://svn.apache.org/viewvc/jackrabbit/oak/trunk/oak-commons/src/main/java/org/apache/jackrabbit/oak/commons/package-info.java?rev=1858758=1858757=1858758=diff == --- jackrabbit/oak/trunk/oak-commons/src/main/java/org/apache/jackrabbit/oak/commons/package-info.java (original) +++ jackrabbit/oak/trunk/oak-commons/src/main/java/org/apache/jackrabbit/oak/commons/package-info.java Mon May 6 08:26:19 2019 @@ -14,7 +14,7 @@ * See the License for the specific language governing permissions and * limitations under the License. */ -@Version("1.3.0") +@Version("1.4.0") package org.apache.jackrabbit.oak.commons; import org.osgi.annotation.versioning.Version;
svn commit: r1858530 - in /jackrabbit/oak/trunk: oak-core-spi/src/main/java/org/apache/jackrabbit/oak/spi/nodetype/ oak-core/src/main/java/org/apache/jackrabbit/oak/plugins/nodetype/ oak-jcr/src/main/
Author: stillalex Date: Thu May 2 11:48:10 2019 New Revision: 1858530 URL: http://svn.apache.org/viewvc?rev=1858530=rev Log: OAK-8249 NodeImpl#isNodeType could load mixin info lazily Modified: jackrabbit/oak/trunk/oak-core-spi/src/main/java/org/apache/jackrabbit/oak/spi/nodetype/EffectiveNodeTypeProvider.java jackrabbit/oak/trunk/oak-core-spi/src/main/java/org/apache/jackrabbit/oak/spi/nodetype/package-info.java jackrabbit/oak/trunk/oak-core/src/main/java/org/apache/jackrabbit/oak/plugins/nodetype/ReadOnlyNodeTypeManager.java jackrabbit/oak/trunk/oak-jcr/src/main/java/org/apache/jackrabbit/oak/jcr/security/AccessManager.java jackrabbit/oak/trunk/oak-jcr/src/main/java/org/apache/jackrabbit/oak/jcr/session/NodeImpl.java jackrabbit/oak/trunk/oak-jcr/src/main/java/org/apache/jackrabbit/oak/jcr/session/SessionContext.java Modified: jackrabbit/oak/trunk/oak-core-spi/src/main/java/org/apache/jackrabbit/oak/spi/nodetype/EffectiveNodeTypeProvider.java URL: http://svn.apache.org/viewvc/jackrabbit/oak/trunk/oak-core-spi/src/main/java/org/apache/jackrabbit/oak/spi/nodetype/EffectiveNodeTypeProvider.java?rev=1858530=1858529=1858530=diff == --- jackrabbit/oak/trunk/oak-core-spi/src/main/java/org/apache/jackrabbit/oak/spi/nodetype/EffectiveNodeTypeProvider.java (original) +++ jackrabbit/oak/trunk/oak-core-spi/src/main/java/org/apache/jackrabbit/oak/spi/nodetype/EffectiveNodeTypeProvider.java Thu May 2 11:48:10 2019 @@ -16,7 +16,10 @@ */ package org.apache.jackrabbit.oak.spi.nodetype; +import java.util.ArrayList; import java.util.Iterator; +import java.util.List; + import javax.jcr.Node; import javax.jcr.RepositoryException; import javax.jcr.nodetype.NoSuchNodeTypeException; @@ -36,6 +39,11 @@ public interface EffectiveNodeTypeProvid * type or mixin type, or a subtype thereof respecting the effective node * type of the {@code tree}. Returns {@code false} otherwise. * + * Note: caution must be taken while calling this api because it doesn't + * offer the same strict guarantees as the {@code Node#isNodeType(String)} + * method in the case where the session doesn't have access to the + * {@code jcr:mixinTypes} property. + * * @param tree The tree to be tested. * @param nodeTypeName The internal oak name of the node type to be tested. * @return true if the specified node is of the given node type. @@ -54,8 +62,29 @@ public interface EffectiveNodeTypeProvid * refer to an existing node type. * @throws RepositoryException If the given node type name is invalid or if * some other error occurs. + * @deprecated use {@link #isNodeType(String, Iterable, String)} instead + */ +@Deprecated +default boolean isNodeType(@NotNull String primaryTypeName, @NotNull Iterator mixinTypes, @NotNull String nodeTypeName) throws NoSuchNodeTypeException, RepositoryException { +List mixins = new ArrayList<>(); +mixinTypes.forEachRemaining(mixins::add); +return isNodeType(primaryTypeName, mixins, nodeTypeName); +} + +/** + * Returns {@code true} if {@code typeName} is of the specified primary node + * type or mixin type, or a subtype thereof. Returns {@code false} otherwise. + * + * @param primaryTypeName the internal oak name of the node to test + * @param mixinTypes the internal oak names of the node to test. + * @param nodeTypeName The internal oak name of the node type to be tested. + * @return {@code true} if the specified node type is of the given node type. + * @throws NoSuchNodeTypeException If the specified node type name doesn't + * refer to an existing node type. + * @throws RepositoryException If the given node type name is invalid or if + * some other error occurs. */ -boolean isNodeType(@NotNull String primaryTypeName, @NotNull Iterator mixinTypes, @NotNull String nodeTypeName) throws NoSuchNodeTypeException, RepositoryException; +boolean isNodeType(@NotNull String primaryTypeName, @NotNull Iterable mixinTypes, @NotNull String nodeTypeName) throws NoSuchNodeTypeException, RepositoryException; /** * Returns {@code true} if {@code typeName} is of the specified primary node Modified: jackrabbit/oak/trunk/oak-core-spi/src/main/java/org/apache/jackrabbit/oak/spi/nodetype/package-info.java URL: http://svn.apache.org/viewvc/jackrabbit/oak/trunk/oak-core-spi/src/main/java/org/apache/jackrabbit/oak/spi/nodetype/package-info.java?rev=1858530=1858529=1858530=diff == --- jackrabbit/oak/trunk/oak-core-spi/src/main/java/org/apache/jackrabbit/oak/spi/nodetype/package-info.java (original) +++ jackrabbit/oak/trunk/oak-core-spi/src/main/java/org/apache/jackrabbit/oak/spi/nodetype/package-info.java Thu May 2 11:48:10 2019 @@ -14,7 +14,7 @@
svn commit: r1858054 - in /jackrabbit/oak/trunk/oak-core/src: main/java/org/apache/jackrabbit/oak/security/authorization/ main/java/org/apache/jackrabbit/oak/security/authorization/permission/ test/ja
Author: stillalex Date: Wed Apr 24 14:37:49 2019 New Revision: 1858054 URL: http://svn.apache.org/viewvc?rev=1858054=rev Log: OAK-8234 Reduce object allocation in PermissionProviderImpl for admin sessions Added: jackrabbit/oak/trunk/oak-core/src/main/java/org/apache/jackrabbit/oak/security/authorization/permission/AllPermissionProviderImpl.java (with props) Modified: jackrabbit/oak/trunk/oak-core/src/main/java/org/apache/jackrabbit/oak/security/authorization/AuthorizationConfigurationImpl.java jackrabbit/oak/trunk/oak-core/src/test/java/org/apache/jackrabbit/oak/security/authorization/permission/AdministrativePermissionProviderTest.java Modified: jackrabbit/oak/trunk/oak-core/src/main/java/org/apache/jackrabbit/oak/security/authorization/AuthorizationConfigurationImpl.java URL: http://svn.apache.org/viewvc/jackrabbit/oak/trunk/oak-core/src/main/java/org/apache/jackrabbit/oak/security/authorization/AuthorizationConfigurationImpl.java?rev=1858054=1858053=1858054=diff == --- jackrabbit/oak/trunk/oak-core/src/main/java/org/apache/jackrabbit/oak/security/authorization/AuthorizationConfigurationImpl.java (original) +++ jackrabbit/oak/trunk/oak-core/src/main/java/org/apache/jackrabbit/oak/security/authorization/AuthorizationConfigurationImpl.java Wed Apr 24 14:37:49 2019 @@ -29,10 +29,12 @@ import org.apache.jackrabbit.oak.securit import org.apache.jackrabbit.oak.security.authorization.accesscontrol.AccessControlImporter; import org.apache.jackrabbit.oak.security.authorization.accesscontrol.AccessControlManagerImpl; import org.apache.jackrabbit.oak.security.authorization.accesscontrol.AccessControlValidatorProvider; +import org.apache.jackrabbit.oak.security.authorization.permission.AllPermissionProviderImpl; import org.apache.jackrabbit.oak.security.authorization.permission.MountPermissionProvider; import org.apache.jackrabbit.oak.security.authorization.permission.PermissionHook; import org.apache.jackrabbit.oak.security.authorization.permission.PermissionProviderImpl; import org.apache.jackrabbit.oak.security.authorization.permission.PermissionStoreValidatorProvider; +import org.apache.jackrabbit.oak.security.authorization.permission.PermissionUtil; import org.apache.jackrabbit.oak.security.authorization.permission.PermissionValidatorProvider; import org.apache.jackrabbit.oak.security.authorization.restriction.RestrictionProviderImpl; import org.apache.jackrabbit.oak.spi.commit.CommitHook; @@ -199,6 +201,9 @@ public class AuthorizationConfigurationI public PermissionProvider getPermissionProvider(@NotNull Root root, @NotNull String workspaceName, @NotNull Set principals) { Context ctx = getSecurityProvider().getConfiguration(AuthorizationConfiguration.class).getContext(); +if (PermissionUtil.isAdminOrSystem(principals, getParameters())) { +return new AllPermissionProviderImpl(root, this); +} if (mountInfoProvider.hasNonDefaultMounts()) { return new MountPermissionProvider(root, workspaceName, principals, getRestrictionProvider(), Added: jackrabbit/oak/trunk/oak-core/src/main/java/org/apache/jackrabbit/oak/security/authorization/permission/AllPermissionProviderImpl.java URL: http://svn.apache.org/viewvc/jackrabbit/oak/trunk/oak-core/src/main/java/org/apache/jackrabbit/oak/security/authorization/permission/AllPermissionProviderImpl.java?rev=1858054=auto == --- jackrabbit/oak/trunk/oak-core/src/main/java/org/apache/jackrabbit/oak/security/authorization/permission/AllPermissionProviderImpl.java (added) +++ jackrabbit/oak/trunk/oak-core/src/main/java/org/apache/jackrabbit/oak/security/authorization/permission/AllPermissionProviderImpl.java Wed Apr 24 14:37:49 2019 @@ -0,0 +1,122 @@ +/* + * Licensed to the Apache Software Foundation (ASF) under one or more + * contributor license agreements. See the NOTICE file distributed with + * this work for additional information regarding copyright ownership. + * The ASF licenses this file to You under the Apache License, Version 2.0 + * (the "License"); you may not use this file except in compliance with + * the License. You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ +package org.apache.jackrabbit.oak.security.authorization.permission; + +import java.util.Collections; +import java.util.Set; + +import org.apache.jackrabbit.oak.api.Pr
svn commit: r1857636 - in /jackrabbit/oak/branches/1.10: ./ oak-benchmarks/src/main/java/org/apache/jackrabbit/oak/benchmark/BenchmarkRunner.java oak-benchmarks/src/main/java/org/apache/jackrabbit/oak
Author: stillalex Date: Tue Apr 16 09:52:27 2019 New Revision: 1857636 URL: http://svn.apache.org/viewvc?rev=1857636=rev Log: OAK-8247 Add non-admin mode for Node.isNodeType() benchmark backport to 1.10 Modified: jackrabbit/oak/branches/1.10/ (props changed) jackrabbit/oak/branches/1.10/oak-benchmarks/src/main/java/org/apache/jackrabbit/oak/benchmark/BenchmarkRunner.java jackrabbit/oak/branches/1.10/oak-benchmarks/src/main/java/org/apache/jackrabbit/oak/benchmark/IsNodeTypeTest.java Propchange: jackrabbit/oak/branches/1.10/ -- --- svn:mergeinfo (original) +++ svn:mergeinfo Tue Apr 16 09:52:27 2019 @@ -1,3 +1,3 @@ /jackrabbit/oak/branches/1.0:1665962 -/jackrabbit/oak/trunk:1850874,1850882,1851236,1851253,1851451,1851533-1851535,1851619,1852052,1852084,1852120,1852451,1852492-1852493,1852528,1852582,1852584,1852601,1852920,1853141,1853229,1853393,1853429,1853433,1853441,1853866,1853868,1853870,1853893,1853969,1853997,1854034,1854044,1854055,1854058,1854113,1854373,1854377,1854380,1854385,1854401,1854403,1854455,1854461-1854462,1854466,1854468,1854515,1854533,1854539,1854701,1854773-1854774,1854827,1854848,1854859,1854930,1854990-1854991,1855032,1855221,1855477-1855478,1855776,1857010,1857104,1857159,1857212,1857221,1857238,1857247,1857253,1857294,1857314,1857577 +/jackrabbit/oak/trunk:1850874,1850882,1851236,1851253,1851451,1851533-1851535,1851619,1852052,1852084,1852120,1852451,1852492-1852493,1852528,1852582,1852584,1852601,1852920,1853141,1853229,1853393,1853429,1853433,1853441,1853866,1853868,1853870,1853893,1853969,1853997,1854034,1854044,1854055,1854058,1854113,1854373,1854377,1854380,1854385,1854401,1854403,1854455,1854461-1854462,1854466,1854468,1854515,1854533,1854539,1854701,1854773-1854774,1854827,1854848,1854859,1854930,1854990-1854991,1855032,1855221,1855477-1855478,1855776,1857010,1857104,1857159,1857212,1857221,1857238,1857247,1857253,1857294,1857314,1857577,1857635 /jackrabbit/trunk:1345480 Modified: jackrabbit/oak/branches/1.10/oak-benchmarks/src/main/java/org/apache/jackrabbit/oak/benchmark/BenchmarkRunner.java URL: http://svn.apache.org/viewvc/jackrabbit/oak/branches/1.10/oak-benchmarks/src/main/java/org/apache/jackrabbit/oak/benchmark/BenchmarkRunner.java?rev=1857636=1857635=1857636=diff == --- jackrabbit/oak/branches/1.10/oak-benchmarks/src/main/java/org/apache/jackrabbit/oak/benchmark/BenchmarkRunner.java (original) +++ jackrabbit/oak/branches/1.10/oak-benchmarks/src/main/java/org/apache/jackrabbit/oak/benchmark/BenchmarkRunner.java Tue Apr 16 09:52:27 2019 @@ -499,7 +499,7 @@ public class BenchmarkRunner { new StringWriteTest(), new BasicWriteTest(), new CanReadNonExisting(), -new IsNodeTypeTest(), +new IsNodeTypeTest(runAsAdmin.value(options)), new SetPropertyTransientTest() }; Modified: jackrabbit/oak/branches/1.10/oak-benchmarks/src/main/java/org/apache/jackrabbit/oak/benchmark/IsNodeTypeTest.java URL: http://svn.apache.org/viewvc/jackrabbit/oak/branches/1.10/oak-benchmarks/src/main/java/org/apache/jackrabbit/oak/benchmark/IsNodeTypeTest.java?rev=1857636=1857635=1857636=diff == --- jackrabbit/oak/branches/1.10/oak-benchmarks/src/main/java/org/apache/jackrabbit/oak/benchmark/IsNodeTypeTest.java (original) +++ jackrabbit/oak/branches/1.10/oak-benchmarks/src/main/java/org/apache/jackrabbit/oak/benchmark/IsNodeTypeTest.java Tue Apr 16 09:52:27 2019 @@ -16,9 +16,15 @@ */ package org.apache.jackrabbit.oak.benchmark; +import static javax.jcr.security.Privilege.JCR_READ; +import static org.apache.jackrabbit.commons.jackrabbit.authorization.AccessControlUtils.addAccessControlEntry; +import static org.junit.Assert.assertTrue; + import javax.jcr.Node; import javax.jcr.Session; +import org.apache.jackrabbit.oak.spi.security.principal.EveryonePrincipal; + /** * Benchmark for Node.isNodeType(String). */ @@ -26,14 +32,21 @@ public class IsNodeTypeTest extends Abst private static final String NT_FOLDER = "nt:folder"; +private final boolean runAsAdmin; + private String testNodeName = "test" + TEST_ID; private Node testNode; +public IsNodeTypeTest(boolean runAsAdmin) { +this.runAsAdmin = runAsAdmin; +} + @Override public void beforeSuite() throws Exception { Session session = getRepository().login(getCredentials()); session.getRootNode().addNode(testNodeName, NT_FOLDER); +addAccessControlEntry(session, "/", EveryonePrincipal.getInstance(), new String[] { JCR_READ }, true); session.save(); session.logout(); testNode = prepareThreadExecutionContext(); @@ -50,7 +63,15 @@ public class IsNodeTypeTest
svn commit: r1857635 - in /jackrabbit/oak/trunk/oak-benchmarks/src/main/java/org/apache/jackrabbit/oak/benchmark: BenchmarkRunner.java IsNodeTypeTest.java
Author: stillalex Date: Tue Apr 16 09:43:36 2019 New Revision: 1857635 URL: http://svn.apache.org/viewvc?rev=1857635=rev Log: OAK-8247 Add non-admin mode for Node.isNodeType() benchmark Modified: jackrabbit/oak/trunk/oak-benchmarks/src/main/java/org/apache/jackrabbit/oak/benchmark/BenchmarkRunner.java jackrabbit/oak/trunk/oak-benchmarks/src/main/java/org/apache/jackrabbit/oak/benchmark/IsNodeTypeTest.java Modified: jackrabbit/oak/trunk/oak-benchmarks/src/main/java/org/apache/jackrabbit/oak/benchmark/BenchmarkRunner.java URL: http://svn.apache.org/viewvc/jackrabbit/oak/trunk/oak-benchmarks/src/main/java/org/apache/jackrabbit/oak/benchmark/BenchmarkRunner.java?rev=1857635=1857634=1857635=diff == --- jackrabbit/oak/trunk/oak-benchmarks/src/main/java/org/apache/jackrabbit/oak/benchmark/BenchmarkRunner.java (original) +++ jackrabbit/oak/trunk/oak-benchmarks/src/main/java/org/apache/jackrabbit/oak/benchmark/BenchmarkRunner.java Tue Apr 16 09:43:36 2019 @@ -501,7 +501,7 @@ public class BenchmarkRunner { new StringWriteTest(), new BasicWriteTest(), new CanReadNonExisting(), -new IsNodeTypeTest(), +new IsNodeTypeTest(runAsAdmin.value(options)), new SetPropertyTransientTest() }; Modified: jackrabbit/oak/trunk/oak-benchmarks/src/main/java/org/apache/jackrabbit/oak/benchmark/IsNodeTypeTest.java URL: http://svn.apache.org/viewvc/jackrabbit/oak/trunk/oak-benchmarks/src/main/java/org/apache/jackrabbit/oak/benchmark/IsNodeTypeTest.java?rev=1857635=1857634=1857635=diff == --- jackrabbit/oak/trunk/oak-benchmarks/src/main/java/org/apache/jackrabbit/oak/benchmark/IsNodeTypeTest.java (original) +++ jackrabbit/oak/trunk/oak-benchmarks/src/main/java/org/apache/jackrabbit/oak/benchmark/IsNodeTypeTest.java Tue Apr 16 09:43:36 2019 @@ -16,9 +16,15 @@ */ package org.apache.jackrabbit.oak.benchmark; +import static javax.jcr.security.Privilege.JCR_READ; +import static org.apache.jackrabbit.commons.jackrabbit.authorization.AccessControlUtils.addAccessControlEntry; +import static org.junit.Assert.assertTrue; + import javax.jcr.Node; import javax.jcr.Session; +import org.apache.jackrabbit.oak.spi.security.principal.EveryonePrincipal; + /** * Benchmark for Node.isNodeType(String). */ @@ -26,14 +32,21 @@ public class IsNodeTypeTest extends Abst private static final String NT_FOLDER = "nt:folder"; +private final boolean runAsAdmin; + private String testNodeName = "test" + TEST_ID; private Node testNode; +public IsNodeTypeTest(boolean runAsAdmin) { +this.runAsAdmin = runAsAdmin; +} + @Override public void beforeSuite() throws Exception { Session session = getRepository().login(getCredentials()); session.getRootNode().addNode(testNodeName, NT_FOLDER); +addAccessControlEntry(session, "/", EveryonePrincipal.getInstance(), new String[] { JCR_READ }, true); session.save(); session.logout(); testNode = prepareThreadExecutionContext(); @@ -50,7 +63,15 @@ public class IsNodeTypeTest extends Abst @Override protected Node prepareThreadExecutionContext() throws Exception { -return loginWriter().getRootNode().getNode(testNodeName); +return getTestSession().getRootNode().getNode(testNodeName); +} + +private Session getTestSession() { +if (runAsAdmin) { +return loginWriter(); +} else { +return loginAnonymous(); +} } @Override @@ -62,7 +83,7 @@ public class IsNodeTypeTest extends Abst @Override protected void runTest(Node executionContext) throws Exception { for (int i = 0; i < 10; i++) { -executionContext.isNodeType(NT_FOLDER); +assertTrue(executionContext.isNodeType(NT_FOLDER)); } }
svn commit: r1856908 - in /jackrabbit/oak/trunk/oak-auth-external/src: main/java/org/apache/jackrabbit/oak/spi/security/authentication/external/impl/principal/ test/java/org/apache/jackrabbit/oak/spi/
Author: stillalex Date: Thu Apr 4 08:02:23 2019 New Revision: 1856908 URL: http://svn.apache.org/viewvc?rev=1856908=rev Log: OAK-8055 Add conflict handler for rep:lastSynced property on external groups Added: jackrabbit/oak/trunk/oak-auth-external/src/main/java/org/apache/jackrabbit/oak/spi/security/authentication/external/impl/principal/ExternalIdentityConflictHandler.java (with props) Modified: jackrabbit/oak/trunk/oak-auth-external/src/main/java/org/apache/jackrabbit/oak/spi/security/authentication/external/impl/principal/ExternalPrincipalConfiguration.java jackrabbit/oak/trunk/oak-auth-external/src/test/java/org/apache/jackrabbit/oak/spi/security/authentication/external/impl/DefaultSyncHandlerTest.java Added: jackrabbit/oak/trunk/oak-auth-external/src/main/java/org/apache/jackrabbit/oak/spi/security/authentication/external/impl/principal/ExternalIdentityConflictHandler.java URL: http://svn.apache.org/viewvc/jackrabbit/oak/trunk/oak-auth-external/src/main/java/org/apache/jackrabbit/oak/spi/security/authentication/external/impl/principal/ExternalIdentityConflictHandler.java?rev=1856908=auto == --- jackrabbit/oak/trunk/oak-auth-external/src/main/java/org/apache/jackrabbit/oak/spi/security/authentication/external/impl/principal/ExternalIdentityConflictHandler.java (added) +++ jackrabbit/oak/trunk/oak-auth-external/src/main/java/org/apache/jackrabbit/oak/spi/security/authentication/external/impl/principal/ExternalIdentityConflictHandler.java Thu Apr 4 08:02:23 2019 @@ -0,0 +1,115 @@ +/* + * Licensed to the Apache Software Foundation (ASF) under one + * or more contributor license agreements. See the NOTICE file + * distributed with this work for additional information + * regarding copyright ownership. The ASF licenses this file + * to you under the Apache License, Version 2.0 (the + * "License"); you may not use this file except in compliance + * with the License. You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, + * software distributed under the License is distributed on an + * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY + * KIND, either express or implied. See the License for the + * specific language governing permissions and limitations + * under the License. + */ + +package org.apache.jackrabbit.oak.spi.security.authentication.external.impl.principal; + +import static org.apache.jackrabbit.util.ISO8601.parse; + +import java.util.Calendar; + +import org.apache.jackrabbit.oak.api.PropertyState; +import org.apache.jackrabbit.oak.api.Type; +import org.apache.jackrabbit.oak.spi.commit.ThreeWayConflictHandler; +import org.apache.jackrabbit.oak.spi.security.authentication.external.impl.ExternalIdentityConstants; +import org.apache.jackrabbit.oak.spi.state.NodeBuilder; +import org.apache.jackrabbit.oak.spi.state.NodeState; +import org.jetbrains.annotations.NotNull; + +/** + * Conflict handler that merges concurrent updates to external entities on the + * {@code ExternalIdentityConstants.REP_LAST_SYNCED} property by picking the + * older of the 2 conflicting dates. + */ +class ExternalIdentityConflictHandler implements ThreeWayConflictHandler { + +@NotNull +@Override +public Resolution addExistingProperty(NodeBuilder parent, PropertyState ours, PropertyState theirs) { +if (ExternalIdentityConstants.REP_LAST_SYNCED.equals(ours.getName())) { +merge(parent, ours, theirs); +return Resolution.MERGED; +} +return Resolution.IGNORED; +} + +@NotNull +@Override +public Resolution changeChangedProperty(NodeBuilder parent, PropertyState ours, PropertyState theirs, +PropertyState base) { +if (ExternalIdentityConstants.REP_LAST_SYNCED.equals(ours.getName())) { +merge(parent, ours, theirs); +return Resolution.MERGED; +} +return Resolution.IGNORED; +} + +private static void merge(NodeBuilder parent, PropertyState ours, PropertyState theirs) { +Calendar o = parse(ours.getValue(Type.DATE)); +Calendar t = parse(theirs.getValue(Type.DATE)); +Calendar v = o.before(t) ? t : o; +parent.setProperty(ours.getName(), v); +} + +@Override +@NotNull +public Resolution changeDeletedProperty(@NotNull NodeBuilder parent, @NotNull PropertyState ours, +@NotNull PropertyState base) { +return Resolution.IGNORED; +} + +@Override +@NotNull +public Resolution deleteDeletedProperty(@NotNull NodeBuilder parent, @NotNull PropertyState base) { +return Resolution.IGNORED; +} + +@Override +@NotNull +public Resolution deleteChangedProperty(@NotNull NodeBuilder parent, @NotNull PropertyState theirs, +@NotNull PropertyState bas
svn commit: r1856464 - in /jackrabbit/oak/trunk/oak-security-spi/src: main/java/org/apache/jackrabbit/oak/spi/security/principal/ test/java/org/apache/jackrabbit/oak/spi/security/principal/
Author: stillalex Date: Thu Mar 28 09:19:06 2019 New Revision: 1856464 URL: http://svn.apache.org/viewvc?rev=1856464=rev Log: OAK-8142 CompositePrincipalProvider support for full text search Modified: jackrabbit/oak/trunk/oak-security-spi/src/main/java/org/apache/jackrabbit/oak/spi/security/principal/CompositePrincipalProvider.java jackrabbit/oak/trunk/oak-security-spi/src/test/java/org/apache/jackrabbit/oak/spi/security/principal/CompositePrincipalProviderTest.java jackrabbit/oak/trunk/oak-security-spi/src/test/java/org/apache/jackrabbit/oak/spi/security/principal/TestPrincipalProvider.java Modified: jackrabbit/oak/trunk/oak-security-spi/src/main/java/org/apache/jackrabbit/oak/spi/security/principal/CompositePrincipalProvider.java URL: http://svn.apache.org/viewvc/jackrabbit/oak/trunk/oak-security-spi/src/main/java/org/apache/jackrabbit/oak/spi/security/principal/CompositePrincipalProvider.java?rev=1856464=1856463=1856464=diff == --- jackrabbit/oak/trunk/oak-security-spi/src/main/java/org/apache/jackrabbit/oak/spi/security/principal/CompositePrincipalProvider.java (original) +++ jackrabbit/oak/trunk/oak-security-spi/src/main/java/org/apache/jackrabbit/oak/spi/security/principal/CompositePrincipalProvider.java Thu Mar 28 09:19:06 2019 @@ -141,7 +141,7 @@ public class CompositePrincipalProvider long offset, long limit) { List> all = providers.stream() -.map((p) -> p.findPrincipals(nameHint, fullText, searchType, 0, limit)).collect(Collectors.toList()); +.map((p) -> p.findPrincipals(nameHint, fullText, searchType, 0, limit + offset)).collect(Collectors.toList()); Iterator principals = Iterators.mergeSorted(all, Comparator.comparing(Principal::getName)); Spliterator spliterator = Spliterators.spliteratorUnknownSize(principals, 0); Modified: jackrabbit/oak/trunk/oak-security-spi/src/test/java/org/apache/jackrabbit/oak/spi/security/principal/CompositePrincipalProviderTest.java URL: http://svn.apache.org/viewvc/jackrabbit/oak/trunk/oak-security-spi/src/test/java/org/apache/jackrabbit/oak/spi/security/principal/CompositePrincipalProviderTest.java?rev=1856464=1856463=1856464=diff == --- jackrabbit/oak/trunk/oak-security-spi/src/test/java/org/apache/jackrabbit/oak/spi/security/principal/CompositePrincipalProviderTest.java (original) +++ jackrabbit/oak/trunk/oak-security-spi/src/test/java/org/apache/jackrabbit/oak/spi/security/principal/CompositePrincipalProviderTest.java Thu Mar 28 09:19:06 2019 @@ -18,13 +18,14 @@ package org.apache.jackrabbit.oak.spi.se import java.security.Principal; import java.util.ArrayList; +import java.util.Arrays; import java.util.Collection; import java.util.Collections; -import java.util.Comparator; import java.util.Iterator; import java.util.List; import java.util.Random; import java.util.Set; +import java.util.TreeSet; import com.google.common.base.Predicate; import com.google.common.collect.ImmutableList; @@ -37,17 +38,14 @@ import org.apache.jackrabbit.api.securit import org.jetbrains.annotations.NotNull; import org.jetbrains.annotations.Nullable; import org.junit.Test; -import org.mockito.invocation.InvocationOnMock; -import org.mockito.stubbing.Answer; +import static org.junit.Assert.assertArrayEquals; import static org.junit.Assert.assertEquals; import static org.junit.Assert.assertFalse; import static org.junit.Assert.assertNotSame; import static org.junit.Assert.assertNull; import static org.junit.Assert.assertSame; import static org.junit.Assert.assertTrue; -import static org.mockito.ArgumentMatchers.anyBoolean; -import static org.mockito.ArgumentMatchers.anyInt; import static org.mockito.ArgumentMatchers.anyString; import static org.mockito.Mockito.mock; import static org.mockito.Mockito.when; @@ -237,50 +235,53 @@ public class CompositePrincipalProviderT int inputSize = 3; Random r = new Random(seed); -Comparator comparator = Comparator.comparing(Principal::getName); List expected = new ArrayList<>(); -Collection> input = new ArrayList<>(); +Collection> input = new ArrayList<>(); for (int i = 0; i < inputSize; i++) { -List l = new ArrayList<>(); +Set l = new TreeSet<>(); int size = r.nextInt(bound); -for (int s = 0; s < size; s++) { +while (size > 0) { int v = r.nextInt(bound); -Principal p = new PrincipalImpl("p" + v); -expected.add(p.getName()); -l.add(p); +String n = "p" + v; +if (l.add(n)) { +expected.add(n); +size--; +}
svn commit: r1856414 - in /jackrabbit/oak/trunk/oak-auth-external/src: main/java/org/apache/jackrabbit/oak/spi/security/authentication/external/impl/principal/ test/java/org/apache/jackrabbit/oak/spi/
Author: stillalex Date: Wed Mar 27 15:03:57 2019 New Revision: 1856414 URL: http://svn.apache.org/viewvc?rev=1856414=rev Log: OAK-8175 ExternalGroupPrincipalProvider support for full text search Modified: jackrabbit/oak/trunk/oak-auth-external/src/main/java/org/apache/jackrabbit/oak/spi/security/authentication/external/impl/principal/ExternalGroupPrincipalProvider.java jackrabbit/oak/trunk/oak-auth-external/src/test/java/org/apache/jackrabbit/oak/spi/security/authentication/external/impl/principal/ExternalGroupPrincipalProviderTest.java Modified: jackrabbit/oak/trunk/oak-auth-external/src/main/java/org/apache/jackrabbit/oak/spi/security/authentication/external/impl/principal/ExternalGroupPrincipalProvider.java URL: http://svn.apache.org/viewvc/jackrabbit/oak/trunk/oak-auth-external/src/main/java/org/apache/jackrabbit/oak/spi/security/authentication/external/impl/principal/ExternalGroupPrincipalProvider.java?rev=1856414=1856413=1856414=diff == --- jackrabbit/oak/trunk/oak-auth-external/src/main/java/org/apache/jackrabbit/oak/spi/security/authentication/external/impl/principal/ExternalGroupPrincipalProvider.java (original) +++ jackrabbit/oak/trunk/oak-auth-external/src/main/java/org/apache/jackrabbit/oak/spi/security/authentication/external/impl/principal/ExternalGroupPrincipalProvider.java Wed Mar 27 15:03:57 2019 @@ -20,12 +20,18 @@ import java.security.Principal; import java.text.ParseException; import java.util.Collection; import java.util.Collections; +import java.util.Comparator; import java.util.Enumeration; import java.util.HashSet; import java.util.Iterator; import java.util.Map; import java.util.Set; +import java.util.Spliterator; +import java.util.Spliterators; import java.util.concurrent.ConcurrentHashMap; +import java.util.stream.Stream; +import java.util.stream.StreamSupport; + import javax.jcr.PropertyType; import javax.jcr.RepositoryException; import javax.jcr.Value; @@ -173,6 +179,27 @@ class ExternalGroupPrincipalProvider imp return findPrincipals(null, searchType); } +@NotNull +@Override +public Iterator findPrincipals(@Nullable String nameHint, boolean fullText, int searchType, +long offset, long limit) { +Iterator principals = findPrincipals(nameHint, searchType); +if (!principals.hasNext()) { +return Collections.emptyIterator(); +} + +Spliterator spliterator = Spliterators.spliteratorUnknownSize(principals, 0); +Stream stream = StreamSupport.stream(spliterator, false); +stream = stream.sorted(Comparator.comparing(Principal::getName)); +if (offset > 0) { +stream = stream.skip(offset); +} +if (limit >= 0) { +stream = stream.limit(limit); +} +return stream.iterator(); +} + //< private >--- @Nullable private String getIdpName(@NotNull Tree userTree) { Modified: jackrabbit/oak/trunk/oak-auth-external/src/test/java/org/apache/jackrabbit/oak/spi/security/authentication/external/impl/principal/ExternalGroupPrincipalProviderTest.java URL: http://svn.apache.org/viewvc/jackrabbit/oak/trunk/oak-auth-external/src/test/java/org/apache/jackrabbit/oak/spi/security/authentication/external/impl/principal/ExternalGroupPrincipalProviderTest.java?rev=1856414=1856413=1856414=diff == --- jackrabbit/oak/trunk/oak-auth-external/src/test/java/org/apache/jackrabbit/oak/spi/security/authentication/external/impl/principal/ExternalGroupPrincipalProviderTest.java (original) +++ jackrabbit/oak/trunk/oak-auth-external/src/test/java/org/apache/jackrabbit/oak/spi/security/authentication/external/impl/principal/ExternalGroupPrincipalProviderTest.java Wed Mar 27 15:03:57 2019 @@ -17,11 +17,16 @@ package org.apache.jackrabbit.oak.spi.security.authentication.external.impl.principal; import java.security.Principal; +import java.util.Arrays; import java.util.Collections; +import java.util.Comparator; import java.util.HashSet; import java.util.Iterator; +import java.util.List; import java.util.Set; import com.google.common.base.Function; +import com.google.common.collect.ImmutableList; +import com.google.common.collect.ImmutableMap; import com.google.common.collect.ImmutableSet; import com.google.common.collect.Iterables; @@ -32,6 +37,7 @@ import org.apache.jackrabbit.api.securit import org.apache.jackrabbit.api.security.user.User; import org.apache.jackrabbit.api.security.user.UserManager; import org.apache.jackrabbit.oak.api.Root; +import org.apache.jackrabbit.oak.namepath.NamePathMapper; import org.apache.jackrabbit.oak.spi.security.authentication.external.ExternalGroup; import org.apache.jackrabbit.oak.spi.security.authentication.external.ExternalIdent
svn commit: r1856176 - in /jackrabbit/oak/trunk/oak-benchmarks/src/main/java/org/apache/jackrabbit/oak/benchmark/authentication/external: AbstractExternalTest.java ExternalLoginTest.java
Author: stillalex Date: Mon Mar 25 10:18:10 2019 New Revision: 1856176 URL: http://svn.apache.org/viewvc?rev=1856176=rev Log: OAK-8053 Add intermediate report to ExternalLoginTest Modified: jackrabbit/oak/trunk/oak-benchmarks/src/main/java/org/apache/jackrabbit/oak/benchmark/authentication/external/AbstractExternalTest.java jackrabbit/oak/trunk/oak-benchmarks/src/main/java/org/apache/jackrabbit/oak/benchmark/authentication/external/ExternalLoginTest.java Modified: jackrabbit/oak/trunk/oak-benchmarks/src/main/java/org/apache/jackrabbit/oak/benchmark/authentication/external/AbstractExternalTest.java URL: http://svn.apache.org/viewvc/jackrabbit/oak/trunk/oak-benchmarks/src/main/java/org/apache/jackrabbit/oak/benchmark/authentication/external/AbstractExternalTest.java?rev=1856176=1856175=1856176=diff == --- jackrabbit/oak/trunk/oak-benchmarks/src/main/java/org/apache/jackrabbit/oak/benchmark/authentication/external/AbstractExternalTest.java (original) +++ jackrabbit/oak/trunk/oak-benchmarks/src/main/java/org/apache/jackrabbit/oak/benchmark/authentication/external/AbstractExternalTest.java Mon Mar 25 10:18:10 2019 @@ -101,7 +101,7 @@ abstract class AbstractExternalTest exte final DefaultSyncConfig syncConfig = new DefaultSyncConfig(); final SyncHandler syncHandler = new DefaultSyncHandler(syncConfig); -final ExternalIdentityProvider idp; +final TestIdentityProvider idp; final long delay; SyncManagerImpl syncManager; Modified: jackrabbit/oak/trunk/oak-benchmarks/src/main/java/org/apache/jackrabbit/oak/benchmark/authentication/external/ExternalLoginTest.java URL: http://svn.apache.org/viewvc/jackrabbit/oak/trunk/oak-benchmarks/src/main/java/org/apache/jackrabbit/oak/benchmark/authentication/external/ExternalLoginTest.java?rev=1856176=1856175=1856176=diff == --- jackrabbit/oak/trunk/oak-benchmarks/src/main/java/org/apache/jackrabbit/oak/benchmark/authentication/external/ExternalLoginTest.java (original) +++ jackrabbit/oak/trunk/oak-benchmarks/src/main/java/org/apache/jackrabbit/oak/benchmark/authentication/external/ExternalLoginTest.java Mon Mar 25 10:18:10 2019 @@ -18,21 +18,32 @@ package org.apache.jackrabbit.oak.benchm import static javax.security.auth.login.AppConfigurationEntry.LoginModuleControlFlag.OPTIONAL; import static javax.security.auth.login.AppConfigurationEntry.LoginModuleControlFlag.SUFFICIENT; +import static org.junit.Assert.assertEquals; +import java.util.Collections; import java.util.HashSet; import java.util.List; import java.util.Set; +import java.util.TreeSet; +import java.util.concurrent.atomic.AtomicLong; +import java.util.stream.Collectors; +import java.util.stream.StreamSupport; +import javax.jcr.LoginException; +import javax.jcr.Session; import javax.jcr.SimpleCredentials; import javax.security.auth.login.AppConfigurationEntry; import javax.security.auth.login.Configuration; +import org.apache.commons.lang3.reflect.FieldUtils; +import org.apache.jackrabbit.oak.jcr.delegate.SessionDelegate; import org.apache.jackrabbit.oak.security.authentication.token.TokenLoginModule; import org.apache.jackrabbit.oak.security.authentication.user.LoginModuleImpl; import org.apache.jackrabbit.oak.spi.security.authentication.AuthenticationConfiguration; import org.apache.jackrabbit.oak.spi.security.authentication.GuestLoginModule; import org.apache.jackrabbit.oak.spi.security.authentication.LoginModuleStats; import org.apache.jackrabbit.oak.spi.security.authentication.LoginModuleStatsCollector; +import org.apache.jackrabbit.oak.spi.security.authentication.external.ExternalIdentityRef; import org.apache.jackrabbit.oak.spi.security.authentication.external.impl.ExternalLoginModule; import org.apache.jackrabbit.oak.stats.StatisticsProvider; import org.jetbrains.annotations.NotNull; @@ -53,9 +64,10 @@ public class ExternalLoginTest extends A private final int numberOfGroups; private final Reporter reporter; private final LoginModuleStats lmStats; +private final List auto; -private String id; private Set uniques; +private AtomicLong err; public ExternalLoginTest(int numberOfUsers, int numberOfGroups, long expTime, boolean dynamicMembership, @NotNull List autoMembership, boolean report, StatisticsProvider statsProvider) { @@ -64,13 +76,15 @@ public class ExternalLoginTest extends A this.numberOfGroups = numberOfGroups; this.reporter = new Reporter(report); this.lmStats = new LoginModuleStats(statsProvider); +this.auto = autoMembership; } @Override protected void beforeSuite() throws Exception { super.beforeSuite(); reporter.beforeSuite(); -uniques = new HashSet<>(numberOfUsers); +uniques = Collections.synchronizedSet(new H
svn commit: r1856069 - /jackrabbit/oak/trunk/oak-doc/src/site/markdown/nodestore/segment/onrc-memoirs.md
Author: stillalex Date: Fri Mar 22 17:02:07 2019 New Revision: 1856069 URL: http://svn.apache.org/viewvc?rev=1856069=rev Log: OAK-301: Document Oak Memoirs in Garbage Collection (WIP) -- fixed header for new file Modified: jackrabbit/oak/trunk/oak-doc/src/site/markdown/nodestore/segment/onrc-memoirs.md Modified: jackrabbit/oak/trunk/oak-doc/src/site/markdown/nodestore/segment/onrc-memoirs.md URL: http://svn.apache.org/viewvc/jackrabbit/oak/trunk/oak-doc/src/site/markdown/nodestore/segment/onrc-memoirs.md?rev=1856069=1856068=1856069=diff == --- jackrabbit/oak/trunk/oak-doc/src/site/markdown/nodestore/segment/onrc-memoirs.md (original) +++ jackrabbit/oak/trunk/oak-doc/src/site/markdown/nodestore/segment/onrc-memoirs.md Fri Mar 22 17:02:07 2019 @@ -1,3 +1,20 @@ + + Memoirs in Garbage Collection = This is a brief outline of the history of Online Revision Garbage Collection in Oak. By linking to further details where necessary this historical context helps making sense of the various bits of information that are scattered across Jira Issues, Wikis, source code etc.
svn commit: r1856039 - in /jackrabbit/oak/branches/1.8: ./ oak-core/src/main/java/org/apache/jackrabbit/oak/security/user/ oak-core/src/test/java/org/apache/jackrabbit/oak/security/user/
Author: stillalex Date: Fri Mar 22 10:53:01 2019 New Revision: 1856039 URL: http://svn.apache.org/viewvc?rev=1856039=rev Log: OAK-8054 RepMembersConflictHandler creates property with wrong type Modified: jackrabbit/oak/branches/1.8/ (props changed) jackrabbit/oak/branches/1.8/oak-core/src/main/java/org/apache/jackrabbit/oak/security/user/RepMembersConflictHandler.java jackrabbit/oak/branches/1.8/oak-core/src/test/java/org/apache/jackrabbit/oak/security/user/GroupImplTest.java jackrabbit/oak/branches/1.8/oak-core/src/test/java/org/apache/jackrabbit/oak/security/user/RepMembersConflictHandlerTest.java Propchange: jackrabbit/oak/branches/1.8/ -- --- svn:mergeinfo (original) +++ svn:mergeinfo Fri Mar 22 10:53:01 2019 @@ -1,3 +1,3 @@ /jackrabbit/oak/branches/1.0:1665962 -/jackrabbit/oak/trunk:1820660-1820661,1820729,1820734,1820859,1820861,1820878,1820888,1820947,1821027,1821130,1821140-1821141,1821178,1821237,1821240,1821249,1821258,1821325,1821358,1821361-1821362,1821370,1821375,1821393,1821477,1821487,1821516,1821617,1821663,1821665,1821668,1821681,1821847,1821975-1821983,1822121,1822182,1822201,1822207,1822527,1822642,1822723,1822808,1822850,1822934,1823135,1823163,1823169,1823172,1823655,1823669,1824196,1824198,1824253,1824255,1824896,1824962,1825065,1825362,1825381,1825442,1825448,1825466,1825470-1825471,1825475,1825523,1825525,1825561,1825619-1825621,1825651,1825654,1825992,1826079,1826090,1826096,1826216,1826237,1826338,1826516,1826532,1826551,1826560,1826638,1826640,1826730,1826833,1826932,1826957,1827423,1827472,1827486,1827816,1827977,1828349,1828439,1828502,1828529,1828827,1828868,1828948,1829527,1829534,1829546,1829569,1829587,1829665,1829854,1829864,1829978,1829985,1829987,1829998,1830019,1830048,1830160,1830171,1830197,1830209,1830239 ,1830347,1830748,1830911,1830923,1831157-1831158,1831163,1831190,1831374,1831560,1831689,1832258,1832376,1832379,1832535,1833308,1833347,1833702,1833833,1834109,1834112,1834117,1834287,1834291,1834302,1834312,1834326,1834328,1834336,1834428,1834468,1834483,1834610,1834648-1834649,1834681,1834823,1834857-1834858,1835060,1835518,1835521,1835635,1835642,1835780,1835819,1836082,1836121,1836167-1836168,1836170-1836187,1836189-1836196,1836206,1836487,1836493,1836548,1837057,1837274,1837296,1837326,1837475,1837503,1837547,1837569,1837596,1837600,1837657,1837718,1837998,1838076,1838637,1839549,1839570,1839637,1839746,1840019,1840024,1840031,1840226,1840455,1840462,1840574,1840769,1841314,1841352,1842089,1842677,1843175,1843222,1843231,1843398,1843618,1843621,1843637,1843652,1843669,1843905,1843911,1844070,1844110,1844325,1844549,1844625,1844627,1844642,1844728,1844775,1844932,1845135,1845336,1845405,1845415,1845730-1845731,1845863,1845865,1846057,1846396,1846429,1846581,1846617,1847088,1847 096,1848073,1848181-1848182,1848191,1848217,1848822-1848823,1850221,1850837,1850874,1851533-1851535,1851619,1852120,1852451,1852492,1852528,1852582,1852584,1852601,1853141,1853229,1853393,1853429,1853433,1853866,1853870,1853893,1853969,1853997,1854034,1854044,1854055,1854455,1854461-1854462,1854466,1854515,1854539,1854701,1854773,1854827,1854848,1854859,1854930,1855032 +/jackrabbit/oak/trunk:1820660-1820661,1820729,1820734,1820859,1820861,1820878,1820888,1820947,1821027,1821130,1821140-1821141,1821178,1821237,1821240,1821249,1821258,1821325,1821358,1821361-1821362,1821370,1821375,1821393,1821477,1821487,1821516,1821617,1821663,1821665,1821668,1821681,1821847,1821975-1821983,1822121,1822182,1822201,1822207,1822527,1822642,1822723,1822808,1822850,1822934,1823135,1823163,1823169,1823172,1823655,1823669,1824196,1824198,1824253,1824255,1824896,1824962,1825065,1825362,1825381,1825442,1825448,1825466,1825470-1825471,1825475,1825523,1825525,1825561,1825619-1825621,1825651,1825654,1825992,1826079,1826090,1826096,1826216,1826237,1826338,1826516,1826532,1826551,1826560,1826638,1826640,1826730,1826833,1826932,1826957,1827423,1827472,1827486,1827816,1827977,1828349,1828439,1828502,1828529,1828827,1828868,1828948,1829527,1829534,1829546,1829569,1829587,1829665,1829854,1829864,1829978,1829985,1829987,1829998,1830019,1830048,1830160,1830171,1830197,1830209,1830239 ,1830347,1830748,1830911,1830923,1831157-1831158,1831163,1831190,1831374,1831560,1831689,1832258,1832376,1832379,1832535,1833308,1833347,1833702,1833833,1834109,1834112,1834117,1834287,1834291,1834302,1834312,1834326,1834328,1834336,1834428,1834468,1834483,1834610,1834648-1834649,1834681,1834823,1834857-1834858,1835060,1835518,1835521,1835635,1835642,1835780,1835819,1836082,1836121,1836167-1836168,1836170-1836187,1836189-1836196,1836206,1836487,1836493,1836548,1837057,1837274,1837296,1837326,1837475,1837503,1837547,1837569,1837596,1837600,1837657,1837718,1837998,1838076,1838637,1839549,1839570,1839637,1839746,1840019,1840024,1840031,1840226,1840455,1840462,1840574,1840769
svn commit: r1855838 - in /jackrabbit/oak/trunk/oak-security-spi/src: main/java/org/apache/jackrabbit/oak/spi/security/principal/CompositePrincipalProvider.java test/java/org/apache/jackrabbit/oak/spi
Author: stillalex Date: Tue Mar 19 15:09:15 2019 New Revision: 1855838 URL: http://svn.apache.org/viewvc?rev=1855838=rev Log: OAK-8142 CompositePrincipalProvider support for full text search Modified: jackrabbit/oak/trunk/oak-security-spi/src/main/java/org/apache/jackrabbit/oak/spi/security/principal/CompositePrincipalProvider.java jackrabbit/oak/trunk/oak-security-spi/src/test/java/org/apache/jackrabbit/oak/spi/security/principal/CompositePrincipalProviderTest.java Modified: jackrabbit/oak/trunk/oak-security-spi/src/main/java/org/apache/jackrabbit/oak/spi/security/principal/CompositePrincipalProvider.java URL: http://svn.apache.org/viewvc/jackrabbit/oak/trunk/oak-security-spi/src/main/java/org/apache/jackrabbit/oak/spi/security/principal/CompositePrincipalProvider.java?rev=1855838=1855837=1855838=diff == --- jackrabbit/oak/trunk/oak-security-spi/src/main/java/org/apache/jackrabbit/oak/spi/security/principal/CompositePrincipalProvider.java (original) +++ jackrabbit/oak/trunk/oak-security-spi/src/main/java/org/apache/jackrabbit/oak/spi/security/principal/CompositePrincipalProvider.java Tue Mar 19 15:09:15 2019 @@ -19,10 +19,16 @@ package org.apache.jackrabbit.oak.spi.se import java.security.Principal; import java.security.acl.Group; import java.util.Collections; +import java.util.Comparator; import java.util.HashSet; import java.util.Iterator; import java.util.List; import java.util.Set; +import java.util.Spliterator; +import java.util.Spliterators; +import java.util.stream.Collectors; +import java.util.stream.Stream; +import java.util.stream.StreamSupport; import com.google.common.collect.Iterators; import static com.google.common.base.Preconditions.checkNotNull; @@ -128,4 +134,22 @@ public class CompositePrincipalProvider public Iterator findPrincipals(int searchType) { return findPrincipals(null, searchType); } + +public Iterator findPrincipals(@Nullable String nameHint, boolean fullText, int searchType, +long offset, long limit) { + +List> all = providers.stream() +.map((p) -> p.findPrincipals(nameHint, fullText, searchType, 0, limit)).collect(Collectors.toList()); +Iterator principals = Iterators.mergeSorted(all, Comparator.comparing(Principal::getName)); + +Spliterator spliterator = Spliterators.spliteratorUnknownSize(principals, 0); +Stream stream = StreamSupport.stream(spliterator, false); +if (offset > 0) { +stream = stream.skip(offset); +} +if (limit >= 0) { +stream = stream.limit(limit); +} +return stream.iterator(); +} } Modified: jackrabbit/oak/trunk/oak-security-spi/src/test/java/org/apache/jackrabbit/oak/spi/security/principal/CompositePrincipalProviderTest.java URL: http://svn.apache.org/viewvc/jackrabbit/oak/trunk/oak-security-spi/src/test/java/org/apache/jackrabbit/oak/spi/security/principal/CompositePrincipalProviderTest.java?rev=1855838=1855837=1855838=diff == --- jackrabbit/oak/trunk/oak-security-spi/src/test/java/org/apache/jackrabbit/oak/spi/security/principal/CompositePrincipalProviderTest.java (original) +++ jackrabbit/oak/trunk/oak-security-spi/src/test/java/org/apache/jackrabbit/oak/spi/security/principal/CompositePrincipalProviderTest.java Tue Mar 19 15:09:15 2019 @@ -18,9 +18,12 @@ package org.apache.jackrabbit.oak.spi.se import java.security.Principal; import java.util.ArrayList; +import java.util.Collection; import java.util.Collections; +import java.util.Comparator; import java.util.Iterator; import java.util.List; +import java.util.Random; import java.util.Set; import com.google.common.base.Predicate; @@ -34,6 +37,8 @@ import org.apache.jackrabbit.api.securit import org.jetbrains.annotations.NotNull; import org.jetbrains.annotations.Nullable; import org.junit.Test; +import org.mockito.invocation.InvocationOnMock; +import org.mockito.stubbing.Answer; import static org.junit.Assert.assertEquals; import static org.junit.Assert.assertFalse; @@ -215,4 +220,49 @@ public class CompositePrincipalProviderT } return l; } + +@Test +public void testFindPrincipalsRandom() { +long seed = System.currentTimeMillis(); +int bound = 10; +int inputSize = 3; +Random r = new Random(seed); + +Comparator comparator = Comparator.comparing(Principal::getName); +List expected = new ArrayList<>(); +Collection> input = new ArrayList<>(); +for (int i = 0; i < inputSize; i++) { +List l = new ArrayList<>(); +int size = r.nextInt(bound); +for (int s = 0; s < size; s++) { +int v = r.nextInt(bound); +Principal p = new PrincipalImpl("p&qu
svn commit: r1855771 - in /jackrabbit/oak/trunk/oak-core/src: main/java/org/apache/jackrabbit/oak/security/user/UserPrincipalProvider.java test/java/org/apache/jackrabbit/oak/security/principal/Abstra
Author: stillalex Date: Mon Mar 18 14:25:06 2019 New Revision: 1855771 URL: http://svn.apache.org/viewvc?rev=1855771=rev Log: OAK-8140 UserPrincipalProvider support for full text search Modified: jackrabbit/oak/trunk/oak-core/src/main/java/org/apache/jackrabbit/oak/security/user/UserPrincipalProvider.java jackrabbit/oak/trunk/oak-core/src/test/java/org/apache/jackrabbit/oak/security/principal/AbstractPrincipalProviderTest.java Modified: jackrabbit/oak/trunk/oak-core/src/main/java/org/apache/jackrabbit/oak/security/user/UserPrincipalProvider.java URL: http://svn.apache.org/viewvc/jackrabbit/oak/trunk/oak-core/src/main/java/org/apache/jackrabbit/oak/security/user/UserPrincipalProvider.java?rev=1855771=1855770=1855771=diff == --- jackrabbit/oak/trunk/oak-core/src/main/java/org/apache/jackrabbit/oak/security/user/UserPrincipalProvider.java (original) +++ jackrabbit/oak/trunk/oak-core/src/main/java/org/apache/jackrabbit/oak/security/user/UserPrincipalProvider.java Mon Mar 18 14:25:06 2019 @@ -171,14 +171,21 @@ class UserPrincipalProvider implements P limit = Long.MAX_VALUE; } try { + +String lookupClause = ""; +if (nameHint != null && !nameHint.isEmpty()) { +if (fullText) { +lookupClause = String.format("[jcr:contains(.,'%s')]", buildSearchPatternFT(nameHint)); +} else { +lookupClause = String.format("[jcr:like(@rep:principalName,'%s')]", buildSearchPatternContains(nameHint)); +} +} AuthorizableType type = AuthorizableType.getType(searchType); StringBuilder statement = new StringBuilder() .append(QueryUtil.getSearchRoot(type, config.getParameters())) .append("//element(*,").append(QueryUtil.getNodeTypeName(type)).append(')') -.append("[jcr:like(@rep:principalName,'") -.append(buildSearchPattern(nameHint)) -.append("')] order by @rep:principalName"); - +.append(lookupClause) +.append(" order by @rep:principalName"); Result result = root.getQueryEngine().executeQuery( statement.toString(), javax.jcr.query.Query.XPATH, limit, offset, NO_BINDINGS, namePathMapper.getSessionLocalMappings()); @@ -365,15 +372,19 @@ class UserPrincipalProvider implements P return expirationTime > EXPIRATION_NO_CACHE && now < expirationTime; } -private static String buildSearchPattern(String nameHint) { -if (nameHint == null) { -return "%"; +private static String buildSearchPatternContains(@NotNull String nameHint) { +StringBuilder sb = new StringBuilder(); +sb.append('%'); +sb.append(nameHint.replace("%", "\\%").replace("_", "\\_")); +sb.append('%'); +return sb.toString(); +} + +private static String buildSearchPatternFT(@NotNull String nameHint) { +if (nameHint.contains("*")) { +return QueryUtil.escapeForQuery(nameHint); } else { -StringBuilder sb = new StringBuilder(); -sb.append('%'); -sb.append(nameHint.replace("%", "\\%").replace("_", "\\_")); -sb.append('%'); -return sb.toString(); +return QueryUtil.escapeForQuery(nameHint) + "*"; } } Modified: jackrabbit/oak/trunk/oak-core/src/test/java/org/apache/jackrabbit/oak/security/principal/AbstractPrincipalProviderTest.java URL: http://svn.apache.org/viewvc/jackrabbit/oak/trunk/oak-core/src/test/java/org/apache/jackrabbit/oak/security/principal/AbstractPrincipalProviderTest.java?rev=1855771=1855770=1855771=diff == --- jackrabbit/oak/trunk/oak-core/src/test/java/org/apache/jackrabbit/oak/security/principal/AbstractPrincipalProviderTest.java (original) +++ jackrabbit/oak/trunk/oak-core/src/test/java/org/apache/jackrabbit/oak/security/principal/AbstractPrincipalProviderTest.java Mon Mar 18 14:25:06 2019 @@ -68,6 +68,9 @@ public abstract class AbstractPrincipalP @Override public void before() throws Exception { +// because of full text search test #testFindRange +getQueryEngineSettings().setFailTraversal(false); +getQueryEngineSettings().setFullTextComparisonWithoutIndex(true); super.before(); userPrincipal = getTestUser().getPrincipal(); @@ -415,9 +418,12 @@ public abstract class AbstractPrincipalP to = Math.min(offset + limit, to); }
svn commit: r1855536 - in /jackrabbit/oak/trunk/oak-core/src: main/java/org/apache/jackrabbit/oak/security/principal/ main/java/org/apache/jackrabbit/oak/security/user/ test/java/org/apache/jackrabbit
Author: stillalex Date: Thu Mar 14 16:03:13 2019 New Revision: 1855536 URL: http://svn.apache.org/viewvc?rev=1855536=rev Log: OAK-8131 Principal Management APIs full text support Modified: jackrabbit/oak/trunk/oak-core/src/main/java/org/apache/jackrabbit/oak/security/principal/PrincipalProviderImpl.java jackrabbit/oak/trunk/oak-core/src/main/java/org/apache/jackrabbit/oak/security/user/UserPrincipalProvider.java jackrabbit/oak/trunk/oak-core/src/test/java/org/apache/jackrabbit/oak/security/principal/AbstractPrincipalProviderTest.java Modified: jackrabbit/oak/trunk/oak-core/src/main/java/org/apache/jackrabbit/oak/security/principal/PrincipalProviderImpl.java URL: http://svn.apache.org/viewvc/jackrabbit/oak/trunk/oak-core/src/main/java/org/apache/jackrabbit/oak/security/principal/PrincipalProviderImpl.java?rev=1855536=1855535=1855536=diff == --- jackrabbit/oak/trunk/oak-core/src/main/java/org/apache/jackrabbit/oak/security/principal/PrincipalProviderImpl.java (original) +++ jackrabbit/oak/trunk/oak-core/src/main/java/org/apache/jackrabbit/oak/security/principal/PrincipalProviderImpl.java Thu Mar 14 16:03:13 2019 @@ -131,12 +131,12 @@ class PrincipalProviderImpl implements P @NotNull @Override public Iterator findPrincipals(@Nullable final String nameHint, final int searchType) { -return findPrincipals(nameHint, searchType, 0, -1); +return findPrincipals(nameHint, false, searchType, 0, -1); } @NotNull @Override -public Iterator findPrincipals(final String nameHint, final int searchType, long offset, +public Iterator findPrincipals(final String nameHint, final boolean fullText, final int searchType, long offset, long limit) { if (offset < 0) { offset = 0; Modified: jackrabbit/oak/trunk/oak-core/src/main/java/org/apache/jackrabbit/oak/security/user/UserPrincipalProvider.java URL: http://svn.apache.org/viewvc/jackrabbit/oak/trunk/oak-core/src/main/java/org/apache/jackrabbit/oak/security/user/UserPrincipalProvider.java?rev=1855536=1855535=1855536=diff == --- jackrabbit/oak/trunk/oak-core/src/main/java/org/apache/jackrabbit/oak/security/user/UserPrincipalProvider.java (original) +++ jackrabbit/oak/trunk/oak-core/src/main/java/org/apache/jackrabbit/oak/security/user/UserPrincipalProvider.java Thu Mar 14 16:03:13 2019 @@ -157,12 +157,12 @@ class UserPrincipalProvider implements P @Override public Iterator findPrincipals(final String nameHint, final int searchType) { -return findPrincipals(nameHint, searchType, 0, -1); +return findPrincipals(nameHint, false, searchType, 0, -1); } @NotNull @Override -public Iterator findPrincipals(final String nameHint, final int searchType, long offset, +public Iterator findPrincipals(final String nameHint, final boolean fullText, final int searchType, long offset, long limit) { if (offset < 0) { offset = 0; Modified: jackrabbit/oak/trunk/oak-core/src/test/java/org/apache/jackrabbit/oak/security/principal/AbstractPrincipalProviderTest.java URL: http://svn.apache.org/viewvc/jackrabbit/oak/trunk/oak-core/src/test/java/org/apache/jackrabbit/oak/security/principal/AbstractPrincipalProviderTest.java?rev=1855536=1855535=1855536=diff == --- jackrabbit/oak/trunk/oak-core/src/test/java/org/apache/jackrabbit/oak/security/principal/AbstractPrincipalProviderTest.java (original) +++ jackrabbit/oak/trunk/oak-core/src/test/java/org/apache/jackrabbit/oak/security/principal/AbstractPrincipalProviderTest.java Thu Mar 14 16:03:13 2019 @@ -416,7 +416,7 @@ public abstract class AbstractPrincipalP } List sub = expected.subList(offset, to); Iterator i1 = principalProvider.findPrincipals("testGroup", -PrincipalManager.SEARCH_TYPE_ALL, offset, limit); +false, PrincipalManager.SEARCH_TYPE_ALL, offset, limit); assertEquals(sub, getNames(i1)); } }
svn commit: r1855533 - in /jackrabbit/oak/trunk: oak-jcr/src/main/java/org/apache/jackrabbit/oak/jcr/delegate/ oak-security-spi/src/main/java/org/apache/jackrabbit/oak/spi/security/principal/ oak-secu
Author: stillalex Date: Thu Mar 14 15:22:57 2019 New Revision: 1855533 URL: http://svn.apache.org/viewvc?rev=1855533=rev Log: OAK-8131 Principal Management APIs full text support Modified: jackrabbit/oak/trunk/oak-jcr/src/main/java/org/apache/jackrabbit/oak/jcr/delegate/PrincipalManagerDelegator.java jackrabbit/oak/trunk/oak-security-spi/src/main/java/org/apache/jackrabbit/oak/spi/security/principal/PrincipalManagerImpl.java jackrabbit/oak/trunk/oak-security-spi/src/main/java/org/apache/jackrabbit/oak/spi/security/principal/PrincipalProvider.java jackrabbit/oak/trunk/oak-security-spi/src/main/java/org/apache/jackrabbit/oak/spi/security/principal/PrincipalQueryManager.java jackrabbit/oak/trunk/oak-security-spi/src/test/java/org/apache/jackrabbit/oak/spi/security/principal/CompositePrincipalProviderTest.java Modified: jackrabbit/oak/trunk/oak-jcr/src/main/java/org/apache/jackrabbit/oak/jcr/delegate/PrincipalManagerDelegator.java URL: http://svn.apache.org/viewvc/jackrabbit/oak/trunk/oak-jcr/src/main/java/org/apache/jackrabbit/oak/jcr/delegate/PrincipalManagerDelegator.java?rev=1855533=1855532=1855533=diff == --- jackrabbit/oak/trunk/oak-jcr/src/main/java/org/apache/jackrabbit/oak/jcr/delegate/PrincipalManagerDelegator.java (original) +++ jackrabbit/oak/trunk/oak-jcr/src/main/java/org/apache/jackrabbit/oak/jcr/delegate/PrincipalManagerDelegator.java Thu Mar 14 15:22:57 2019 @@ -126,13 +126,13 @@ public class PrincipalManagerDelegator i } @Override -public PrincipalIterator findPrincipals(String simpleFilter, int searchType, long offset, long limit) { +public PrincipalIterator findPrincipals(String simpleFilter, boolean fullText, int searchType, long offset, long limit) { return delegate.safePerform(new SessionOperation("findPrincipals") { @NotNull @Override public PrincipalIterator perform() { if (principalManager instanceof PrincipalQueryManager) { -return ((PrincipalQueryManager) principalManager).findPrincipals(simpleFilter, searchType, offset, +return ((PrincipalQueryManager) principalManager).findPrincipals(simpleFilter, fullText, searchType, offset, limit); } else { PrincipalIterator pi = principalManager.findPrincipals(simpleFilter, searchType); Modified: jackrabbit/oak/trunk/oak-security-spi/src/main/java/org/apache/jackrabbit/oak/spi/security/principal/PrincipalManagerImpl.java URL: http://svn.apache.org/viewvc/jackrabbit/oak/trunk/oak-security-spi/src/main/java/org/apache/jackrabbit/oak/spi/security/principal/PrincipalManagerImpl.java?rev=1855533=1855532=1855533=diff == --- jackrabbit/oak/trunk/oak-security-spi/src/main/java/org/apache/jackrabbit/oak/spi/security/principal/PrincipalManagerImpl.java (original) +++ jackrabbit/oak/trunk/oak-security-spi/src/main/java/org/apache/jackrabbit/oak/spi/security/principal/PrincipalManagerImpl.java Thu Mar 14 15:22:57 2019 @@ -80,7 +80,7 @@ public class PrincipalManagerImpl implem } @Override -public PrincipalIterator findPrincipals(String simpleFilter, int searchType, long offset, long limit) { -return new PrincipalIteratorAdapter(principalProvider.findPrincipals(simpleFilter, searchType, offset, limit)); +public PrincipalIterator findPrincipals(String simpleFilter, boolean fullText, int searchType, long offset, long limit) { +return new PrincipalIteratorAdapter(principalProvider.findPrincipals(simpleFilter, fullText, searchType, offset, limit)); } } Modified: jackrabbit/oak/trunk/oak-security-spi/src/main/java/org/apache/jackrabbit/oak/spi/security/principal/PrincipalProvider.java URL: http://svn.apache.org/viewvc/jackrabbit/oak/trunk/oak-security-spi/src/main/java/org/apache/jackrabbit/oak/spi/security/principal/PrincipalProvider.java?rev=1855533=1855532=1855533=diff == --- jackrabbit/oak/trunk/oak-security-spi/src/main/java/org/apache/jackrabbit/oak/spi/security/principal/PrincipalProvider.java (original) +++ jackrabbit/oak/trunk/oak-security-spi/src/main/java/org/apache/jackrabbit/oak/spi/security/principal/PrincipalProvider.java Thu Mar 14 15:22:57 2019 @@ -138,6 +138,7 @@ public interface PrincipalProvider { * Find the principals that match the specified nameHint and search type. * * @param nameHint A name hint to use for non-exact matching. + * @param fullText hint to use a full text query for search * @param searchType Limit the search to certain types of principals. Valid * values are any of * {@link org.apache.jackrabbit.api.security.principal.PrincipalManager#SEARCH_TYPE_ALL} @@ -14
svn commit: r1855340 - in /jackrabbit/oak/trunk/oak-core/src: main/java/org/apache/jackrabbit/oak/security/principal/ test/java/org/apache/jackrabbit/oak/security/principal/ test/java/org/apache/jackr
Author: stillalex Date: Tue Mar 12 18:15:22 2019 New Revision: 1855340 URL: http://svn.apache.org/viewvc?rev=1855340=rev Log: OAK-8125 PrincipalProviderImpl support for range search Modified: jackrabbit/oak/trunk/oak-core/src/main/java/org/apache/jackrabbit/oak/security/principal/PrincipalProviderImpl.java jackrabbit/oak/trunk/oak-core/src/test/java/org/apache/jackrabbit/oak/security/principal/AbstractPrincipalProviderTest.java jackrabbit/oak/trunk/oak-core/src/test/java/org/apache/jackrabbit/oak/security/user/UserPrincipalProviderTest.java Modified: jackrabbit/oak/trunk/oak-core/src/main/java/org/apache/jackrabbit/oak/security/principal/PrincipalProviderImpl.java URL: http://svn.apache.org/viewvc/jackrabbit/oak/trunk/oak-core/src/main/java/org/apache/jackrabbit/oak/security/principal/PrincipalProviderImpl.java?rev=1855340=1855339=1855340=diff == --- jackrabbit/oak/trunk/oak-core/src/main/java/org/apache/jackrabbit/oak/security/principal/PrincipalProviderImpl.java (original) +++ jackrabbit/oak/trunk/oak-core/src/main/java/org/apache/jackrabbit/oak/security/principal/PrincipalProviderImpl.java Tue Mar 12 18:15:22 2019 @@ -25,6 +25,7 @@ import org.apache.jackrabbit.api.securit import org.apache.jackrabbit.api.security.user.Authorizable; import org.apache.jackrabbit.api.security.user.Query; import org.apache.jackrabbit.api.security.user.QueryBuilder; +import org.apache.jackrabbit.api.security.user.QueryBuilder.Direction; import org.apache.jackrabbit.api.security.user.UserManager; import org.apache.jackrabbit.oak.api.Root; import org.apache.jackrabbit.oak.namepath.NamePathMapper; @@ -129,15 +130,29 @@ class PrincipalProviderImpl implements P @NotNull @Override -public Iterator findPrincipals(@Nullable final String nameHint, -final int searchType) { +public Iterator findPrincipals(@Nullable final String nameHint, final int searchType) { +return findPrincipals(nameHint, searchType, 0, -1); +} + +@NotNull +@Override +public Iterator findPrincipals(final String nameHint, final int searchType, long offset, +long limit) { +if (offset < 0) { +offset = 0; +} +if (limit < 0) { +limit = Long.MAX_VALUE; +} try { -Iterator authorizables = findAuthorizables(nameHint, searchType); +Iterator authorizables = findAuthorizables(nameHint, searchType, offset, limit); Iterator principals = Iterators.transform( Iterators.filter(authorizables, Predicates.notNull()), new AuthorizableToPrincipal()); -if (matchesEveryone(nameHint, searchType)) { +// everyone is injected only in complete set, not on pages +boolean noRange = offset == 0 && limit == Long.MAX_VALUE; +if (noRange && matchesEveryone(nameHint, searchType)) { principals = Iterators.concat(principals, Iterators.singletonIterator(EveryonePrincipal.getInstance())); return Iterators.filter(principals, new EveryonePredicate()); } else { @@ -183,12 +198,15 @@ class PrincipalProviderImpl implements P } private Iterator findAuthorizables(@Nullable final String nameHint, - final int searchType) throws RepositoryException { + final int searchType, final long offset, + final long limit) throws RepositoryException { Query userQuery = new Query() { @Override public void build(QueryBuilder builder) { builder.setCondition(builder.like('@' +UserConstants.REP_PRINCIPAL_NAME, buildSearchPattern(nameHint))); builder.setSelector(AuthorizableType.getType(searchType).getAuthorizableClass()); +builder.setSortOrder(UserConstants.REP_PRINCIPAL_NAME, Direction.ASCENDING); +builder.setLimit(offset, limit); } }; return userManager.findAuthorizables(userQuery); Modified: jackrabbit/oak/trunk/oak-core/src/test/java/org/apache/jackrabbit/oak/security/principal/AbstractPrincipalProviderTest.java URL: http://svn.apache.org/viewvc/jackrabbit/oak/trunk/oak-core/src/test/java/org/apache/jackrabbit/oak/security/principal/AbstractPrincipalProviderTest.java?rev=1855340=1855339=1855340=diff == --- jackrabbit/oak/trunk/oak-core/src/test/java/org/apache/jackrabbit/oak/security/principal/AbstractPrincipalProviderTest.java (original) +++ jackrabbit/oak/trunk/oak-core/src/test/java/org/apache/jackrabbit/oak/security/principal/AbstractPrincipalProviderTest.jav
svn commit: r1855333 - in /jackrabbit/oak/trunk/oak-core/src: main/java/org/apache/jackrabbit/oak/security/user/ test/java/org/apache/jackrabbit/oak/security/principal/ test/java/org/apache/jackrabbit
Author: stillalex Date: Tue Mar 12 14:40:14 2019 New Revision: 1855333 URL: http://svn.apache.org/viewvc?rev=1855333=rev Log: OAK-8078 UserPrincipalProvider support for range search Modified: jackrabbit/oak/trunk/oak-core/src/main/java/org/apache/jackrabbit/oak/security/user/UserPrincipalProvider.java jackrabbit/oak/trunk/oak-core/src/test/java/org/apache/jackrabbit/oak/security/principal/AbstractPrincipalProviderTest.java jackrabbit/oak/trunk/oak-core/src/test/java/org/apache/jackrabbit/oak/security/user/UserPrincipalProviderTest.java Modified: jackrabbit/oak/trunk/oak-core/src/main/java/org/apache/jackrabbit/oak/security/user/UserPrincipalProvider.java URL: http://svn.apache.org/viewvc/jackrabbit/oak/trunk/oak-core/src/main/java/org/apache/jackrabbit/oak/security/user/UserPrincipalProvider.java?rev=1855333=1855332=1855333=diff == --- jackrabbit/oak/trunk/oak-core/src/main/java/org/apache/jackrabbit/oak/security/user/UserPrincipalProvider.java (original) +++ jackrabbit/oak/trunk/oak-core/src/main/java/org/apache/jackrabbit/oak/security/user/UserPrincipalProvider.java Tue Mar 12 14:40:14 2019 @@ -155,10 +155,21 @@ class UserPrincipalProvider implements P return principals; } +@Override +public Iterator findPrincipals(final String nameHint, final int searchType) { +return findPrincipals(nameHint, searchType, 0, -1); +} + @NotNull @Override -public Iterator findPrincipals(final String nameHint, -final int searchType) { +public Iterator findPrincipals(final String nameHint, final int searchType, long offset, +long limit) { +if (offset < 0) { +offset = 0; +} +if (limit < 0) { +limit = Long.MAX_VALUE; +} try { AuthorizableType type = AuthorizableType.getType(searchType); StringBuilder statement = new StringBuilder() @@ -166,17 +177,19 @@ class UserPrincipalProvider implements P .append("//element(*,").append(QueryUtil.getNodeTypeName(type)).append(')') .append("[jcr:like(@rep:principalName,'") .append(buildSearchPattern(nameHint)) -.append("')]"); +.append("')] order by @rep:principalName"); Result result = root.getQueryEngine().executeQuery( statement.toString(), javax.jcr.query.Query.XPATH, -NO_BINDINGS, namePathMapper.getSessionLocalMappings()); +limit, offset, NO_BINDINGS, namePathMapper.getSessionLocalMappings()); Iterator principals = Iterators.filter( Iterators.transform(result.getRows().iterator(), new ResultRowToPrincipal()), Predicates.notNull()); -if (matchesEveryone(nameHint, searchType)) { +// everyone is injected only in complete set, not on pages +boolean noRange = offset == 0 && limit == Long.MAX_VALUE; +if (noRange && matchesEveryone(nameHint, searchType)) { principals = Iterators.concat(principals, Iterators.singletonIterator(EveryonePrincipal.getInstance())); return Iterators.filter(principals, new EveryonePredicate()); } else { Modified: jackrabbit/oak/trunk/oak-core/src/test/java/org/apache/jackrabbit/oak/security/principal/AbstractPrincipalProviderTest.java URL: http://svn.apache.org/viewvc/jackrabbit/oak/trunk/oak-core/src/test/java/org/apache/jackrabbit/oak/security/principal/AbstractPrincipalProviderTest.java?rev=1855333=1855332=1855333=diff == --- jackrabbit/oak/trunk/oak-core/src/test/java/org/apache/jackrabbit/oak/security/principal/AbstractPrincipalProviderTest.java (original) +++ jackrabbit/oak/trunk/oak-core/src/test/java/org/apache/jackrabbit/oak/security/principal/AbstractPrincipalProviderTest.java Tue Mar 12 14:40:14 2019 @@ -62,6 +62,9 @@ public abstract class AbstractPrincipalP protected String groupId2; protected Group testGroup2; +protected String groupId3; +protected Group testGroup3; + @Override public void before() throws Exception { super.before(); @@ -73,10 +76,13 @@ public abstract class AbstractPrincipalP testGroup = getUserManager(root).createGroup(groupId); testGroup.addMember(getTestUser()); -groupId2 = "testGroup2" + UUID.randomUUID(); +groupId2 = "testGroup" + UUID.randomUUID() + "2"; testGroup2 = getUserManager(root).createGroup(groupId2); testGroup.addMember(testGroup2); +groupId3 = "testGroup" + UUID.random
svn commit: r1854982 - in /jackrabbit/oak/trunk: oak-auth-external/src/main/java/org/apache/jackrabbit/oak/spi/security/authentication/external/impl/ oak-benchmarks/src/main/java/org/apache/jackrabbit
Author: stillalex Date: Thu Mar 7 14:15:14 2019 New Revision: 1854982 URL: http://svn.apache.org/viewvc?rev=1854982=rev Log: OAK-8102 LoginModule error metrics Added: jackrabbit/oak/trunk/oak-security-spi/src/main/java/org/apache/jackrabbit/oak/spi/security/authentication/LoginModuleMBean.java (with props) jackrabbit/oak/trunk/oak-security-spi/src/main/java/org/apache/jackrabbit/oak/spi/security/authentication/LoginModuleMonitor.java (with props) jackrabbit/oak/trunk/oak-security-spi/src/main/java/org/apache/jackrabbit/oak/spi/security/authentication/LoginModuleStats.java (with props) jackrabbit/oak/trunk/oak-security-spi/src/main/java/org/apache/jackrabbit/oak/spi/security/authentication/LoginModuleStatsCollector.java (with props) jackrabbit/oak/trunk/oak-security-spi/src/test/java/org/apache/jackrabbit/oak/spi/security/authentication/LoginModuleStatsTest.java (with props) jackrabbit/oak/trunk/oak-security-spi/src/test/resources/ jackrabbit/oak/trunk/oak-security-spi/src/test/resources/logback-test.xml (with props) Modified: jackrabbit/oak/trunk/oak-auth-external/src/main/java/org/apache/jackrabbit/oak/spi/security/authentication/external/impl/ExternalLoginModule.java jackrabbit/oak/trunk/oak-benchmarks/src/main/java/org/apache/jackrabbit/oak/benchmark/BenchmarkRunner.java jackrabbit/oak/trunk/oak-benchmarks/src/main/java/org/apache/jackrabbit/oak/benchmark/authentication/external/ExternalLoginTest.java jackrabbit/oak/trunk/oak-core/src/main/java/org/apache/jackrabbit/oak/security/authentication/AuthenticationConfigurationImpl.java jackrabbit/oak/trunk/oak-core/src/main/java/org/apache/jackrabbit/oak/security/authentication/CallbackHandlerImpl.java jackrabbit/oak/trunk/oak-core/src/main/java/org/apache/jackrabbit/oak/security/authentication/LoginContextProviderImpl.java jackrabbit/oak/trunk/oak-core/src/main/java/org/apache/jackrabbit/oak/security/authentication/token/TokenLoginModule.java jackrabbit/oak/trunk/oak-core/src/main/java/org/apache/jackrabbit/oak/security/authentication/token/TokenProviderImpl.java jackrabbit/oak/trunk/oak-core/src/main/java/org/apache/jackrabbit/oak/security/authentication/user/LoginModuleImpl.java jackrabbit/oak/trunk/oak-core/src/main/java/org/apache/jackrabbit/oak/security/internal/SecurityProviderRegistration.java jackrabbit/oak/trunk/oak-core/src/test/java/org/apache/jackrabbit/oak/security/authentication/CallbackHandlerImplTest.java jackrabbit/oak/trunk/oak-core/src/test/java/org/apache/jackrabbit/oak/security/authentication/LoginContextProviderImplTest.java jackrabbit/oak/trunk/oak-security-spi/pom.xml jackrabbit/oak/trunk/oak-security-spi/src/main/java/org/apache/jackrabbit/oak/spi/security/authentication/AbstractLoginModule.java jackrabbit/oak/trunk/oak-security-spi/src/main/java/org/apache/jackrabbit/oak/spi/security/authentication/callback/RepositoryCallback.java jackrabbit/oak/trunk/oak-security-spi/src/main/java/org/apache/jackrabbit/oak/spi/security/authentication/callback/package-info.java jackrabbit/oak/trunk/oak-security-spi/src/main/java/org/apache/jackrabbit/oak/spi/security/authentication/package-info.java jackrabbit/oak/trunk/oak-security-spi/src/test/java/org/apache/jackrabbit/oak/spi/security/authentication/AbstractLoginModuleTest.java Modified: jackrabbit/oak/trunk/oak-auth-external/src/main/java/org/apache/jackrabbit/oak/spi/security/authentication/external/impl/ExternalLoginModule.java URL: http://svn.apache.org/viewvc/jackrabbit/oak/trunk/oak-auth-external/src/main/java/org/apache/jackrabbit/oak/spi/security/authentication/external/impl/ExternalLoginModule.java?rev=1854982=1854981=1854982=diff == --- jackrabbit/oak/trunk/oak-auth-external/src/main/java/org/apache/jackrabbit/oak/spi/security/authentication/external/impl/ExternalLoginModule.java (original) +++ jackrabbit/oak/trunk/oak-auth-external/src/main/java/org/apache/jackrabbit/oak/spi/security/authentication/external/impl/ExternalLoginModule.java Thu Mar 7 14:15:14 2019 @@ -246,12 +246,14 @@ public class ExternalLoginModule extends } } catch (ExternalIdentityException e) { log.error("Error while authenticating '{}' with {}", logId, idp.getName(), e); +onError(); return false; } catch (LoginException e) { log.debug("IDP {} throws login exception for '{}': {}", idp.getName(), logId, e.getMessage()); throw e; -} catch (Exception e) { -log.debug("SyncHandler {} throws sync exception for '{}'", syncHandler.getName(), logId, e); +} catch (SyncException | RepositoryException e) { +onError(); +log.error("SyncHandler {} throws sync exception for '{}'", syncHandler.getName(), logId,
svn commit: r1854577 - in /jackrabbit/oak/branches/1.10: ./ oak-core/src/main/java/org/apache/jackrabbit/oak/plugins/version/VersionStorageEditor.java oak-it/src/test/java/org/apache/jackrabbit/oak/In
Author: stillalex Date: Fri Mar 1 11:43:39 2019 New Revision: 1854577 URL: http://svn.apache.org/viewvc?rev=1854577=rev Log: OAK-8095 VersionStorageEditor can prevent upgrade of version store Modified: jackrabbit/oak/branches/1.10/ (props changed) jackrabbit/oak/branches/1.10/oak-core/src/main/java/org/apache/jackrabbit/oak/plugins/version/VersionStorageEditor.java jackrabbit/oak/branches/1.10/oak-it/src/test/java/org/apache/jackrabbit/oak/InitialContentTest.java Propchange: jackrabbit/oak/branches/1.10/ -- --- svn:mergeinfo (original) +++ svn:mergeinfo Fri Mar 1 11:43:39 2019 @@ -1,3 +1,3 @@ /jackrabbit/oak/branches/1.0:1665962 -/jackrabbit/oak/trunk:1850874,1850882,1851236,1851253,1851451,1852052,1852084,1852120,1852451,1852492-1852493,1852528,1852582,1852584,1852601,1852920,1853141,1853229,1853393,1853429,1853433,1853441,1853866,1853868,1853870,1853893,1853969,1853997,1854034,1854044,1854058,1854113,1854373,1854377,1854380,1854385,1854401,1854403,1854462,1854466,1854468,1854515 +/jackrabbit/oak/trunk:1850874,1850882,1851236,1851253,1851451,1852052,1852084,1852120,1852451,1852492-1852493,1852528,1852582,1852584,1852601,1852920,1853141,1853229,1853393,1853429,1853433,1853441,1853866,1853868,1853870,1853893,1853969,1853997,1854034,1854044,1854058,1854113,1854373,1854377,1854380,1854385,1854401,1854403,1854462,1854466,1854468,1854515,1854533 /jackrabbit/trunk:1345480 Modified: jackrabbit/oak/branches/1.10/oak-core/src/main/java/org/apache/jackrabbit/oak/plugins/version/VersionStorageEditor.java URL: http://svn.apache.org/viewvc/jackrabbit/oak/branches/1.10/oak-core/src/main/java/org/apache/jackrabbit/oak/plugins/version/VersionStorageEditor.java?rev=1854577=1854576=1854577=diff == --- jackrabbit/oak/branches/1.10/oak-core/src/main/java/org/apache/jackrabbit/oak/plugins/version/VersionStorageEditor.java (original) +++ jackrabbit/oak/branches/1.10/oak-core/src/main/java/org/apache/jackrabbit/oak/plugins/version/VersionStorageEditor.java Fri Mar 1 11:43:39 2019 @@ -54,17 +54,19 @@ class VersionStorageEditor extends Defau VersionStorageEditor(@NotNull NodeBuilder versionStorageNode, @NotNull NodeBuilder workspaceRoot) { this(versionStorageNode, workspaceRoot, versionStorageNode, -VERSION_STORE_PATH); +VERSION_STORE_PATH, false); } private VersionStorageEditor(@NotNull NodeBuilder versionStorageNode, @NotNull NodeBuilder workspaceRoot, @NotNull NodeBuilder builder, - @NotNull String path) { + @NotNull String path, + boolean initPhase) { this.versionStorageNode = checkNotNull(versionStorageNode); this.workspaceRoot = checkNotNull(workspaceRoot); this.builder = checkNotNull(builder); this.path = checkNotNull(path); +this.initPhase = initPhase; } @Override @@ -88,8 +90,7 @@ class VersionStorageEditor extends Defau if (d < VERSION_HISTORY_DEPTH && !isVersionStorageNode(after)) { return null; } -return new VersionStorageEditor(versionStorageNode, workspaceRoot, -builder.child(name), p); +return new VersionStorageEditor(versionStorageNode, workspaceRoot, builder.child(name), p, initPhase); } @Override Modified: jackrabbit/oak/branches/1.10/oak-it/src/test/java/org/apache/jackrabbit/oak/InitialContentTest.java URL: http://svn.apache.org/viewvc/jackrabbit/oak/branches/1.10/oak-it/src/test/java/org/apache/jackrabbit/oak/InitialContentTest.java?rev=1854577=1854576=1854577=diff == --- jackrabbit/oak/branches/1.10/oak-it/src/test/java/org/apache/jackrabbit/oak/InitialContentTest.java (original) +++ jackrabbit/oak/branches/1.10/oak-it/src/test/java/org/apache/jackrabbit/oak/InitialContentTest.java Fri Mar 1 11:43:39 2019 @@ -26,6 +26,7 @@ import org.apache.jackrabbit.oak.plugins import org.apache.jackrabbit.oak.spi.commit.CommitInfo; import org.apache.jackrabbit.oak.spi.state.NodeBuilder; import org.apache.jackrabbit.oak.spi.state.NodeState; +import org.apache.jackrabbit.oak.spi.state.NodeStateUtils; import org.apache.jackrabbit.oak.spi.version.VersionConstants; import org.junit.Test; @@ -77,6 +78,27 @@ public class InitialContentTest implemen NodeBuilder builder = before.builder(); new InitialContent().withPrePopulatedVersionStore().initialize(builder); NodeState after = builder.getNodeState(); +new VersionHook().processCommit(before, after, CommitInfo.EMPTY); +} + + +@Test +public void validatePrePopulatedNonEmpty() throw
svn commit: r1854533 - in /jackrabbit/oak/trunk: oak-core/src/main/java/org/apache/jackrabbit/oak/plugins/version/VersionStorageEditor.java oak-it/src/test/java/org/apache/jackrabbit/oak/InitialConten
Author: stillalex Date: Thu Feb 28 15:14:36 2019 New Revision: 1854533 URL: http://svn.apache.org/viewvc?rev=1854533=rev Log: OAK-8095 VersionStorageEditor can prevent upgrade of version store Modified: jackrabbit/oak/trunk/oak-core/src/main/java/org/apache/jackrabbit/oak/plugins/version/VersionStorageEditor.java jackrabbit/oak/trunk/oak-it/src/test/java/org/apache/jackrabbit/oak/InitialContentTest.java Modified: jackrabbit/oak/trunk/oak-core/src/main/java/org/apache/jackrabbit/oak/plugins/version/VersionStorageEditor.java URL: http://svn.apache.org/viewvc/jackrabbit/oak/trunk/oak-core/src/main/java/org/apache/jackrabbit/oak/plugins/version/VersionStorageEditor.java?rev=1854533=1854532=1854533=diff == --- jackrabbit/oak/trunk/oak-core/src/main/java/org/apache/jackrabbit/oak/plugins/version/VersionStorageEditor.java (original) +++ jackrabbit/oak/trunk/oak-core/src/main/java/org/apache/jackrabbit/oak/plugins/version/VersionStorageEditor.java Thu Feb 28 15:14:36 2019 @@ -54,17 +54,19 @@ class VersionStorageEditor extends Defau VersionStorageEditor(@NotNull NodeBuilder versionStorageNode, @NotNull NodeBuilder workspaceRoot) { this(versionStorageNode, workspaceRoot, versionStorageNode, -VERSION_STORE_PATH); +VERSION_STORE_PATH, false); } private VersionStorageEditor(@NotNull NodeBuilder versionStorageNode, @NotNull NodeBuilder workspaceRoot, @NotNull NodeBuilder builder, - @NotNull String path) { + @NotNull String path, + boolean initPhase) { this.versionStorageNode = checkNotNull(versionStorageNode); this.workspaceRoot = checkNotNull(workspaceRoot); this.builder = checkNotNull(builder); this.path = checkNotNull(path); +this.initPhase = initPhase; } @Override @@ -88,8 +90,7 @@ class VersionStorageEditor extends Defau if (d < VERSION_HISTORY_DEPTH && !isVersionStorageNode(after)) { return null; } -return new VersionStorageEditor(versionStorageNode, workspaceRoot, -builder.child(name), p); +return new VersionStorageEditor(versionStorageNode, workspaceRoot, builder.child(name), p, initPhase); } @Override Modified: jackrabbit/oak/trunk/oak-it/src/test/java/org/apache/jackrabbit/oak/InitialContentTest.java URL: http://svn.apache.org/viewvc/jackrabbit/oak/trunk/oak-it/src/test/java/org/apache/jackrabbit/oak/InitialContentTest.java?rev=1854533=1854532=1854533=diff == --- jackrabbit/oak/trunk/oak-it/src/test/java/org/apache/jackrabbit/oak/InitialContentTest.java (original) +++ jackrabbit/oak/trunk/oak-it/src/test/java/org/apache/jackrabbit/oak/InitialContentTest.java Thu Feb 28 15:14:36 2019 @@ -26,6 +26,7 @@ import org.apache.jackrabbit.oak.plugins import org.apache.jackrabbit.oak.spi.commit.CommitInfo; import org.apache.jackrabbit.oak.spi.state.NodeBuilder; import org.apache.jackrabbit.oak.spi.state.NodeState; +import org.apache.jackrabbit.oak.spi.state.NodeStateUtils; import org.apache.jackrabbit.oak.spi.version.VersionConstants; import org.junit.Test; @@ -77,6 +78,27 @@ public class InitialContentTest implemen NodeBuilder builder = before.builder(); new InitialContent().withPrePopulatedVersionStore().initialize(builder); NodeState after = builder.getNodeState(); +new VersionHook().processCommit(before, after, CommitInfo.EMPTY); +} + + +@Test +public void validatePrePopulatedNonEmpty() throws Exception { +NodeState init = EMPTY_NODE; +NodeBuilder builderI = init.builder(); + +// create a partial version storage structure +new InitialContent().withPrePopulatedVersionStore().initialize(builderI); +NodeBuilder versionStorage = builderI.child(JCR_SYSTEM).child(JCR_VERSIONSTORAGE); +versionStorage.removeProperty(VERSION_STORE_INIT); +versionStorage.getChildNode("00").getChildNode("00").remove(); +versionStorage.getChildNode("01").getChildNode("00").remove(); +versionStorage.getChildNode("02").remove(); + +NodeState before = builderI.getNodeState(); +NodeBuilder builder = before.builder(); +new InitialContent().withPrePopulatedVersionStore().initialize(builder); +NodeState after = builder.getNodeState(); new VersionHook().processCommit(before, after, CommitInfo.EMPTY); } }
svn commit: r1854316 - in /jackrabbit/oak/trunk/oak-benchmarks/src/main/java/org/apache/jackrabbit/oak/benchmark: BenchmarkRunner.java authentication/external/AbstractExternalTest.java authentication/
Author: stillalex Date: Mon Feb 25 15:18:55 2019 New Revision: 1854316 URL: http://svn.apache.org/viewvc?rev=1854316=rev Log: OAK-8053 Add intermediate report to ExternalLoginTest Modified: jackrabbit/oak/trunk/oak-benchmarks/src/main/java/org/apache/jackrabbit/oak/benchmark/BenchmarkRunner.java jackrabbit/oak/trunk/oak-benchmarks/src/main/java/org/apache/jackrabbit/oak/benchmark/authentication/external/AbstractExternalTest.java jackrabbit/oak/trunk/oak-benchmarks/src/main/java/org/apache/jackrabbit/oak/benchmark/authentication/external/ExternalLoginTest.java Modified: jackrabbit/oak/trunk/oak-benchmarks/src/main/java/org/apache/jackrabbit/oak/benchmark/BenchmarkRunner.java URL: http://svn.apache.org/viewvc/jackrabbit/oak/trunk/oak-benchmarks/src/main/java/org/apache/jackrabbit/oak/benchmark/BenchmarkRunner.java?rev=1854316=1854315=1854316=diff == --- jackrabbit/oak/trunk/oak-benchmarks/src/main/java/org/apache/jackrabbit/oak/benchmark/BenchmarkRunner.java (original) +++ jackrabbit/oak/trunk/oak-benchmarks/src/main/java/org/apache/jackrabbit/oak/benchmark/BenchmarkRunner.java Mon Feb 25 15:18:55 2019 @@ -486,7 +486,9 @@ public class BenchmarkRunner { new ReplicaCrashResilienceTest(), // benchmarks for oak-auth-external -new ExternalLoginTest(numberOfUsers.value(options), numberOfGroups.value(options), expiration.value(options), dynamicMembership.value(options), autoMembership.values(options)), +new ExternalLoginTest(numberOfUsers.value(options), numberOfGroups.value(options), +expiration.value(options), dynamicMembership.value(options), autoMembership.values(options), +report.value(options)), new SyncAllExternalUsersTest(numberOfUsers.value(options), numberOfGroups.value(options), expiration.value(options), dynamicMembership.value(options), autoMembership.values(options)), new SyncAllUsersTest(numberOfUsers.value(options), numberOfGroups.value(options), expiration.value(options), dynamicMembership.value(options), autoMembership.values(options)), new SyncExternalUsersTest(numberOfUsers.value(options), numberOfGroups.value(options), expiration.value(options), dynamicMembership.value(options), autoMembership.values(options), batchSize.value(options)), Modified: jackrabbit/oak/trunk/oak-benchmarks/src/main/java/org/apache/jackrabbit/oak/benchmark/authentication/external/AbstractExternalTest.java URL: http://svn.apache.org/viewvc/jackrabbit/oak/trunk/oak-benchmarks/src/main/java/org/apache/jackrabbit/oak/benchmark/authentication/external/AbstractExternalTest.java?rev=1854316=1854315=1854316=diff == --- jackrabbit/oak/trunk/oak-benchmarks/src/main/java/org/apache/jackrabbit/oak/benchmark/authentication/external/AbstractExternalTest.java (original) +++ jackrabbit/oak/trunk/oak-benchmarks/src/main/java/org/apache/jackrabbit/oak/benchmark/authentication/external/AbstractExternalTest.java Mon Feb 25 15:18:55 2019 @@ -91,7 +91,8 @@ abstract class AbstractExternalTest exte private static final String PATH_PREFIX = "pathPrefix"; -private final Random random = new Random(); +protected final long seed = Long.getLong("seed", System.currentTimeMillis()); +private final Random random = new Random(seed); private final ExternalPrincipalConfiguration externalPrincipalConfiguration = new ExternalPrincipalConfiguration(); private ContentRepository contentRepository; Modified: jackrabbit/oak/trunk/oak-benchmarks/src/main/java/org/apache/jackrabbit/oak/benchmark/authentication/external/ExternalLoginTest.java URL: http://svn.apache.org/viewvc/jackrabbit/oak/trunk/oak-benchmarks/src/main/java/org/apache/jackrabbit/oak/benchmark/authentication/external/ExternalLoginTest.java?rev=1854316=1854315=1854316=diff == --- jackrabbit/oak/trunk/oak-benchmarks/src/main/java/org/apache/jackrabbit/oak/benchmark/authentication/external/ExternalLoginTest.java (original) +++ jackrabbit/oak/trunk/oak-benchmarks/src/main/java/org/apache/jackrabbit/oak/benchmark/authentication/external/ExternalLoginTest.java Mon Feb 25 15:18:55 2019 @@ -16,7 +16,10 @@ */ package org.apache.jackrabbit.oak.benchmark.authentication.external; +import java.util.HashSet; import java.util.List; +import java.util.Set; + import javax.jcr.SimpleCredentials; import javax.security.auth.login.AppConfigurationEntry; import javax.security.auth.login.Configuration; @@ -30,7 +33,6 @@ import org.apache.jackrabbit.oak.spi.sec import org.jetbrains.annotations.NotNull; import static javax.security.auth.login.AppConfigurationEntry.LoginModuleControlFlag.SUFFIC
svn commit: r1854314 - in /jackrabbit/oak/trunk: oak-jcr/src/main/java/org/apache/jackrabbit/oak/jcr/delegate/ oak-security-spi/src/main/java/org/apache/jackrabbit/oak/spi/security/principal/ oak-secu
Author: stillalex Date: Mon Feb 25 14:24:41 2019 New Revision: 1854314 URL: http://svn.apache.org/viewvc?rev=1854314=rev Log: OAK-7994 Principal Management APIs don't allow for search pagination Added: jackrabbit/oak/trunk/oak-security-spi/src/main/java/org/apache/jackrabbit/oak/spi/security/principal/PrincipalQueryManager.java (with props) Modified: jackrabbit/oak/trunk/oak-jcr/src/main/java/org/apache/jackrabbit/oak/jcr/delegate/PrincipalManagerDelegator.java jackrabbit/oak/trunk/oak-security-spi/src/main/java/org/apache/jackrabbit/oak/spi/security/principal/PrincipalManagerImpl.java jackrabbit/oak/trunk/oak-security-spi/src/main/java/org/apache/jackrabbit/oak/spi/security/principal/PrincipalProvider.java jackrabbit/oak/trunk/oak-security-spi/src/main/java/org/apache/jackrabbit/oak/spi/security/principal/package-info.java jackrabbit/oak/trunk/oak-security-spi/src/test/java/org/apache/jackrabbit/oak/spi/security/principal/CompositePrincipalProviderTest.java Modified: jackrabbit/oak/trunk/oak-jcr/src/main/java/org/apache/jackrabbit/oak/jcr/delegate/PrincipalManagerDelegator.java URL: http://svn.apache.org/viewvc/jackrabbit/oak/trunk/oak-jcr/src/main/java/org/apache/jackrabbit/oak/jcr/delegate/PrincipalManagerDelegator.java?rev=1854314=1854313=1854314=diff == --- jackrabbit/oak/trunk/oak-jcr/src/main/java/org/apache/jackrabbit/oak/jcr/delegate/PrincipalManagerDelegator.java (original) +++ jackrabbit/oak/trunk/oak-jcr/src/main/java/org/apache/jackrabbit/oak/jcr/delegate/PrincipalManagerDelegator.java Mon Feb 25 14:24:41 2019 @@ -26,6 +26,7 @@ import javax.jcr.RepositoryException; import org.apache.jackrabbit.api.security.principal.PrincipalIterator; import org.apache.jackrabbit.api.security.principal.PrincipalManager; import org.apache.jackrabbit.oak.jcr.session.operation.SessionOperation; +import org.apache.jackrabbit.oak.spi.security.principal.PrincipalQueryManager; import org.jetbrains.annotations.NotNull; /** @@ -34,7 +35,7 @@ import org.jetbrains.annotations.NotNull * * @see SessionDelegate#perform(SessionOperation) */ -public class PrincipalManagerDelegator implements PrincipalManager { +public class PrincipalManagerDelegator implements PrincipalManager, PrincipalQueryManager { private final SessionDelegate delegate; private final PrincipalManager principalManager; @@ -123,4 +124,22 @@ public class PrincipalManagerDelegator i } }); } + +@Override +public PrincipalIterator findPrincipals(String simpleFilter, int searchType, long offset, long limit) { +return delegate.safePerform(new SessionOperation("findPrincipals") { +@NotNull +@Override +public PrincipalIterator perform() { +if (principalManager instanceof PrincipalQueryManager) { +return ((PrincipalQueryManager) principalManager).findPrincipals(simpleFilter, searchType, offset, +limit); +} else { +PrincipalIterator pi = principalManager.findPrincipals(simpleFilter, searchType); +pi.skip(offset); +return pi; +} +} +}); +} } Modified: jackrabbit/oak/trunk/oak-security-spi/src/main/java/org/apache/jackrabbit/oak/spi/security/principal/PrincipalManagerImpl.java URL: http://svn.apache.org/viewvc/jackrabbit/oak/trunk/oak-security-spi/src/main/java/org/apache/jackrabbit/oak/spi/security/principal/PrincipalManagerImpl.java?rev=1854314=1854313=1854314=diff == --- jackrabbit/oak/trunk/oak-security-spi/src/main/java/org/apache/jackrabbit/oak/spi/security/principal/PrincipalManagerImpl.java (original) +++ jackrabbit/oak/trunk/oak-security-spi/src/main/java/org/apache/jackrabbit/oak/spi/security/principal/PrincipalManagerImpl.java Mon Feb 25 14:24:41 2019 @@ -25,7 +25,7 @@ import org.jetbrains.annotations.Nullabl /** * Default implementation of the {@code PrincipalManager} interface. */ -public class PrincipalManagerImpl implements PrincipalManager { +public class PrincipalManagerImpl implements PrincipalQueryManager, PrincipalManager { private final PrincipalProvider principalProvider; @@ -78,4 +78,9 @@ public class PrincipalManagerImpl implem } return everyone; } + +@Override +public PrincipalIterator findPrincipals(String simpleFilter, int searchType, long offset, long limit) { +return new PrincipalIteratorAdapter(principalProvider.findPrincipals(simpleFilter, searchType, offset, limit)); +} } Modified: jackrabbit/oak/trunk/oak-security-spi/src/main/java/org/apache/jackrabbit/oak/spi/security/principal/PrincipalProvider.java URL: http://svn.apache.org/viewvc/jackrabbit/oak/trunk/oak-security-spi/src
svn commit: r1854053 - in /jackrabbit/oak/branches/1.10: ./ oak-core/src/main/java/org/apache/jackrabbit/oak/security/user/ oak-core/src/test/java/org/apache/jackrabbit/oak/security/user/
Author: stillalex Date: Thu Feb 21 14:44:15 2019 New Revision: 1854053 URL: http://svn.apache.org/viewvc?rev=1854053=rev Log: OAK-8054 RepMembersConflictHandler creates property with wrong type - backport Modified: jackrabbit/oak/branches/1.10/ (props changed) jackrabbit/oak/branches/1.10/oak-core/src/main/java/org/apache/jackrabbit/oak/security/user/RepMembersConflictHandler.java jackrabbit/oak/branches/1.10/oak-core/src/test/java/org/apache/jackrabbit/oak/security/user/GroupImplTest.java jackrabbit/oak/branches/1.10/oak-core/src/test/java/org/apache/jackrabbit/oak/security/user/RepMembersConflictHandlerTest.java Propchange: jackrabbit/oak/branches/1.10/ -- --- svn:mergeinfo (original) +++ svn:mergeinfo Thu Feb 21 14:44:15 2019 @@ -1,3 +1,3 @@ /jackrabbit/oak/branches/1.0:1665962 -/jackrabbit/oak/trunk:1851236,1851253,1851451,1852052,1852084,1852120,1852451,1852492-1852493,1852528,1852582,1852584,1852920,1853393,1853429,1853433,1853441,1853866,1853870,1853893,1853969,1853997 +/jackrabbit/oak/trunk:1851236,1851253,1851451,1852052,1852084,1852120,1852451,1852492-1852493,1852528,1852582,1852584,1852920,1853393,1853429,1853433,1853441,1853866,1853868,1853870,1853893,1853969,1853997 /jackrabbit/trunk:1345480 Modified: jackrabbit/oak/branches/1.10/oak-core/src/main/java/org/apache/jackrabbit/oak/security/user/RepMembersConflictHandler.java URL: http://svn.apache.org/viewvc/jackrabbit/oak/branches/1.10/oak-core/src/main/java/org/apache/jackrabbit/oak/security/user/RepMembersConflictHandler.java?rev=1854053=1854052=1854053=diff == --- jackrabbit/oak/branches/1.10/oak-core/src/main/java/org/apache/jackrabbit/oak/security/user/RepMembersConflictHandler.java (original) +++ jackrabbit/oak/branches/1.10/oak-core/src/main/java/org/apache/jackrabbit/oak/security/user/RepMembersConflictHandler.java Thu Feb 21 14:44:15 2019 @@ -18,8 +18,10 @@ */ package org.apache.jackrabbit.oak.security.user; +import java.util.LinkedHashSet; import java.util.Set; +import org.apache.jackrabbit.JcrConstants; import org.apache.jackrabbit.oak.api.PropertyState; import org.apache.jackrabbit.oak.api.Type; import org.apache.jackrabbit.oak.plugins.memory.PropertyBuilder; @@ -29,6 +31,7 @@ import org.apache.jackrabbit.oak.spi.sta import org.apache.jackrabbit.oak.spi.state.NodeState; import org.jetbrains.annotations.NotNull; +import com.google.common.collect.ImmutableSet; import com.google.common.collect.Sets; /** @@ -37,10 +40,14 @@ import com.google.common.collect.Sets; * * The conflict handler deals with the following conflicts: * - * {@code addExistingProperty} : {@code Resolution.MERGED}, + * {@code addExistingProperty} : {@code Resolution.MERGED}. * {@code changeDeletedProperty}: {@code Resolution.THEIRS}, removing the members property takes precedence. * {@code changeChangedProperty}: {@code Resolution.MERGED}, merge of the 2 members sets into a single one * {@code deleteChangedProperty}: {@code Resolution.OURS} removing the members property takes precedence. + * {@code deleteDeletedProperty}: {@code Resolution.MERGED}. + * {@code changeDeletedNode}: {@code Resolution.THEIRS}, removal takes precedence. + * {@code deleteChangedNode}: {@code Resolution.OURS}, removal takes precedence. + * {@code deleteDeletedNode}: {@code Resolution.MERGED}. * */ class RepMembersConflictHandler implements ThreeWayConflictHandler { @@ -50,7 +57,7 @@ class RepMembersConflictHandler implemen public Resolution addExistingProperty(@NotNull NodeBuilder parent, @NotNull PropertyState ours, @NotNull PropertyState theirs) { if (isRepMembersProperty(theirs)) { -mergeChange(parent, ours, theirs,Sets.newHashSet()); +mergeChange(parent, ours, theirs, ImmutableSet.of()); return Resolution.MERGED; } else { return Resolution.IGNORED; @@ -74,7 +81,7 @@ class RepMembersConflictHandler implemen public Resolution changeChangedProperty(@NotNull NodeBuilder parent, @NotNull PropertyState ours, @NotNull PropertyState theirs, @NotNull PropertyState base) { if (isRepMembersProperty(theirs)) { -Set baseMembers = Sets.newHashSet(base.getValue(Type.STRINGS)); +Set baseMembers = ImmutableSet.copyOf(base.getValue(Type.STRINGS)); mergeChange(parent, ours, theirs, baseMembers); return Resolution.MERGED; } else { @@ -85,8 +92,12 @@ class RepMembersConflictHandler implemen @NotNull @Override public Resolution deleteDeletedProperty(@NotNull NodeBuilder parent, @NotNull PropertyState base) { -// both are removing the members property, ignoring -return Resolution.IGNORED; +if (isRepMembersProperty(base
svn commit: r1853868 - in /jackrabbit/oak/trunk/oak-core/src: main/java/org/apache/jackrabbit/oak/security/user/ test/java/org/apache/jackrabbit/oak/security/user/
Author: stillalex Date: Tue Feb 19 09:38:03 2019 New Revision: 1853868 URL: http://svn.apache.org/viewvc?rev=1853868=rev Log: OAK-8054 RepMembersConflictHandler creates property with wrong type Modified: jackrabbit/oak/trunk/oak-core/src/main/java/org/apache/jackrabbit/oak/security/user/RepMembersConflictHandler.java jackrabbit/oak/trunk/oak-core/src/test/java/org/apache/jackrabbit/oak/security/user/GroupImplTest.java jackrabbit/oak/trunk/oak-core/src/test/java/org/apache/jackrabbit/oak/security/user/RepMembersConflictHandlerTest.java Modified: jackrabbit/oak/trunk/oak-core/src/main/java/org/apache/jackrabbit/oak/security/user/RepMembersConflictHandler.java URL: http://svn.apache.org/viewvc/jackrabbit/oak/trunk/oak-core/src/main/java/org/apache/jackrabbit/oak/security/user/RepMembersConflictHandler.java?rev=1853868=1853867=1853868=diff == --- jackrabbit/oak/trunk/oak-core/src/main/java/org/apache/jackrabbit/oak/security/user/RepMembersConflictHandler.java (original) +++ jackrabbit/oak/trunk/oak-core/src/main/java/org/apache/jackrabbit/oak/security/user/RepMembersConflictHandler.java Tue Feb 19 09:38:03 2019 @@ -18,8 +18,10 @@ */ package org.apache.jackrabbit.oak.security.user; +import java.util.LinkedHashSet; import java.util.Set; +import org.apache.jackrabbit.JcrConstants; import org.apache.jackrabbit.oak.api.PropertyState; import org.apache.jackrabbit.oak.api.Type; import org.apache.jackrabbit.oak.plugins.memory.PropertyBuilder; @@ -29,6 +31,7 @@ import org.apache.jackrabbit.oak.spi.sta import org.apache.jackrabbit.oak.spi.state.NodeState; import org.jetbrains.annotations.NotNull; +import com.google.common.collect.ImmutableSet; import com.google.common.collect.Sets; /** @@ -37,10 +40,14 @@ import com.google.common.collect.Sets; * * The conflict handler deals with the following conflicts: * - * {@code addExistingProperty} : {@code Resolution.MERGED}, + * {@code addExistingProperty} : {@code Resolution.MERGED}. * {@code changeDeletedProperty}: {@code Resolution.THEIRS}, removing the members property takes precedence. * {@code changeChangedProperty}: {@code Resolution.MERGED}, merge of the 2 members sets into a single one * {@code deleteChangedProperty}: {@code Resolution.OURS} removing the members property takes precedence. + * {@code deleteDeletedProperty}: {@code Resolution.MERGED}. + * {@code changeDeletedNode}: {@code Resolution.THEIRS}, removal takes precedence. + * {@code deleteChangedNode}: {@code Resolution.OURS}, removal takes precedence. + * {@code deleteDeletedNode}: {@code Resolution.MERGED}. * */ class RepMembersConflictHandler implements ThreeWayConflictHandler { @@ -50,7 +57,7 @@ class RepMembersConflictHandler implemen public Resolution addExistingProperty(@NotNull NodeBuilder parent, @NotNull PropertyState ours, @NotNull PropertyState theirs) { if (isRepMembersProperty(theirs)) { -mergeChange(parent, ours, theirs,Sets.newHashSet()); +mergeChange(parent, ours, theirs, ImmutableSet.of()); return Resolution.MERGED; } else { return Resolution.IGNORED; @@ -74,7 +81,7 @@ class RepMembersConflictHandler implemen public Resolution changeChangedProperty(@NotNull NodeBuilder parent, @NotNull PropertyState ours, @NotNull PropertyState theirs, @NotNull PropertyState base) { if (isRepMembersProperty(theirs)) { -Set baseMembers = Sets.newHashSet(base.getValue(Type.STRINGS)); +Set baseMembers = ImmutableSet.copyOf(base.getValue(Type.STRINGS)); mergeChange(parent, ours, theirs, baseMembers); return Resolution.MERGED; } else { @@ -85,8 +92,12 @@ class RepMembersConflictHandler implemen @NotNull @Override public Resolution deleteDeletedProperty(@NotNull NodeBuilder parent, @NotNull PropertyState base) { -// both are removing the members property, ignoring -return Resolution.IGNORED; +if (isRepMembersProperty(base)) { +// both are removing the members property +return Resolution.MERGED; +} else { +return Resolution.IGNORED; +} } @NotNull @@ -101,7 +112,6 @@ class RepMembersConflictHandler implemen } } - @NotNull @Override public Resolution addExistingNode(@NotNull NodeBuilder parent, @NotNull String name, @NotNull NodeState ours, @@ -113,33 +123,45 @@ class RepMembersConflictHandler implemen @Override public Resolution changeDeletedNode(@NotNull NodeBuilder parent, @NotNull String name, @NotNull NodeState ours, @NotNull NodeState base) { -return Resolution.IGNORED; +if (isMemberRefType(base)) { +return Resolution.THEIRS; +} else { +return
svn commit: r1853228 - /jackrabbit/oak/trunk/oak-core/src/main/java/org/apache/jackrabbit/oak/security/SecurityProviderImpl.java
Author: stillalex Date: Fri Feb 8 16:00:20 2019 New Revision: 1853228 URL: http://svn.apache.org/viewvc?rev=1853228=rev Log: OAK-6221 Deprecate SecurityProviderImpl - trivial javadoc note Modified: jackrabbit/oak/trunk/oak-core/src/main/java/org/apache/jackrabbit/oak/security/SecurityProviderImpl.java Modified: jackrabbit/oak/trunk/oak-core/src/main/java/org/apache/jackrabbit/oak/security/SecurityProviderImpl.java URL: http://svn.apache.org/viewvc/jackrabbit/oak/trunk/oak-core/src/main/java/org/apache/jackrabbit/oak/security/SecurityProviderImpl.java?rev=1853228=1853227=1853228=diff == --- jackrabbit/oak/trunk/oak-core/src/main/java/org/apache/jackrabbit/oak/security/SecurityProviderImpl.java (original) +++ jackrabbit/oak/trunk/oak-core/src/main/java/org/apache/jackrabbit/oak/security/SecurityProviderImpl.java Fri Feb 8 16:00:20 2019 @@ -59,6 +59,9 @@ import org.osgi.framework.BundleContext; import static com.google.common.base.Preconditions.checkNotNull; +/** + * @deprecated Replaced by {@code org.apache.jackrabbit.oak.security.internal.SecurityProviderBuilder} + */ @Deprecated public class SecurityProviderImpl implements SecurityProvider, WhiteboardAware {
svn commit: r1847222 - in /jackrabbit/oak/branches/1.6: ./ oak-core/ oak-core/src/main/java/org/apache/jackrabbit/oak/security/authorization/permission/
Author: stillalex Date: Fri Nov 23 08:35:40 2018 New Revision: 1847222 URL: http://svn.apache.org/viewvc?rev=1847222=rev Log: OAK-7862 Make PermissionEntryCache more resilient against OOME (1.8) - backport to 1.6 Modified: jackrabbit/oak/branches/1.6/ (props changed) jackrabbit/oak/branches/1.6/oak-core/ (props changed) jackrabbit/oak/branches/1.6/oak-core/src/main/java/org/apache/jackrabbit/oak/security/authorization/permission/PermissionEntryCache.java jackrabbit/oak/branches/1.6/oak-core/src/main/java/org/apache/jackrabbit/oak/security/authorization/permission/PrincipalPermissionEntries.java Propchange: jackrabbit/oak/branches/1.6/ -- --- svn:mergeinfo (original) +++ svn:mergeinfo Fri Nov 23 08:35:40 2018 @@ -1,3 +1,4 @@ /jackrabbit/oak/branches/1.0:1665962 +/jackrabbit/oak/branches/1.8:1844835 /jackrabbit/oak/trunk:1781068,1781075,1781248,1781386,1781846,1781907,1782000,1782029,1782196,1782447,1782476,1782770,1782945,1782966,1782973,1782990,1783061,1783066,1783089,1783104-1783105,1783110,1783619,1783720,1783731,1783733,1783738,1783742,1783773,1783855,1783891,1784023,1784034,1784130,1784162,1784251,1784401,1784551,1784574,1784689,1785095,1785108,1785161,1785172,1785283,1785652,1785838,1785916-1785917,1785919,1785946,1786122,1787074,1787145,1787151,1787217,1787425,1788056,1788378,1788387-1788389,1788463,1788476,1788850,1789056,1789534,1789925,1789940,1789987,1790006,1790013,1790069,1790077,1790079,1790382,1790502-1790503,1792049,1792463,1792742,1792746,1793013,1793088,1793618,1793627,1793644,1794393,1794417,1794683,1795138,1795314,1795330,1795475,1795488,1795491,1795502,1795594,1795613,1795618,1796144,1796230,1796239,1796274,1796278,1796988,1797378,1798035,1798832,1798834,1799219,1799389,1799393,1799924,1800244,1800269,1800606,1800613,1800974,1801011,1801013,1801118-1801119 ,1801675,1802260,1802262,1802286,1802548,1802905,1802934,1802938,1802973,1803026,1803247-1803249,1803951,1803953-1803955,1804437,1805851-1805852,1806668,1807308,1807688,1808022,1808053,1808125,1808128,1808142,1808240,1808246,1808731,1809024,1809026,1809131,1809163,1809178-1809179,1809253,1809255-1809256,1809289,1809745,1811071-1811072,1811155,1811380,1811655,1811952,1811963,1811986,1813192,1813538,1814189,1814332,1814397,1814475,1815201,1815438,1815926,1817326,1817919,1817987-1817988,1817990,1818038,1818042,1818056,1818124,1818137,1818554,1818576,1818645,1819048,1819050,1821237,1821325,1821358,1821495,1821516,1821847,1822207,1822850,1823172,1823655,1824896,1825471,1825654,1826237,1826338,1826532,1826640,1826932,1826957,1827472,1827486,1827977,1828502,1829527,1829569,1829587,1829665,1829854,1829864,1829987,1829998,1830019,1830160,1830239,1830748,1831190,1831374,1832258,1832379,1832535,1833308,1834112,1834648-1834649,1834681,1835060,1836082,1837475,1837998,1838637,1839746,1840024,1840 226,1842677,1843222,1843231,1844549,1844642,1844728,1846057 /jackrabbit/trunk:1345480 Propchange: jackrabbit/oak/branches/1.6/oak-core/ -- --- svn:mergeinfo (original) +++ svn:mergeinfo Fri Nov 23 08:35:40 2018 @@ -1,4 +1,5 @@ /jackrabbit/oak/branches/1.0/oak-core:1665962 +/jackrabbit/oak/branches/1.8/oak-core:1844835 /jackrabbit/oak/trunk:1834823 /jackrabbit/oak/trunk/oak-blob-plugins:1819950 /jackrabbit/oak/trunk/oak-core:1781068,1781075,1781248,1781386,1781846,1781907,1782000,1782029,1782196,1782447,1782476,1782770,1782945,1782966,1782973,1782990,1783061,1783066,1783089,1783104-1783105,1783110,1783619,1783720,1783731,1783733,1783738,1783742,1783773,1783855,1783891,1784023,1784034,1784130,1784162,1784251,1784401,1784551,1784574,1784689,1785095,1785108,1785283,1785652,1785838,1785917,1785919,1785946,1786122,1787074,1787145,1787151,1787217,1787425,1788056,1788378,1788387-1788389,1788463,1788476,1788850,1789056,1789441,1789534,1789925,1789940,1789987,1790006,1790013,1790069,1790077,1790079,1790382,1792049,1792463,1792742,1792746,1793013,1793088,1793618,1793627,1793644,1794393,1794417,1794683,1795138,1795314,1795330,1795475,1795488,1795491,1795502,1795594,1795613,1795618,1796144,1796230,1796239,1796274,1796278,1796988,1797378,1798035,1798832,1798834,1799219,1799389,1799393,1799861,1799924,1800269,1800606,1800613,1800974,1801011,1801013,1801118-1801119,1801675,1802260,180226 2,1802286,1802548,1802905,1802934,1802938,1802973,1803026,1803247-1803249,1803951,1803953-1803955,1804437,1805851-1805852,1806668,1807308,1807688,1808125,1808128,1808142,1808240,1808246,1809024,1809026,1809131,1809163,1809178-1809179,1809253,1809255-1809256,1811380,1811952,1811963,1811986,1814332,1818645,1821325,1821358,1821516,1830160,1840226,1846057 Modified: jackrabbit/oak/branches/1.6/oak-core/src/main/java/org/apache/jackrabbit/oak/security/authorization/permission/PermissionEntryCache.java URL: http://svn.apache.org/viewvc/jackrabbit/oak/branches/1.6/oak-core/src/main/java/org/apache
svn commit: r1846637 - in /jackrabbit/oak/branches/1.6: ./ oak-parent/pom.xml
Author: stillalex Date: Thu Nov 15 10:58:52 2018 New Revision: 1846637 URL: http://svn.apache.org/viewvc?rev=1846637=rev Log: OAK-7578 Update spotbugs plugin to 3.1.5 Modified: jackrabbit/oak/branches/1.6/ (props changed) jackrabbit/oak/branches/1.6/oak-parent/pom.xml Propchange: jackrabbit/oak/branches/1.6/ -- --- svn:mergeinfo (original) +++ svn:mergeinfo Thu Nov 15 10:58:52 2018 @@ -1,3 +1,3 @@ /jackrabbit/oak/branches/1.0:1665962 -/jackrabbit/oak/trunk:1781068,1781075,1781248,1781386,1781846,1781907,1782000,1782029,1782196,1782447,1782476,1782770,1782945,1782966,1782973,1782990,1783061,1783066,1783089,1783104-1783105,1783110,1783619,1783720,1783731,1783733,1783738,1783742,1783773,1783855,1783891,1784023,1784034,1784130,1784162,1784251,1784401,1784551,1784574,1784689,1785095,1785108,1785161,1785172,1785283,1785652,1785838,1785916-1785917,1785919,1785946,1786122,1787074,1787145,1787151,1787217,1787425,1788056,1788378,1788387-1788389,1788463,1788476,1788850,1789056,1789534,1789925,1789940,1789987,1790006,1790013,1790069,1790077,1790079,1790382,1790502-1790503,1792049,1792463,1792742,1792746,1793013,1793088,1793618,1793627,1793644,1794393,1794417,1794683,1795138,1795314,1795330,1795475,1795488,1795491,1795502,1795594,1795613,1795618,1796144,1796230,1796239,1796274,1796278,1796988,1797378,1798035,1798832,1798834,1799219,1799389,1799393,1799924,1800244,1800269,1800606,1800613,1800974,1801011,1801013,1801118-1801119 ,1801675,1802260,1802262,1802286,1802548,1802905,1802934,1802938,1802973,1803026,1803247-1803249,1803951,1803953-1803955,1804437,1805851-1805852,1806668,1807308,1807688,1808022,1808053,1808125,1808128,1808142,1808240,1808246,1808731,1809024,1809026,1809131,1809163,1809178-1809179,1809253,1809255-1809256,1809289,1809745,1811071-1811072,1811155,1811380,1811655,1811952,1811963,1811986,1813192,1813538,1814189,1814332,1814397,1814475,1815201,1815438,1815926,1817326,1817919,1817987-1817988,1817990,1818038,1818042,1818056,1818124,1818137,1818554,1818576,1818645,1819048,1819050,1821237,1821325,1821358,1821495,1821516,1821847,1822207,1822850,1823172,1823655,1824896,1825471,1825654,1826237,1826338,1826532,1826640,1826932,1826957,1827472,1827486,1827977,1828502,1829527,1829569,1829587,1829665,1829854,1829864,1829987,1829998,1830019,1830160,1830239,1830748,1831190,1831374,1832258,1832379,1832535,1833308,1834648-1834649,1834681,1835060,1836082,1837475,1837998,1838637,1839746,1840024,1840226,1842 677,1843222,1843231,1844549,1844642,1844728,1846057 +/jackrabbit/oak/trunk:1781068,1781075,1781248,1781386,1781846,1781907,1782000,1782029,1782196,1782447,1782476,1782770,1782945,1782966,1782973,1782990,1783061,1783066,1783089,1783104-1783105,1783110,1783619,1783720,1783731,1783733,1783738,1783742,1783773,1783855,1783891,1784023,1784034,1784130,1784162,1784251,1784401,1784551,1784574,1784689,1785095,1785108,1785161,1785172,1785283,1785652,1785838,1785916-1785917,1785919,1785946,1786122,1787074,1787145,1787151,1787217,1787425,1788056,1788378,1788387-1788389,1788463,1788476,1788850,1789056,1789534,1789925,1789940,1789987,1790006,1790013,1790069,1790077,1790079,1790382,1790502-1790503,1792049,1792463,1792742,1792746,1793013,1793088,1793618,1793627,1793644,1794393,1794417,1794683,1795138,1795314,1795330,1795475,1795488,1795491,1795502,1795594,1795613,1795618,1796144,1796230,1796239,1796274,1796278,1796988,1797378,1798035,1798832,1798834,1799219,1799389,1799393,1799924,1800244,1800269,1800606,1800613,1800974,1801011,1801013,1801118-1801119 ,1801675,1802260,1802262,1802286,1802548,1802905,1802934,1802938,1802973,1803026,1803247-1803249,1803951,1803953-1803955,1804437,1805851-1805852,1806668,1807308,1807688,1808022,1808053,1808125,1808128,1808142,1808240,1808246,1808731,1809024,1809026,1809131,1809163,1809178-1809179,1809253,1809255-1809256,1809289,1809745,1811071-1811072,1811155,1811380,1811655,1811952,1811963,1811986,1813192,1813538,1814189,1814332,1814397,1814475,1815201,1815438,1815926,1817326,1817919,1817987-1817988,1817990,1818038,1818042,1818056,1818124,1818137,1818554,1818576,1818645,1819048,1819050,1821237,1821325,1821358,1821495,1821516,1821847,1822207,1822850,1823172,1823655,1824896,1825471,1825654,1826237,1826338,1826532,1826640,1826932,1826957,1827472,1827486,1827977,1828502,1829527,1829569,1829587,1829665,1829854,1829864,1829987,1829998,1830019,1830160,1830239,1830748,1831190,1831374,1832258,1832379,1832535,1833308,1834112,1834648-1834649,1834681,1835060,1836082,1837475,1837998,1838637,1839746,1840024,1840 226,1842677,1843222,1843231,1844549,1844642,1844728,1846057 /jackrabbit/trunk:1345480 Modified: jackrabbit/oak/branches/1.6/oak-parent/pom.xml URL: http://svn.apache.org/viewvc/jackrabbit/oak/branches/1.6/oak-parent/pom.xml?rev=1846637=1846636=1846637=diff == --- jackrabbit/oak/branches/1.6/oak-parent/pom.xml (original) +++ jackrabbit
svn commit: r1846636 - in /jackrabbit/oak/branches/1.6: ./ oak-parent/pom.xml
Author: stillalex Date: Thu Nov 15 10:55:58 2018 New Revision: 1846636 URL: http://svn.apache.org/viewvc?rev=1846636=rev Log: OAK-7368 update to findbugs version compatible with jdk 10 Modified: jackrabbit/oak/branches/1.6/ (props changed) jackrabbit/oak/branches/1.6/oak-parent/pom.xml Propchange: jackrabbit/oak/branches/1.6/ -- --- svn:mergeinfo (original) +++ svn:mergeinfo Thu Nov 15 10:55:58 2018 @@ -1,3 +1,3 @@ /jackrabbit/oak/branches/1.0:1665962 -/jackrabbit/oak/trunk:1781068,1781075,1781248,1781386,1781846,1781907,1782000,1782029,1782196,1782447,1782476,1782770,1782945,1782966,1782973,1782990,1783061,1783066,1783089,1783104-1783105,1783110,1783619,1783720,1783731,1783733,1783738,1783742,1783773,1783855,1783891,1784023,1784034,1784130,1784162,1784251,1784401,1784551,1784574,1784689,1785095,1785108,1785161,1785172,1785283,1785652,1785838,1785916-1785917,1785919,1785946,1786122,1787074,1787145,1787151,1787217,1787425,1788056,1788378,1788387-1788389,1788463,1788476,1788850,1789056,1789534,1789925,1789940,1789987,1790006,1790013,1790069,1790077,1790079,1790382,1790502-1790503,1792049,1792463,1792742,1792746,1793013,1793088,1793618,1793627,1793644,1794393,1794417,1794683,1795138,1795314,1795330,1795475,1795488,1795491,1795502,1795594,1795613,1795618,1796144,1796230,1796239,1796274,1796278,1796988,1797378,1798035,1798832,1798834,1799219,1799389,1799393,1799924,1800244,1800269,1800606,1800613,1800974,1801011,1801013,1801118-1801119 ,1801675,1802260,1802262,1802286,1802548,1802905,1802934,1802938,1802973,1803026,1803247-1803249,1803951,1803953-1803955,1804437,1805851-1805852,1806668,1807308,1807688,1808022,1808053,1808125,1808128,1808142,1808240,1808246,1808731,1809024,1809026,1809131,1809163,1809178-1809179,1809253,1809255-1809256,1809289,1809745,1811071-1811072,1811155,1811380,1811655,1811952,1811963,1811986,1813192,1813538,1814189,1814332,1814397,1814475,1815201,1815438,1815926,1817326,1817919,1817987-1817988,1817990,1818038,1818042,1818056,1818124,1818137,1818554,1818576,1818645,1819048,1819050,1821237,1821325,1821358,1821495,1821516,1821847,1822207,1822850,1823172,1823655,1824896,1825471,1825654,1826237,1826338,1826532,1826640,1826932,1826957,1827472,1827486,1827977,1828502,1829527,1829569,1829587,1829665,1829854,1829864,1829987,1829998,1830019,1830160,1830239,1830748,1831190,1831374,1832379,1832535,1833308,1834648-1834649,1834681,1835060,1836082,1837475,1837998,1838637,1839746,1840024,1840226,1842677,1843 222,1843231,1844549,1844642,1844728,1846057 +/jackrabbit/oak/trunk:1781068,1781075,1781248,1781386,1781846,1781907,1782000,1782029,1782196,1782447,1782476,1782770,1782945,1782966,1782973,1782990,1783061,1783066,1783089,1783104-1783105,1783110,1783619,1783720,1783731,1783733,1783738,1783742,1783773,1783855,1783891,1784023,1784034,1784130,1784162,1784251,1784401,1784551,1784574,1784689,1785095,1785108,1785161,1785172,1785283,1785652,1785838,1785916-1785917,1785919,1785946,1786122,1787074,1787145,1787151,1787217,1787425,1788056,1788378,1788387-1788389,1788463,1788476,1788850,1789056,1789534,1789925,1789940,1789987,1790006,1790013,1790069,1790077,1790079,1790382,1790502-1790503,1792049,1792463,1792742,1792746,1793013,1793088,1793618,1793627,1793644,1794393,1794417,1794683,1795138,1795314,1795330,1795475,1795488,1795491,1795502,1795594,1795613,1795618,1796144,1796230,1796239,1796274,1796278,1796988,1797378,1798035,1798832,1798834,1799219,1799389,1799393,1799924,1800244,1800269,1800606,1800613,1800974,1801011,1801013,1801118-1801119 ,1801675,1802260,1802262,1802286,1802548,1802905,1802934,1802938,1802973,1803026,1803247-1803249,1803951,1803953-1803955,1804437,1805851-1805852,1806668,1807308,1807688,1808022,1808053,1808125,1808128,1808142,1808240,1808246,1808731,1809024,1809026,1809131,1809163,1809178-1809179,1809253,1809255-1809256,1809289,1809745,1811071-1811072,1811155,1811380,1811655,1811952,1811963,1811986,1813192,1813538,1814189,1814332,1814397,1814475,1815201,1815438,1815926,1817326,1817919,1817987-1817988,1817990,1818038,1818042,1818056,1818124,1818137,1818554,1818576,1818645,1819048,1819050,1821237,1821325,1821358,1821495,1821516,1821847,1822207,1822850,1823172,1823655,1824896,1825471,1825654,1826237,1826338,1826532,1826640,1826932,1826957,1827472,1827486,1827977,1828502,1829527,1829569,1829587,1829665,1829854,1829864,1829987,1829998,1830019,1830160,1830239,1830748,1831190,1831374,1832258,1832379,1832535,1833308,1834648-1834649,1834681,1835060,1836082,1837475,1837998,1838637,1839746,1840024,1840226,1842 677,1843222,1843231,1844549,1844642,1844728,1846057 /jackrabbit/trunk:1345480 Modified: jackrabbit/oak/branches/1.6/oak-parent/pom.xml URL: http://svn.apache.org/viewvc/jackrabbit/oak/branches/1.6/oak-parent/pom.xml?rev=1846636=1846635=1846636=diff == --- jackrabbit/oak/branches/1.6/oak-parent/pom.xml (original) +++ jackrabbit
svn commit: r1846110 - in /jackrabbit/oak/branches/1.8: ./ oak-core/src/main/java/org/apache/jackrabbit/oak/security/authentication/token/ oak-core/src/test/java/org/apache/jackrabbit/oak/security/aut
Author: stillalex Date: Thu Nov 8 09:31:58 2018 New Revision: 1846110 URL: http://svn.apache.org/viewvc?rev=1846110=rev Log: OAK-7876 Backport OAK-7741 to 1.8 branch Modified: jackrabbit/oak/branches/1.8/ (props changed) jackrabbit/oak/branches/1.8/oak-core/src/main/java/org/apache/jackrabbit/oak/security/authentication/token/TokenAuthentication.java jackrabbit/oak/branches/1.8/oak-core/src/test/java/org/apache/jackrabbit/oak/security/authentication/token/TokenAuthenticationTest.java jackrabbit/oak/branches/1.8/oak-security-spi/src/main/java/org/apache/jackrabbit/oak/spi/security/authentication/token/TokenConstants.java jackrabbit/oak/branches/1.8/oak-security-spi/src/main/java/org/apache/jackrabbit/oak/spi/security/authentication/token/package-info.java Propchange: jackrabbit/oak/branches/1.8/ -- --- svn:mergeinfo (original) +++ svn:mergeinfo Thu Nov 8 09:31:58 2018 @@ -1,3 +1,3 @@ /jackrabbit/oak/branches/1.0:1665962 -/jackrabbit/oak/trunk:1820660-1820661,1820729,1820734,1820859,1820861,1820878,1820888,1820947,1821027,1821130,1821140-1821141,1821178,1821237,1821240,1821249,1821258,1821325,1821358,1821361-1821362,1821370,1821375,1821393,1821477,1821487,1821516,1821617,1821663,1821665,1821668,1821681,1821847,1821975-1821983,1822121,1822201,1822207,1822527,1822723,1822808,1822850,1822934,1823135,1823163,1823169,1823172,1823655,1823669,1824196,1824198,1824253,1824255,1824896,1824962,1825065,1825362,1825381,1825442,1825448,1825466,1825470-1825471,1825475,1825523,1825525,1825561,1825619-1825621,1825651,1825654,1825992,1826079,1826090,1826096,1826216,1826237,1826338,1826516,1826532,1826551,1826560,1826638,1826640,1826730,1826932,1826957,1827423,1827472,1827486,1827816,1827977,1828349,1828439,1828502,1828529,1828948,1829527,1829534,1829546,1829569,1829587,1829665,1829854,1829864,1829978,1829985,1829987,1829998,1830019,1830048,1830160,1830171,1830197,1830209,1830239,1830347,1830748,1830911,1830923,1831157 -1831158,1831163,1831190,1831374,1831560,1831689,1832258,1832376,1832379,1832535,1833308,1833347,1833833,1834112,1834117,1834287,1834291,1834302,1834326,1834328,1834336,1834428,1834468,1834483,1834610,1834648-1834649,1834681,1834823,1834857-1834858,1835060,1835518,1835521,1835635,1835642,1835780,1835819,1836082,1836121,1836167-1836168,1836170-1836187,1836189-1836196,1836206,1836487,1836493,1837057,1837274,1837296,1837326,1837475,1837503,1837547,1837569,1837600,1837657,1837718,1837998,1838076,1838637,1839549,1839570,1839637,1839746,1840019,1840024,1840031,1840455,1840574,1841314,1841352,1842089,1842677,1843222,1843231,1843398,1843618,1843652,1843911,1844325,1844549,1844625,1844627,1844642,1844728,1844775,1844932,1845336 +/jackrabbit/oak/trunk:1820660-1820661,1820729,1820734,1820859,1820861,1820878,1820888,1820947,1821027,1821130,1821140-1821141,1821178,1821237,1821240,1821249,1821258,1821325,1821358,1821361-1821362,1821370,1821375,1821393,1821477,1821487,1821516,1821617,1821663,1821665,1821668,1821681,1821847,1821975-1821983,1822121,1822201,1822207,1822527,1822723,1822808,1822850,1822934,1823135,1823163,1823169,1823172,1823655,1823669,1824196,1824198,1824253,1824255,1824896,1824962,1825065,1825362,1825381,1825442,1825448,1825466,1825470-1825471,1825475,1825523,1825525,1825561,1825619-1825621,1825651,1825654,1825992,1826079,1826090,1826096,1826216,1826237,1826338,1826516,1826532,1826551,1826560,1826638,1826640,1826730,1826932,1826957,1827423,1827472,1827486,1827816,1827977,1828349,1828439,1828502,1828529,1828948,1829527,1829534,1829546,1829569,1829587,1829665,1829854,1829864,1829978,1829985,1829987,1829998,1830019,1830048,1830160,1830171,1830197,1830209,1830239,1830347,1830748,1830911,1830923,1831157 -1831158,1831163,1831190,1831374,1831560,1831689,1832258,1832376,1832379,1832535,1833308,1833347,1833833,1834112,1834117,1834287,1834291,1834302,1834326,1834328,1834336,1834428,1834468,1834483,1834610,1834648-1834649,1834681,1834823,1834857-1834858,1835060,1835518,1835521,1835635,1835642,1835780,1835819,1836082,1836121,1836167-1836168,1836170-1836187,1836189-1836196,1836206,1836487,1836493,1837057,1837274,1837296,1837326,1837475,1837503,1837547,1837569,1837600,1837657,1837718,1837998,1838076,1838637,1839549,1839570,1839637,1839746,1840019,1840024,1840031,1840226,1840455,1840574,1841314,1841352,1842089,1842677,1843222,1843231,1843398,1843618,1843652,1843911,1844325,1844549,1844625,1844627,1844642,1844728,1844775,1844932,1845336 /jackrabbit/trunk:1345480 Modified: jackrabbit/oak/branches/1.8/oak-core/src/main/java/org/apache/jackrabbit/oak/security/authentication/token/TokenAuthentication.java URL: http://svn.apache.org/viewvc/jackrabbit/oak/branches/1.8/oak-core/src/main/java/org/apache/jackrabbit/oak/security/authentication/token/TokenAuthentication.java?rev=1846110=1846109=1846110=diff == --- jackrabbit/oak/branches/1.8/oak
svn commit: r1845875 - /jackrabbit/oak/trunk/oak-core/src/main/java/org/apache/jackrabbit/oak/security/authorization/permission/CompiledPermissionImpl.java
Author: stillalex Date: Tue Nov 6 08:29:20 2018 New Revision: 1845875 URL: http://svn.apache.org/viewvc?rev=1845875=rev Log: OAK-7870 Reduce permission store lookups for empty principal sets - same change for TreePermissionImpl#isGranted Modified: jackrabbit/oak/trunk/oak-core/src/main/java/org/apache/jackrabbit/oak/security/authorization/permission/CompiledPermissionImpl.java Modified: jackrabbit/oak/trunk/oak-core/src/main/java/org/apache/jackrabbit/oak/security/authorization/permission/CompiledPermissionImpl.java URL: http://svn.apache.org/viewvc/jackrabbit/oak/trunk/oak-core/src/main/java/org/apache/jackrabbit/oak/security/authorization/permission/CompiledPermissionImpl.java?rev=1845875=1845874=1845875=diff == --- jackrabbit/oak/trunk/oak-core/src/main/java/org/apache/jackrabbit/oak/security/authorization/permission/CompiledPermissionImpl.java (original) +++ jackrabbit/oak/trunk/oak-core/src/main/java/org/apache/jackrabbit/oak/security/authorization/permission/CompiledPermissionImpl.java Tue Nov 6 08:29:20 2018 @@ -568,21 +568,33 @@ final class CompiledPermissionImpl imple @Override public boolean isGranted(long permissions) { EntryPredicate predicate = new EntryPredicate(tree, null, Permissions.respectParentPermissions(permissions)); -Iterator it = concat(new LazyIterator(this, true, predicate), new LazyIterator(this, false, predicate)); +Iterator it = getIterator(predicate); return hasPermissions(it, predicate, permissions, tree.getPath()); } @Override public boolean isGranted(long permissions, @NotNull PropertyState property) { EntryPredicate predicate = new EntryPredicate(tree, property, Permissions.respectParentPermissions(permissions)); -Iterator it = concat(new LazyIterator(this, true, predicate), new LazyIterator(this, false, predicate)); +Iterator it = getIterator(predicate); return hasPermissions(it, predicate, permissions, tree.getPath()); } //< private >--- private Iterator getIterator(@Nullable PropertyState property, long permissions) { EntryPredicate predicate = new EntryPredicate(tree, property, Permissions.respectParentPermissions(permissions)); -return concat(new LazyIterator(this, true, predicate), new LazyIterator(this, false, predicate)); +return getIterator(predicate); +} + +private Iterator getIterator(@NotNull EntryPredicate predicate) { +if (userStore != null && groupStore != null) { +return concat(new LazyIterator(this, true, predicate), new LazyIterator(this, false, predicate)); +} else if (userStore != null) { +return new LazyIterator(this, true, predicate); +} else if (groupStore != null) { +return new LazyIterator(this, false, predicate); +} else { +return Collections.emptyIterator(); +} } private Iterator getUserEntries() {
svn commit: r1845485 - in /jackrabbit/oak/branches/1.8: ./ oak-core/src/main/java/org/apache/jackrabbit/oak/security/authentication/token/ oak-core/src/test/java/org/apache/jackrabbit/oak/security/aut
Author: stillalex Date: Thu Nov 1 15:20:06 2018 New Revision: 1845485 URL: http://svn.apache.org/viewvc?rev=1845485=rev Log: OAK-7741 Token LoginModule flag to skip refreshing the token expiration - reverted change due to package export version Modified: jackrabbit/oak/branches/1.8/ (props changed) jackrabbit/oak/branches/1.8/oak-core/src/main/java/org/apache/jackrabbit/oak/security/authentication/token/TokenAuthentication.java jackrabbit/oak/branches/1.8/oak-core/src/test/java/org/apache/jackrabbit/oak/security/authentication/token/TokenAuthenticationTest.java jackrabbit/oak/branches/1.8/oak-security-spi/src/main/java/org/apache/jackrabbit/oak/spi/security/authentication/token/TokenConstants.java jackrabbit/oak/branches/1.8/oak-security-spi/src/main/java/org/apache/jackrabbit/oak/spi/security/authentication/token/package-info.java Propchange: jackrabbit/oak/branches/1.8/ -- --- svn:mergeinfo (original) +++ svn:mergeinfo Thu Nov 1 15:20:06 2018 @@ -1,3 +1,3 @@ /jackrabbit/oak/branches/1.0:1665962 -/jackrabbit/oak/trunk:1820660-1820661,1820729,1820734,1820859,1820861,1820878,1820888,1820947,1821027,1821130,1821140-1821141,1821178,1821237,1821240,1821249,1821258,1821325,1821358,1821361-1821362,1821370,1821375,1821393,1821477,1821487,1821516,1821617,1821663,1821665,1821668,1821681,1821847,1821975-1821983,1822121,1822201,1822207,1822527,1822723,1822808,1822850,1822934,1823135,1823163,1823169,1823172,1823655,1823669,1824196,1824198,1824253,1824255,1824896,1824962,1825065,1825362,1825381,1825442,1825448,1825466,1825470-1825471,1825475,1825523,1825525,1825561,1825619-1825621,1825651,1825654,1825992,1826079,1826090,1826096,1826216,1826237,1826338,1826516,1826532,1826551,1826560,1826638,1826640,1826730,1826932,1826957,1827423,1827472,1827486,1827816,1827977,1828349,1828439,1828502,1828529,1828948,1829527,1829534,1829546,1829569,1829587,1829665,1829854,1829864,1829978,1829985,1829987,1829998,1830019,1830048,1830160,1830171,1830197,1830209,1830239,1830347,1830748,1830911,1830923,1831157 -1831158,1831163,1831190,1831374,1831560,1831689,1832258,1832376,1832379,1832535,1833308,1833347,1833833,1834112,1834117,1834287,1834291,1834302,1834326,1834328,1834336,1834428,1834468,1834483,1834610,1834648-1834649,1834681,1834823,1834857-1834858,1835060,1835518,1835521,1835635,1835642,1835780,1835819,1836082,1836121,1836487,1836493,1837057,1837274,1837296,1837326,1837475,1837503,1837547,1837569,1837600,1837657,1837718,1837998,1838076,1838637,1839549,1839570,1839637,1839746,1840019,1840024,1840031,1840226,1840455,1840574,1841314,1841352,1842089,1842677,1843222,1843231,1843398,1843618,1843652,1843911,1844325,1844549,1844625,1844627,1844642,1844728,1844775,1844932,1845336 +/jackrabbit/oak/trunk:1820660-1820661,1820729,1820734,1820859,1820861,1820878,1820888,1820947,1821027,1821130,1821140-1821141,1821178,1821237,1821240,1821249,1821258,1821325,1821358,1821361-1821362,1821370,1821375,1821393,1821477,1821487,1821516,1821617,1821663,1821665,1821668,1821681,1821847,1821975-1821983,1822121,1822201,1822207,1822527,1822723,1822808,1822850,1822934,1823135,1823163,1823169,1823172,1823655,1823669,1824196,1824198,1824253,1824255,1824896,1824962,1825065,1825362,1825381,1825442,1825448,1825466,1825470-1825471,1825475,1825523,1825525,1825561,1825619-1825621,1825651,1825654,1825992,1826079,1826090,1826096,1826216,1826237,1826338,1826516,1826532,1826551,1826560,1826638,1826640,1826730,1826932,1826957,1827423,1827472,1827486,1827816,1827977,1828349,1828439,1828502,1828529,1828948,1829527,1829534,1829546,1829569,1829587,1829665,1829854,1829864,1829978,1829985,1829987,1829998,1830019,1830048,1830160,1830171,1830197,1830209,1830239,1830347,1830748,1830911,1830923,1831157 -1831158,1831163,1831190,1831374,1831560,1831689,1832258,1832376,1832379,1832535,1833308,1833347,1833833,1834112,1834117,1834287,1834291,1834302,1834326,1834328,1834336,1834428,1834468,1834483,1834610,1834648-1834649,1834681,1834823,1834857-1834858,1835060,1835518,1835521,1835635,1835642,1835780,1835819,1836082,1836121,1836487,1836493,1837057,1837274,1837296,1837326,1837475,1837503,1837547,1837569,1837600,1837657,1837718,1837998,1838076,1838637,1839549,1839570,1839637,1839746,1840019,1840024,1840031,1840455,1840574,1841314,1841352,1842089,1842677,1843222,1843231,1843398,1843618,1843652,1843911,1844325,1844549,1844625,1844627,1844642,1844728,1844775,1844932,1845336 /jackrabbit/trunk:1345480 Modified: jackrabbit/oak/branches/1.8/oak-core/src/main/java/org/apache/jackrabbit/oak/security/authentication/token/TokenAuthentication.java URL: http://svn.apache.org/viewvc/jackrabbit/oak/branches/1.8/oak-core/src/main/java/org/apache/jackrabbit/oak/security/authentication/token/TokenAuthentication.java?rev=1845485=1845484=1845485=diff == --- jackrabbit/oak/branches/1.8/oak-core/src/main/java/org/apache
svn commit: r1845439 - /jackrabbit/oak/trunk/oak-core/src/main/java/org/apache/jackrabbit/oak/security/authorization/permission/CompiledPermissionImpl.java
Author: stillalex Date: Thu Nov 1 10:51:39 2018 New Revision: 1845439 URL: http://svn.apache.org/viewvc?rev=1845439=rev Log: OAK-7870 Reduce permission store lookups for empty principal sets Modified: jackrabbit/oak/trunk/oak-core/src/main/java/org/apache/jackrabbit/oak/security/authorization/permission/CompiledPermissionImpl.java Modified: jackrabbit/oak/trunk/oak-core/src/main/java/org/apache/jackrabbit/oak/security/authorization/permission/CompiledPermissionImpl.java URL: http://svn.apache.org/viewvc/jackrabbit/oak/trunk/oak-core/src/main/java/org/apache/jackrabbit/oak/security/authorization/permission/CompiledPermissionImpl.java?rev=1845439=1845438=1845439=diff == --- jackrabbit/oak/trunk/oak-core/src/main/java/org/apache/jackrabbit/oak/security/authorization/permission/CompiledPermissionImpl.java (original) +++ jackrabbit/oak/trunk/oak-core/src/main/java/org/apache/jackrabbit/oak/security/authorization/permission/CompiledPermissionImpl.java Thu Nov 1 10:51:39 2018 @@ -109,8 +109,16 @@ final class CompiledPermissionImpl imple } } -userStore = new PermissionEntryProviderImpl(store, userNames, options); -groupStore = new PermissionEntryProviderImpl(store, groupNames, options); +if (!userNames.isEmpty()) { +userStore = new PermissionEntryProviderImpl(store, userNames, options); +} else { +userStore = null; +} +if (!groupNames.isEmpty()) { +groupStore = new PermissionEntryProviderImpl(store, groupNames, options); +} else { +groupStore = null; +} typeProvider = new TreeTypeProvider(ctx); } @@ -138,8 +146,12 @@ final class CompiledPermissionImpl imple this.versionManager = null; store.flush(root); -userStore.flush(); -groupStore.flush(); +if (userStore != null) { +userStore.flush(); +} +if (groupStore != null) { +groupStore.flush(); +} } @NotNull @@ -414,9 +426,17 @@ final class CompiledPermissionImpl imple @NotNull private Iterator getEntryIterator(@NotNull EntryPredicate predicate) { -Iterator userEntries = userStore.getEntryIterator(predicate); -Iterator groupEntries = groupStore.getEntryIterator(predicate); -return concat(userEntries, groupEntries); +if (userStore != null && groupStore != null) { +Iterator userEntries = userStore.getEntryIterator(predicate); +Iterator groupEntries = groupStore.getEntryIterator(predicate); +return concat(userEntries, groupEntries); +} else if (userStore != null) { +return userStore.getEntryIterator(predicate); +} else if (groupStore != null) { +return groupStore.getEntryIterator(predicate); +} else { +return Collections.emptyIterator(); +} } @Nullable @@ -567,14 +587,14 @@ final class CompiledPermissionImpl imple private Iterator getUserEntries() { if (userEntries == null) { -userEntries = userStore.getEntries(tree); +userEntries = userStore != null ? userStore.getEntries(tree) : Collections.emptyList(); } return userEntries.iterator(); } private Iterator getGroupEntries() { if (groupEntries == null) { -groupEntries = groupStore.getEntries(tree); +groupEntries = groupStore != null ? groupStore.getEntries(tree) : Collections.emptyList(); } return groupEntries.iterator(); }
svn commit: r1844835 - in /jackrabbit/oak/branches/1.8/oak-core/src/main/java/org/apache/jackrabbit/oak/security/authorization/permission: PermissionEntryCache.java PrincipalPermissionEntries.java
Author: stillalex Date: Thu Oct 25 14:56:10 2018 New Revision: 1844835 URL: http://svn.apache.org/viewvc?rev=1844835=rev Log: OAK-7862 Make PermissionEntryCache more resilient against OOME (1.8) Modified: jackrabbit/oak/branches/1.8/oak-core/src/main/java/org/apache/jackrabbit/oak/security/authorization/permission/PermissionEntryCache.java jackrabbit/oak/branches/1.8/oak-core/src/main/java/org/apache/jackrabbit/oak/security/authorization/permission/PrincipalPermissionEntries.java Modified: jackrabbit/oak/branches/1.8/oak-core/src/main/java/org/apache/jackrabbit/oak/security/authorization/permission/PermissionEntryCache.java URL: http://svn.apache.org/viewvc/jackrabbit/oak/branches/1.8/oak-core/src/main/java/org/apache/jackrabbit/oak/security/authorization/permission/PermissionEntryCache.java?rev=1844835=1844834=1844835=diff == --- jackrabbit/oak/branches/1.8/oak-core/src/main/java/org/apache/jackrabbit/oak/security/authorization/permission/PermissionEntryCache.java (original) +++ jackrabbit/oak/branches/1.8/oak-core/src/main/java/org/apache/jackrabbit/oak/security/authorization/permission/PermissionEntryCache.java Thu Oct 25 14:56:10 2018 @@ -17,7 +17,6 @@ package org.apache.jackrabbit.oak.security.authorization.permission; import java.util.Collection; -import java.util.Collections; import java.util.HashMap; import java.util.Map; import java.util.Set; @@ -81,15 +80,15 @@ class PermissionEntryCache { ppe = new PrincipalPermissionEntries(); entries.put(principalName, ppe); } -Collection pes = ppe.getEntries().get(path); +Collection pes = ppe.getEntriesByPath(path); if (pes == null) { pes = store.load(null, principalName, path); if (pes == null) { -pes = Collections.emptySet(); +ppe.rememberNotAccessControlled(path); } else { +ppe.putEntriesByPath(path, pes); ret.addAll(pes); } -ppe.getEntries().put(path, pes); } else { ret.addAll(pes); } Modified: jackrabbit/oak/branches/1.8/oak-core/src/main/java/org/apache/jackrabbit/oak/security/authorization/permission/PrincipalPermissionEntries.java URL: http://svn.apache.org/viewvc/jackrabbit/oak/branches/1.8/oak-core/src/main/java/org/apache/jackrabbit/oak/security/authorization/permission/PrincipalPermissionEntries.java?rev=1844835=1844834=1844835=diff == --- jackrabbit/oak/branches/1.8/oak-core/src/main/java/org/apache/jackrabbit/oak/security/authorization/permission/PrincipalPermissionEntries.java (original) +++ jackrabbit/oak/branches/1.8/oak-core/src/main/java/org/apache/jackrabbit/oak/security/authorization/permission/PrincipalPermissionEntries.java Thu Oct 25 14:56:10 2018 @@ -16,10 +16,15 @@ */ package org.apache.jackrabbit.oak.security.authorization.permission; +import static java.util.Collections.emptySet; + import java.util.Collection; import java.util.HashMap; +import java.util.LinkedHashMap; import java.util.Map; + import javax.annotation.Nonnull; +import javax.annotation.Nullable; /** * {@code PermissionEntries} holds the permission entries of one principal @@ -27,6 +32,11 @@ import javax.annotation.Nonnull; class PrincipalPermissionEntries { /** + * max size of the emptyPaths cache. + */ +private static int MAX_SIZE = Integer.getInteger("oak.PrincipalPermissionEntries.maxSize", 1000); + +/** * indicating if all entries were loaded. */ private boolean fullyLoaded; @@ -34,13 +44,20 @@ class PrincipalPermissionEntries { /** * map of permission entries, accessed by path */ -private Map> entries = new HashMap>(); +private Map> entries = new HashMap<>(); +private final Map emptyPaths; PrincipalPermissionEntries() { +this.emptyPaths = new LinkedHashMap() { +@Override +protected boolean removeEldestEntry(Map.Entry eldest) { +return size() > MAX_SIZE; +} +}; } long getSize() { -return entries.size(); +return entries.size() + emptyPaths.size(); } boolean isFullyLoaded() { @@ -55,4 +72,17 @@ class PrincipalPermissionEntries { Map> getEntries() { return entries; } + +@Nullable +Collection getEntriesByPath(@Nonnull String path) { +return (emptyPaths.containsKey(path)) ? emptySet() : entries.get(path); +} + +void putEntriesByPath(@Nonnull String path, @Nonnull Collection pathEntries) { +entries.put(path, pathEntries); +} + +void rememberNotAccessControlled(@Nonnull String path) { +emptyPaths.put(path, null); +} } \ No newline at end of file
svn commit: r1844824 - in /jackrabbit/oak/trunk: oak-benchmarks/src/main/java/org/apache/jackrabbit/oak/benchmark/ oak-benchmarks/src/main/java/org/apache/jackrabbit/oak/benchmark/authorization/ oak-c
Author: stillalex Date: Thu Oct 25 12:09:32 2018 New Revision: 1844824 URL: http://svn.apache.org/viewvc?rev=1844824=rev Log: OAK-7860 Make PermissionEntryCache more resilient against OOME Added: jackrabbit/oak/trunk/oak-benchmarks/src/main/java/org/apache/jackrabbit/oak/benchmark/authorization/CanReadNonExisting.java (with props) Modified: jackrabbit/oak/trunk/oak-benchmarks/src/main/java/org/apache/jackrabbit/oak/benchmark/BenchmarkRunner.java jackrabbit/oak/trunk/oak-core/src/main/java/org/apache/jackrabbit/oak/security/authorization/permission/PrincipalPermissionEntries.java Modified: jackrabbit/oak/trunk/oak-benchmarks/src/main/java/org/apache/jackrabbit/oak/benchmark/BenchmarkRunner.java URL: http://svn.apache.org/viewvc/jackrabbit/oak/trunk/oak-benchmarks/src/main/java/org/apache/jackrabbit/oak/benchmark/BenchmarkRunner.java?rev=1844824=1844823=1844824=diff == --- jackrabbit/oak/trunk/oak-benchmarks/src/main/java/org/apache/jackrabbit/oak/benchmark/BenchmarkRunner.java (original) +++ jackrabbit/oak/trunk/oak-benchmarks/src/main/java/org/apache/jackrabbit/oak/benchmark/BenchmarkRunner.java Thu Oct 25 12:09:32 2018 @@ -48,6 +48,7 @@ import org.apache.jackrabbit.oak.benchma import org.apache.jackrabbit.oak.benchmark.authentication.external.SyncAllUsersTest; import org.apache.jackrabbit.oak.benchmark.authentication.external.SyncExternalUsersTest; import org.apache.jackrabbit.oak.benchmark.authorization.AceCreationTest; +import org.apache.jackrabbit.oak.benchmark.authorization.CanReadNonExisting; import org.apache.jackrabbit.oak.benchmark.wikipedia.WikipediaImport; import org.apache.jackrabbit.oak.fixture.JackrabbitRepositoryFixture; import org.apache.jackrabbit.oak.fixture.OakFixture; @@ -492,7 +493,8 @@ public class BenchmarkRunner { new BundlingNodeTest(), new PersistentCacheTest(statsProvider), new StringWriteTest(), -new BasicWriteTest() +new BasicWriteTest(), +new CanReadNonExisting() }; Set argset = Sets.newHashSet(nonOption.values(options)); Added: jackrabbit/oak/trunk/oak-benchmarks/src/main/java/org/apache/jackrabbit/oak/benchmark/authorization/CanReadNonExisting.java URL: http://svn.apache.org/viewvc/jackrabbit/oak/trunk/oak-benchmarks/src/main/java/org/apache/jackrabbit/oak/benchmark/authorization/CanReadNonExisting.java?rev=1844824=auto == --- jackrabbit/oak/trunk/oak-benchmarks/src/main/java/org/apache/jackrabbit/oak/benchmark/authorization/CanReadNonExisting.java (added) +++ jackrabbit/oak/trunk/oak-benchmarks/src/main/java/org/apache/jackrabbit/oak/benchmark/authorization/CanReadNonExisting.java Thu Oct 25 12:09:32 2018 @@ -0,0 +1,113 @@ +/* + * Licensed to the Apache Software Foundation (ASF) under one or more + * contributor license agreements. See the NOTICE file distributed with + * this work for additional information regarding copyright ownership. + * The ASF licenses this file to You under the Apache License, Version 2.0 + * (the "License"); you may not use this file except in compliance with + * the License. You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ +package org.apache.jackrabbit.oak.benchmark.authorization; + +import static javax.jcr.security.Privilege.JCR_READ; +import static org.apache.jackrabbit.commons.jackrabbit.authorization.AccessControlUtils.addAccessControlEntry; +import static org.junit.Assert.assertFalse; + +import javax.jcr.Node; +import javax.jcr.Session; +import javax.jcr.SimpleCredentials; +import javax.jcr.security.Privilege; + +import org.apache.jackrabbit.api.JackrabbitSession; +import org.apache.jackrabbit.api.security.user.Group; +import org.apache.jackrabbit.api.security.user.User; +import org.apache.jackrabbit.api.security.user.UserManager; +import org.apache.jackrabbit.oak.benchmark.AbstractTest; +import org.apache.jackrabbit.oak.spi.security.principal.EveryonePrincipal; +import org.apache.jackrabbit.oak.spi.security.principal.PrincipalImpl; + +/** + * Tests the behavior of the permission cache when faced with lots of paths that + * have no relevant policies for the current session (but may have other + * policies). For more info see OAK-7860. + */ +public class CanReadNonExisting extends AbstractTest { + +static final String uid = "u0"; + +static final int contentNodes = 1; + +@Override +public void beforeSuite() throws Exceptio
svn commit: r1844323 - in /jackrabbit/oak/branches/1.8: ./ oak-core/src/main/java/org/apache/jackrabbit/oak/security/authentication/token/ oak-core/src/test/java/org/apache/jackrabbit/oak/security/aut
Author: stillalex Date: Fri Oct 19 09:52:29 2018 New Revision: 1844323 URL: http://svn.apache.org/viewvc?rev=1844323=rev Log: OAK-7741 Token LoginModule flag to skip refreshing the token expiration - backported rev 1840226 to 1.8 Modified: jackrabbit/oak/branches/1.8/ (props changed) jackrabbit/oak/branches/1.8/oak-core/src/main/java/org/apache/jackrabbit/oak/security/authentication/token/TokenAuthentication.java jackrabbit/oak/branches/1.8/oak-core/src/test/java/org/apache/jackrabbit/oak/security/authentication/token/TokenAuthenticationTest.java jackrabbit/oak/branches/1.8/oak-security-spi/src/main/java/org/apache/jackrabbit/oak/spi/security/authentication/token/TokenConstants.java jackrabbit/oak/branches/1.8/oak-security-spi/src/main/java/org/apache/jackrabbit/oak/spi/security/authentication/token/package-info.java Propchange: jackrabbit/oak/branches/1.8/ -- --- svn:mergeinfo (original) +++ svn:mergeinfo Fri Oct 19 09:52:29 2018 @@ -1,3 +1,3 @@ /jackrabbit/oak/branches/1.0:1665962 -/jackrabbit/oak/trunk:1820660-1820661,1820729,1820734,1820859,1820861,1820878,1820888,1820947,1821027,1821130,1821140-1821141,1821178,1821237,1821240,1821249,1821258,1821325,1821358,1821361-1821362,1821370,1821375,1821393,1821477,1821487,1821516,1821617,1821663,1821665,1821668,1821681,1821847,1821975-1821983,1822121,1822201,1822207,1822527,1822723,1822808,1822850,1822934,1823135,1823163,1823169,1823172,1823655,1823669,1824196,1824198,1824253,1824255,1824896,1824962,1825065,1825362,1825381,1825442,1825448,1825466,1825470-1825471,1825475,1825523,1825525,1825561,1825619-1825621,1825651,1825654,1825992,1826079,1826090,1826096,1826216,1826237,1826338,1826516,1826532,1826551,1826560,1826638,1826640,1826730,1826932,1826957,1827423,1827472,1827486,1827816,1827977,1828349,1828439,1828502,1828529,1828948,1829527,1829534,1829546,1829569,1829587,1829665,1829854,1829864,1829978,1829985,1829987,1829998,1830019,1830048,1830160,1830171,1830197,1830209,1830239,1830347,1830748,1830911,1830923,1831157 -1831158,1831163,1831190,1831374,1831560,1831689,1832258,1832376,1832379,1832535,1833308,1833347,1833833,1834112,1834117,1834287,1834291,1834302,1834326,1834328,1834336,1834428,1834468,1834483,1834610,1834648-1834649,1834681,1834823,1834857-1834858,1835060,1835518,1835521,1835635,1835642,1835780,1835819,1836082,1836121,1836487,1836493,1837057,1837274,1837296,1837326,1837475,1837503,1837547,1837569,1837600,1837657,1837718,1837998,1838076,1838637,1839549,1839570,1839637,1839746,1840019,1840024,1840031,1840455,1840574,1841314,1841352,1842677,1843222,1843231,1843398,1843618,1843652,1843911 +/jackrabbit/oak/trunk:1820660-1820661,1820729,1820734,1820859,1820861,1820878,1820888,1820947,1821027,1821130,1821140-1821141,1821178,1821237,1821240,1821249,1821258,1821325,1821358,1821361-1821362,1821370,1821375,1821393,1821477,1821487,1821516,1821617,1821663,1821665,1821668,1821681,1821847,1821975-1821983,1822121,1822201,1822207,1822527,1822723,1822808,1822850,1822934,1823135,1823163,1823169,1823172,1823655,1823669,1824196,1824198,1824253,1824255,1824896,1824962,1825065,1825362,1825381,1825442,1825448,1825466,1825470-1825471,1825475,1825523,1825525,1825561,1825619-1825621,1825651,1825654,1825992,1826079,1826090,1826096,1826216,1826237,1826338,1826516,1826532,1826551,1826560,1826638,1826640,1826730,1826932,1826957,1827423,1827472,1827486,1827816,1827977,1828349,1828439,1828502,1828529,1828948,1829527,1829534,1829546,1829569,1829587,1829665,1829854,1829864,1829978,1829985,1829987,1829998,1830019,1830048,1830160,1830171,1830197,1830209,1830239,1830347,1830748,1830911,1830923,1831157 -1831158,1831163,1831190,1831374,1831560,1831689,1832258,1832376,1832379,1832535,1833308,1833347,1833833,1834112,1834117,1834287,1834291,1834302,1834326,1834328,1834336,1834428,1834468,1834483,1834610,1834648-1834649,1834681,1834823,1834857-1834858,1835060,1835518,1835521,1835635,1835642,1835780,1835819,1836082,1836121,1836487,1836493,1837057,1837274,1837296,1837326,1837475,1837503,1837547,1837569,1837600,1837657,1837718,1837998,1838076,1838637,1839549,1839570,1839637,1839746,1840019,1840024,1840031,1840226,1840455,1840574,1841314,1841352,1842677,1843222,1843231,1843398,1843618,1843652,1843911 /jackrabbit/trunk:1345480 Modified: jackrabbit/oak/branches/1.8/oak-core/src/main/java/org/apache/jackrabbit/oak/security/authentication/token/TokenAuthentication.java URL: http://svn.apache.org/viewvc/jackrabbit/oak/branches/1.8/oak-core/src/main/java/org/apache/jackrabbit/oak/security/authentication/token/TokenAuthentication.java?rev=1844323=1844322=1844323=diff == --- jackrabbit/oak/branches/1.8/oak-core/src/main/java/org/apache/jackrabbit/oak/security/authentication/token/TokenAuthentication.java (original) +++ jackrabbit/oak/branches/1.8/oak-core/src/main/java/org/apache/jackrabbit/oak/security
svn commit: r1844314 - in /jackrabbit/oak/branches/1.6: ./ oak-core/ oak-core/src/main/java/org/apache/jackrabbit/oak/security/authentication/token/ oak-core/src/test/java/org/apache/jackrabbit/oak/se
Author: stillalex Date: Fri Oct 19 08:44:19 2018 New Revision: 1844314 URL: http://svn.apache.org/viewvc?rev=1844314=rev Log: OAK-7741 Token LoginModule flag to skip refreshing the token expiration - merged rev 1840226 to 1.6 branch Modified: jackrabbit/oak/branches/1.6/ (props changed) jackrabbit/oak/branches/1.6/oak-core/ (props changed) jackrabbit/oak/branches/1.6/oak-core/src/main/java/org/apache/jackrabbit/oak/security/authentication/token/TokenAuthentication.java jackrabbit/oak/branches/1.6/oak-core/src/main/java/org/apache/jackrabbit/oak/security/authentication/token/TokenConstants.java jackrabbit/oak/branches/1.6/oak-core/src/test/java/org/apache/jackrabbit/oak/security/authentication/token/TokenAuthenticationTest.java Propchange: jackrabbit/oak/branches/1.6/ -- --- svn:mergeinfo (original) +++ svn:mergeinfo Fri Oct 19 08:44:19 2018 @@ -1,3 +1,3 @@ /jackrabbit/oak/branches/1.0:1665962 -/jackrabbit/oak/trunk:1781068,1781075,1781248,1781386,1781846,1781907,1782000,1782029,1782196,1782447,1782476,1782770,1782945,1782966,1782973,1782990,1783061,1783066,1783089,1783104-1783105,1783110,1783619,1783720,1783731,1783733,1783738,1783742,1783773,1783855,1783891,1784023,1784034,1784130,1784162,1784251,1784401,1784551,1784574,1784689,1785095,1785108,1785161,1785172,1785283,1785652,1785838,1785916-1785917,1785919,1785946,1786122,1787074,1787145,1787151,1787217,1787425,1788056,1788378,1788387-1788389,1788463,1788476,1788850,1789056,1789534,1789925,1789940,1789987,1790006,1790013,1790069,1790077,1790079,1790382,1790502-1790503,1792049,1792463,1792742,1792746,1793013,1793088,1793618,1793627,1793644,1794393,1794417,1794683,1795138,1795314,1795330,1795475,1795488,1795491,1795502,1795594,1795613,1795618,1796144,1796230,1796239,1796274,1796278,1796988,1797378,1798035,1798832,1798834,1799219,1799389,1799393,1799924,1800244,1800269,1800606,1800613,1800974,1801011,1801013,1801118-1801119 ,1801675,1802260,1802262,1802286,1802548,1802905,1802934,1802938,1802973,1803026,1803247-1803249,1803951,1803953-1803955,1804437,1805851-1805852,1806668,1807308,1807688,1808022,1808053,1808125,1808128,1808142,1808240,1808246,1808731,1809024,1809026,1809131,1809163,1809178-1809179,1809253,1809255-1809256,1809289,1809745,1811071-1811072,1811155,1811380,1811655,1811952,1811963,1811986,1813192,1813538,1814189,1814332,1814397,1814475,1815201,1815438,1815926,1817326,1817919,1817987-1817988,1817990,1818038,1818042,1818056,1818124,1818137,1818554,1818576,1818645,1819048,1819050,1821237,1821325,1821358,1821495,1821516,1821847,1822207,1822850,1823172,1823655,1824896,1825471,1825654,1826237,1826338,1826532,1826640,1826932,1826957,1827472,1827486,1827977,1828502,1829527,1829569,1829587,1829665,1829854,1829864,1829987,1829998,1830019,1830160,1830239,1830748,1831190,1831374,1832379,1832535,1833308,1834648-1834649,1834681,1835060,1836082,1837475,1837998,1838637,1839746,1840024,1842677,1843222,1843 231 +/jackrabbit/oak/trunk:1781068,1781075,1781248,1781386,1781846,1781907,1782000,1782029,1782196,1782447,1782476,1782770,1782945,1782966,1782973,1782990,1783061,1783066,1783089,1783104-1783105,1783110,1783619,1783720,1783731,1783733,1783738,1783742,1783773,1783855,1783891,1784023,1784034,1784130,1784162,1784251,1784401,1784551,1784574,1784689,1785095,1785108,1785161,1785172,1785283,1785652,1785838,1785916-1785917,1785919,1785946,1786122,1787074,1787145,1787151,1787217,1787425,1788056,1788378,1788387-1788389,1788463,1788476,1788850,1789056,1789534,1789925,1789940,1789987,1790006,1790013,1790069,1790077,1790079,1790382,1790502-1790503,1792049,1792463,1792742,1792746,1793013,1793088,1793618,1793627,1793644,1794393,1794417,1794683,1795138,1795314,1795330,1795475,1795488,1795491,1795502,1795594,1795613,1795618,1796144,1796230,1796239,1796274,1796278,1796988,1797378,1798035,1798832,1798834,1799219,1799389,1799393,1799924,1800244,1800269,1800606,1800613,1800974,1801011,1801013,1801118-1801119 ,1801675,1802260,1802262,1802286,1802548,1802905,1802934,1802938,1802973,1803026,1803247-1803249,1803951,1803953-1803955,1804437,1805851-1805852,1806668,1807308,1807688,1808022,1808053,1808125,1808128,1808142,1808240,1808246,1808731,1809024,1809026,1809131,1809163,1809178-1809179,1809253,1809255-1809256,1809289,1809745,1811071-1811072,1811155,1811380,1811655,1811952,1811963,1811986,1813192,1813538,1814189,1814332,1814397,1814475,1815201,1815438,1815926,1817326,1817919,1817987-1817988,1817990,1818038,1818042,1818056,1818124,1818137,1818554,1818576,1818645,1819048,1819050,1821237,1821325,1821358,1821495,1821516,1821847,1822207,1822850,1823172,1823655,1824896,1825471,1825654,1826237,1826338,1826532,1826640,1826932,1826957,1827472,1827486,1827977,1828502,1829527,1829569,1829587,1829665,1829854,1829864,1829987,1829998,1830019,1830160,1830239,1830748,1831190,1831374,1832379,1832535,1833308,1834648
svn commit: r1843549 - in /jackrabbit/oak/trunk: oak-core/src/main/java/org/apache/jackrabbit/oak/security/authentication/token/ oak-security-spi/src/main/java/org/apache/jackrabbit/oak/spi/security/a
Author: stillalex Date: Thu Oct 11 13:17:19 2018 New Revision: 1843549 URL: http://svn.apache.org/viewvc?rev=1843549=rev Log: OAK-7822 More aggressive internal state cleanup of login modules Modified: jackrabbit/oak/trunk/oak-core/src/main/java/org/apache/jackrabbit/oak/security/authentication/token/TokenLoginModule.java jackrabbit/oak/trunk/oak-security-spi/src/main/java/org/apache/jackrabbit/oak/spi/security/authentication/AbstractLoginModule.java Modified: jackrabbit/oak/trunk/oak-core/src/main/java/org/apache/jackrabbit/oak/security/authentication/token/TokenLoginModule.java URL: http://svn.apache.org/viewvc/jackrabbit/oak/trunk/oak-core/src/main/java/org/apache/jackrabbit/oak/security/authentication/token/TokenLoginModule.java?rev=1843549=1843548=1843549=diff == --- jackrabbit/oak/trunk/oak-core/src/main/java/org/apache/jackrabbit/oak/security/authentication/token/TokenLoginModule.java (original) +++ jackrabbit/oak/trunk/oak-core/src/main/java/org/apache/jackrabbit/oak/security/authentication/token/TokenLoginModule.java Thu Oct 11 13:17:19 2018 @@ -153,6 +153,7 @@ public final class TokenLoginModule exte if (tokenCredentials != null && userId != null) { Set principals = (principal != null) ? getPrincipals(principal) : getPrincipals(userId); updateSubject(tokenCredentials, getAuthInfo(tokenInfo, principals), principals); +clearState(); return true; } try{ @@ -206,6 +207,7 @@ public final class TokenLoginModule exte tokenCredentials = null; tokenInfo = null; userId = null; +tokenProvider = null; } //< private >--- @@ -245,7 +247,7 @@ public final class TokenLoginModule exte * @return The {@code AuthInfo} resulting from the successful login. */ @Nullable -private AuthInfo getAuthInfo(@Nullable TokenInfo tokenInfo, @NotNull Set principals) { +private static AuthInfo getAuthInfo(@Nullable TokenInfo tokenInfo, @NotNull Set principals) { if (tokenInfo != null) { Map attributes = new HashMap(); Map publicAttributes = tokenInfo.getPublicAttributes(); Modified: jackrabbit/oak/trunk/oak-security-spi/src/main/java/org/apache/jackrabbit/oak/spi/security/authentication/AbstractLoginModule.java URL: http://svn.apache.org/viewvc/jackrabbit/oak/trunk/oak-security-spi/src/main/java/org/apache/jackrabbit/oak/spi/security/authentication/AbstractLoginModule.java?rev=1843549=1843548=1843549=diff == --- jackrabbit/oak/trunk/oak-security-spi/src/main/java/org/apache/jackrabbit/oak/spi/security/authentication/AbstractLoginModule.java (original) +++ jackrabbit/oak/trunk/oak-security-spi/src/main/java/org/apache/jackrabbit/oak/spi/security/authentication/AbstractLoginModule.java Thu Oct 11 13:17:19 2018 @@ -219,6 +219,7 @@ public abstract class AbstractLoginModul } catch (IOException e) { log.debug(e.getMessage()); } +systemSession = null; } }
svn commit: r1843537 - in /jackrabbit/oak/trunk/oak-core/src: main/java/org/apache/jackrabbit/oak/security/user/ test/java/org/apache/jackrabbit/oak/security/user/
Author: stillalex Date: Thu Oct 11 09:17:51 2018 New Revision: 1843537 URL: http://svn.apache.org/viewvc?rev=1843537=rev Log: OAK-7820 Make internal group principal impl classes static Modified: jackrabbit/oak/trunk/oak-core/src/main/java/org/apache/jackrabbit/oak/security/user/AdminPrincipalImpl.java jackrabbit/oak/trunk/oak-core/src/main/java/org/apache/jackrabbit/oak/security/user/SystemUserPrincipalImpl.java jackrabbit/oak/trunk/oak-core/src/main/java/org/apache/jackrabbit/oak/security/user/TreeBasedPrincipal.java jackrabbit/oak/trunk/oak-core/src/main/java/org/apache/jackrabbit/oak/security/user/UserPrincipalProvider.java jackrabbit/oak/trunk/oak-core/src/test/java/org/apache/jackrabbit/oak/security/user/AbstractGroupPrincipalTest.java Modified: jackrabbit/oak/trunk/oak-core/src/main/java/org/apache/jackrabbit/oak/security/user/AdminPrincipalImpl.java URL: http://svn.apache.org/viewvc/jackrabbit/oak/trunk/oak-core/src/main/java/org/apache/jackrabbit/oak/security/user/AdminPrincipalImpl.java?rev=1843537=1843536=1843537=diff == --- jackrabbit/oak/trunk/oak-core/src/main/java/org/apache/jackrabbit/oak/security/user/AdminPrincipalImpl.java (original) +++ jackrabbit/oak/trunk/oak-core/src/main/java/org/apache/jackrabbit/oak/security/user/AdminPrincipalImpl.java Thu Oct 11 09:17:51 2018 @@ -17,7 +17,7 @@ package org.apache.jackrabbit.oak.security.user; import org.apache.jackrabbit.oak.api.Tree; -import org.apache.jackrabbit.oak.namepath.PathMapper; +import org.apache.jackrabbit.oak.namepath.NamePathMapper; import org.apache.jackrabbit.oak.spi.security.principal.AdminPrincipal; /** @@ -25,7 +25,7 @@ import org.apache.jackrabbit.oak.spi.sec */ class AdminPrincipalImpl extends TreeBasedPrincipal implements AdminPrincipal { -AdminPrincipalImpl(String principalName, Tree tree, PathMapper pathMapper) { +AdminPrincipalImpl(String principalName, Tree tree, NamePathMapper pathMapper) { super(principalName, tree, pathMapper); } } \ No newline at end of file Modified: jackrabbit/oak/trunk/oak-core/src/main/java/org/apache/jackrabbit/oak/security/user/SystemUserPrincipalImpl.java URL: http://svn.apache.org/viewvc/jackrabbit/oak/trunk/oak-core/src/main/java/org/apache/jackrabbit/oak/security/user/SystemUserPrincipalImpl.java?rev=1843537=1843536=1843537=diff == --- jackrabbit/oak/trunk/oak-core/src/main/java/org/apache/jackrabbit/oak/security/user/SystemUserPrincipalImpl.java (original) +++ jackrabbit/oak/trunk/oak-core/src/main/java/org/apache/jackrabbit/oak/security/user/SystemUserPrincipalImpl.java Thu Oct 11 09:17:51 2018 @@ -17,7 +17,7 @@ package org.apache.jackrabbit.oak.security.user; import org.apache.jackrabbit.oak.api.Tree; -import org.apache.jackrabbit.oak.namepath.PathMapper; +import org.apache.jackrabbit.oak.namepath.NamePathMapper; import org.apache.jackrabbit.oak.spi.security.principal.SystemUserPrincipal; import org.jetbrains.annotations.NotNull; @@ -27,7 +27,7 @@ import org.jetbrains.annotations.NotNull */ final class SystemUserPrincipalImpl extends TreeBasedPrincipal implements SystemUserPrincipal { -SystemUserPrincipalImpl(@NotNull String principalName, @NotNull Tree tree, @NotNull PathMapper pathMapper) { +SystemUserPrincipalImpl(@NotNull String principalName, @NotNull Tree tree, @NotNull NamePathMapper pathMapper) { super(principalName, tree, pathMapper); } } Modified: jackrabbit/oak/trunk/oak-core/src/main/java/org/apache/jackrabbit/oak/security/user/TreeBasedPrincipal.java URL: http://svn.apache.org/viewvc/jackrabbit/oak/trunk/oak-core/src/main/java/org/apache/jackrabbit/oak/security/user/TreeBasedPrincipal.java?rev=1843537=1843536=1843537=diff == --- jackrabbit/oak/trunk/oak-core/src/main/java/org/apache/jackrabbit/oak/security/user/TreeBasedPrincipal.java (original) +++ jackrabbit/oak/trunk/oak-core/src/main/java/org/apache/jackrabbit/oak/security/user/TreeBasedPrincipal.java Thu Oct 11 09:17:51 2018 @@ -18,7 +18,7 @@ package org.apache.jackrabbit.oak.securi import org.apache.jackrabbit.api.security.principal.ItemBasedPrincipal; import org.apache.jackrabbit.oak.api.Tree; -import org.apache.jackrabbit.oak.namepath.PathMapper; +import org.apache.jackrabbit.oak.namepath.NamePathMapper; import org.apache.jackrabbit.oak.spi.security.principal.PrincipalImpl; /** @@ -27,13 +27,13 @@ import org.apache.jackrabbit.oak.spi.sec class TreeBasedPrincipal extends PrincipalImpl implements ItemBasedPrincipal { private final String path; -private final PathMapper pathMapper; +private final NamePathMapper pathMapper; -TreeBasedPrincipal(String principalName, Tree tree, PathMapper pathMapper) { +TreeBasedPrincipal(String
svn commit: r1843418 - /jackrabbit/oak/trunk/oak-security-spi/src/main/java/org/apache/jackrabbit/oak/spi/security/privilege/PrivilegeBits.java
Author: stillalex Date: Wed Oct 10 09:56:33 2018 New Revision: 1843418 URL: http://svn.apache.org/viewvc?rev=1843418=rev Log: OAK-7813 PrivilegeBits should also cache default privilege as long values Modified: jackrabbit/oak/trunk/oak-security-spi/src/main/java/org/apache/jackrabbit/oak/spi/security/privilege/PrivilegeBits.java Modified: jackrabbit/oak/trunk/oak-security-spi/src/main/java/org/apache/jackrabbit/oak/spi/security/privilege/PrivilegeBits.java URL: http://svn.apache.org/viewvc/jackrabbit/oak/trunk/oak-security-spi/src/main/java/org/apache/jackrabbit/oak/spi/security/privilege/PrivilegeBits.java?rev=1843418=1843417=1843418=diff == --- jackrabbit/oak/trunk/oak-security-spi/src/main/java/org/apache/jackrabbit/oak/spi/security/privilege/PrivilegeBits.java (original) +++ jackrabbit/oak/trunk/oak-security-spi/src/main/java/org/apache/jackrabbit/oak/spi/security/privilege/PrivilegeBits.java Wed Oct 10 09:56:33 2018 @@ -17,6 +17,7 @@ package org.apache.jackrabbit.oak.spi.security.privilege; import java.util.Arrays; +import java.util.Collections; import java.util.HashMap; import java.util.Map; import com.google.common.primitives.Longs; @@ -65,34 +66,69 @@ public final class PrivilegeBits impleme public static final PrivilegeBits EMPTY = new PrivilegeBits(UnmodifiableData.EMPTY); -public static final Map BUILT_IN = new HashMap(); +public static final Map BUILT_IN; +private static final Map BUILT_IN_BITS; + static { -BUILT_IN.put(REP_READ_NODES, getInstance(READ_NODES)); -BUILT_IN.put(REP_READ_PROPERTIES, getInstance(READ_PROPERTIES)); -BUILT_IN.put(REP_ADD_PROPERTIES, getInstance(ADD_PROPERTIES)); -BUILT_IN.put(REP_ALTER_PROPERTIES, getInstance(ALTER_PROPERTIES)); -BUILT_IN.put(REP_REMOVE_PROPERTIES, getInstance(REMOVE_PROPERTIES)); -BUILT_IN.put(JCR_ADD_CHILD_NODES, getInstance(ADD_CHILD_NODES)); -BUILT_IN.put(JCR_REMOVE_CHILD_NODES, getInstance(REMOVE_CHILD_NODES)); -BUILT_IN.put(JCR_REMOVE_NODE, getInstance(REMOVE_NODE)); -BUILT_IN.put(JCR_READ_ACCESS_CONTROL, getInstance(READ_AC)); -BUILT_IN.put(JCR_MODIFY_ACCESS_CONTROL, getInstance(MODIFY_AC)); -BUILT_IN.put(JCR_NODE_TYPE_MANAGEMENT, getInstance(NODE_TYPE_MNGMT)); -BUILT_IN.put(JCR_VERSION_MANAGEMENT, getInstance(VERSION_MNGMT)); -BUILT_IN.put(JCR_LOCK_MANAGEMENT, getInstance(LOCK_MNGMT)); -BUILT_IN.put(JCR_LIFECYCLE_MANAGEMENT, getInstance(LIFECYCLE_MNGMT)); -BUILT_IN.put(JCR_RETENTION_MANAGEMENT, getInstance(RETENTION_MNGMT)); -BUILT_IN.put(JCR_WORKSPACE_MANAGEMENT, getInstance(WORKSPACE_MNGMT)); -BUILT_IN.put(JCR_NODE_TYPE_DEFINITION_MANAGEMENT, getInstance(NODE_TYPE_DEF_MNGMT)); -BUILT_IN.put(JCR_NAMESPACE_MANAGEMENT, getInstance(NAMESPACE_MNGMT)); -BUILT_IN.put(REP_PRIVILEGE_MANAGEMENT, getInstance(PRIVILEGE_MNGMT)); -BUILT_IN.put(REP_USER_MANAGEMENT, getInstance(USER_MNGMT)); -BUILT_IN.put(REP_INDEX_DEFINITION_MANAGEMENT, getInstance(INDEX_DEFINITION_MNGMT)); - -BUILT_IN.put(JCR_READ, PrivilegeBits.getInstance(READ)); -BUILT_IN.put(JCR_MODIFY_PROPERTIES, PrivilegeBits.getInstance(MODIFY_PROPERTIES)); -BUILT_IN.put(JCR_WRITE, PrivilegeBits.getInstance(WRITE)); -BUILT_IN.put(REP_WRITE, PrivilegeBits.getInstance(WRITE2)); +Map privs = new HashMap(); +privs.put(REP_READ_NODES, getInstance(READ_NODES)); +privs.put(REP_READ_PROPERTIES, getInstance(READ_PROPERTIES)); +privs.put(REP_ADD_PROPERTIES, getInstance(ADD_PROPERTIES)); +privs.put(REP_ALTER_PROPERTIES, getInstance(ALTER_PROPERTIES)); +privs.put(REP_REMOVE_PROPERTIES, getInstance(REMOVE_PROPERTIES)); +privs.put(JCR_ADD_CHILD_NODES, getInstance(ADD_CHILD_NODES)); +privs.put(JCR_REMOVE_CHILD_NODES, getInstance(REMOVE_CHILD_NODES)); +privs.put(JCR_REMOVE_NODE, getInstance(REMOVE_NODE)); +privs.put(JCR_READ_ACCESS_CONTROL, getInstance(READ_AC)); +privs.put(JCR_MODIFY_ACCESS_CONTROL, getInstance(MODIFY_AC)); +privs.put(JCR_NODE_TYPE_MANAGEMENT, getInstance(NODE_TYPE_MNGMT)); +privs.put(JCR_VERSION_MANAGEMENT, getInstance(VERSION_MNGMT)); +privs.put(JCR_LOCK_MANAGEMENT, getInstance(LOCK_MNGMT)); +privs.put(JCR_LIFECYCLE_MANAGEMENT, getInstance(LIFECYCLE_MNGMT)); +privs.put(JCR_RETENTION_MANAGEMENT, getInstance(RETENTION_MNGMT)); +privs.put(JCR_WORKSPACE_MANAGEMENT, getInstance(WORKSPACE_MNGMT)); +privs.put(JCR_NODE_TYPE_DEFINITION_MANAGEMENT, getInstance(NODE_TYPE_DEF_MNGMT)); +privs.put(JCR_NAMESPACE_MANAGEMENT, getInstance(NAMESPACE_MNGMT)); +privs.put(REP_PRIVILEGE_MANAGEMENT, getInstance(PRIVILEGE_MNGMT)); +privs.put(REP_USER_MANAGEMENT, getInstance(USER_MNGMT)); +privs.put
svn commit: r1843401 - in /jackrabbit/oak/trunk: oak-auth-external/src/main/java/org/apache/jackrabbit/oak/spi/security/authentication/external/impl/ oak-auth-external/src/test/java/org/apache/jackrab
Author: stillalex Date: Wed Oct 10 07:38:01 2018 New Revision: 1843401 URL: http://svn.apache.org/viewvc?rev=1843401=rev Log: OAK-7288 Change default JAAS ranking of ExternalLoginModuleFactory - based on a patch provided by Lars Krapf Modified: jackrabbit/oak/trunk/oak-auth-external/src/main/java/org/apache/jackrabbit/oak/spi/security/authentication/external/impl/ExternalLoginModuleFactory.java jackrabbit/oak/trunk/oak-auth-external/src/test/java/org/apache/jackrabbit/oak/spi/security/authentication/external/PreAuthDefaultExternalLoginModuleTest.java jackrabbit/oak/trunk/oak-benchmarks/src/main/java/org/apache/jackrabbit/oak/benchmark/authentication/external/ExternalLoginTest.java jackrabbit/oak/trunk/oak-doc/src/site/markdown/security/authentication/externalloginmodule.md Modified: jackrabbit/oak/trunk/oak-auth-external/src/main/java/org/apache/jackrabbit/oak/spi/security/authentication/external/impl/ExternalLoginModuleFactory.java URL: http://svn.apache.org/viewvc/jackrabbit/oak/trunk/oak-auth-external/src/main/java/org/apache/jackrabbit/oak/spi/security/authentication/external/impl/ExternalLoginModuleFactory.java?rev=1843401=1843400=1843401=diff == --- jackrabbit/oak/trunk/oak-auth-external/src/main/java/org/apache/jackrabbit/oak/spi/security/authentication/external/impl/ExternalLoginModuleFactory.java (original) +++ jackrabbit/oak/trunk/oak-auth-external/src/main/java/org/apache/jackrabbit/oak/spi/security/authentication/external/impl/ExternalLoginModuleFactory.java Wed Oct 10 07:38:01 2018 @@ -64,7 +64,7 @@ public class ExternalLoginModuleFactory @SuppressWarnings("UnusedDeclaration") @Property( -intValue = 50, +intValue = 150, label = "JAAS Ranking", description = "Specifying the ranking (i.e. sort order) of this login module entry. The entries are sorted " + "in a descending order (i.e. higher value ranked configurations come first)." Modified: jackrabbit/oak/trunk/oak-auth-external/src/test/java/org/apache/jackrabbit/oak/spi/security/authentication/external/PreAuthDefaultExternalLoginModuleTest.java URL: http://svn.apache.org/viewvc/jackrabbit/oak/trunk/oak-auth-external/src/test/java/org/apache/jackrabbit/oak/spi/security/authentication/external/PreAuthDefaultExternalLoginModuleTest.java?rev=1843401=1843400=1843401=diff == --- jackrabbit/oak/trunk/oak-auth-external/src/test/java/org/apache/jackrabbit/oak/spi/security/authentication/external/PreAuthDefaultExternalLoginModuleTest.java (original) +++ jackrabbit/oak/trunk/oak-auth-external/src/test/java/org/apache/jackrabbit/oak/spi/security/authentication/external/PreAuthDefaultExternalLoginModuleTest.java Wed Oct 10 07:38:01 2018 @@ -79,14 +79,15 @@ public class PreAuthDefaultExternalLogin preAuthOptions); AppConfigurationEntry entry2 = new AppConfigurationEntry( -LoginModuleImpl.class.getName(), -AppConfigurationEntry.LoginModuleControlFlag.OPTIONAL, -new HashMap()); - -AppConfigurationEntry entry3 = new AppConfigurationEntry( ExternalLoginModule.class.getName(), AppConfigurationEntry.LoginModuleControlFlag.SUFFICIENT, options); + +AppConfigurationEntry entry3 = new AppConfigurationEntry( +LoginModuleImpl.class.getName(), + AppConfigurationEntry.LoginModuleControlFlag.SUFFICIENT, +new HashMap()); + return new AppConfigurationEntry[]{entry1, entry2, entry3}; } }; Modified: jackrabbit/oak/trunk/oak-benchmarks/src/main/java/org/apache/jackrabbit/oak/benchmark/authentication/external/ExternalLoginTest.java URL: http://svn.apache.org/viewvc/jackrabbit/oak/trunk/oak-benchmarks/src/main/java/org/apache/jackrabbit/oak/benchmark/authentication/external/ExternalLoginTest.java?rev=1843401=1843400=1843401=diff == --- jackrabbit/oak/trunk/oak-benchmarks/src/main/java/org/apache/jackrabbit/oak/benchmark/authentication/external/ExternalLoginTest.java (original) +++ jackrabbit/oak/trunk/oak-benchmarks/src/main/java/org/apache/jackrabbit/oak/benchmark/authentication/external/ExternalLoginTest.java Wed Oct 10 07:38:01 2018 @@ -22,10 +22,17 @@ import javax.security.auth.login.AppConf import javax.security.auth.login.Configuration; import com.google.common.collect.ImmutableMap; + +import org.apache.jackrabbit.oak.security.authentication.token.TokenLoginModule; import org.apache.jackrabbit.oak.security.auth
svn commit: r1842227 - /jackrabbit/oak/trunk/oak-core/src/main/java/org/apache/jackrabbit/oak/plugins/name/NamespaceEditor.java
Author: stillalex Date: Fri Sep 28 09:54:08 2018 New Revision: 1842227 URL: http://svn.apache.org/viewvc?rev=1842227=rev Log: OAK-7786 Make the NamespaceEditor less strict when enforcing changes to rep:nsdata node Modified: jackrabbit/oak/trunk/oak-core/src/main/java/org/apache/jackrabbit/oak/plugins/name/NamespaceEditor.java Modified: jackrabbit/oak/trunk/oak-core/src/main/java/org/apache/jackrabbit/oak/plugins/name/NamespaceEditor.java URL: http://svn.apache.org/viewvc/jackrabbit/oak/trunk/oak-core/src/main/java/org/apache/jackrabbit/oak/plugins/name/NamespaceEditor.java?rev=1842227=1842226=1842227=diff == --- jackrabbit/oak/trunk/oak-core/src/main/java/org/apache/jackrabbit/oak/plugins/name/NamespaceEditor.java (original) +++ jackrabbit/oak/trunk/oak-core/src/main/java/org/apache/jackrabbit/oak/plugins/name/NamespaceEditor.java Fri Sep 28 09:54:08 2018 @@ -46,6 +46,14 @@ import org.apache.jackrabbit.oak.spi.sta */ class NamespaceEditor extends DefaultEditor { +/** + * Flag controlling the strictness of the check to disallow modifications to + * the internal node 'ns:data'. If enabled, any changes will throw a + * CommitFailedException, otherwise the index node will be rebuilt on any + * external change. + */ +private static final boolean strictIntegrityCheck = Boolean.getBoolean("oak.strictIntegrityCheck"); + private final NodeBuilder builder; private boolean modified = false; @@ -137,7 +145,11 @@ class NamespaceEditor extends DefaultEdi public Editor childNodeChanged(String name, NodeState before, NodeState after) throws CommitFailedException { if (REP_NSDATA.equals(name) && !before.equals(after)) { -throw modificationNotAllowed(name); +if (strictIntegrityCheck) { +throw modificationNotAllowed(name); +} else { +modified = true; +} } return null; }
svn commit: r1842080 - in /jackrabbit/oak/trunk/oak-core/src: main/java/org/apache/jackrabbit/oak/security/privilege/PrivilegeDefinitionWriter.java test/java/org/apache/jackrabbit/oak/security/privile
Author: stillalex Date: Thu Sep 27 10:09:08 2018 New Revision: 1842080 URL: http://svn.apache.org/viewvc?rev=1842080=rev Log: OAK-7782 Clarify error on aggregate privilege registration with non existing privileges Modified: jackrabbit/oak/trunk/oak-core/src/main/java/org/apache/jackrabbit/oak/security/privilege/PrivilegeDefinitionWriter.java jackrabbit/oak/trunk/oak-core/src/test/java/org/apache/jackrabbit/oak/security/privilege/PrivilegeManagerImplTest.java Modified: jackrabbit/oak/trunk/oak-core/src/main/java/org/apache/jackrabbit/oak/security/privilege/PrivilegeDefinitionWriter.java URL: http://svn.apache.org/viewvc/jackrabbit/oak/trunk/oak-core/src/main/java/org/apache/jackrabbit/oak/security/privilege/PrivilegeDefinitionWriter.java?rev=1842080=1842079=1842080=diff == --- jackrabbit/oak/trunk/oak-core/src/main/java/org/apache/jackrabbit/oak/security/privilege/PrivilegeDefinitionWriter.java (original) +++ jackrabbit/oak/trunk/oak-core/src/main/java/org/apache/jackrabbit/oak/security/privilege/PrivilegeDefinitionWriter.java Thu Sep 27 10:09:08 2018 @@ -140,6 +140,9 @@ class PrivilegeDefinitionWriter implemen bits = PrivilegeBits.BUILT_IN.get(name); } else if (isAggregate) { bits = bitsMgr.getBits(declAggrNames); +if (bits.isEmpty()) { +throw new RepositoryException("Illegal aggregation of non-exising privileges on '" + name + "'."); +} } else { bits = next(); } Modified: jackrabbit/oak/trunk/oak-core/src/test/java/org/apache/jackrabbit/oak/security/privilege/PrivilegeManagerImplTest.java URL: http://svn.apache.org/viewvc/jackrabbit/oak/trunk/oak-core/src/test/java/org/apache/jackrabbit/oak/security/privilege/PrivilegeManagerImplTest.java?rev=1842080=1842079=1842080=diff == --- jackrabbit/oak/trunk/oak-core/src/test/java/org/apache/jackrabbit/oak/security/privilege/PrivilegeManagerImplTest.java (original) +++ jackrabbit/oak/trunk/oak-core/src/test/java/org/apache/jackrabbit/oak/security/privilege/PrivilegeManagerImplTest.java Thu Sep 27 10:09:08 2018 @@ -53,6 +53,7 @@ public class PrivilegeManagerImplTest ex private PrivilegeManagerImpl privilegeManager; @Before +@Override public void before() throws Exception { super.before(); privilegeManager = create(root); @@ -169,6 +170,16 @@ public class PrivilegeManagerImplTest ex privilegeManager.registerPrivilege("jcr:customPrivilege", true, new String[]{"jcr:read", "jcr:write"}); } +@Test +public void testRegisterAggregated() throws Exception { +privilegeManager.registerPrivilege("test:customPrivilege", false, new String[] { "jcr:read", "jcr:write" }); +} + +@Test(expected = RepositoryException.class) +public void testRegisterAggregatedNonExisting() throws Exception { +privilegeManager.registerPrivilege("test:customPrivilege", false, new String[] { "test:nan" }); +} + @Test(expected = RepositoryException.class) public void testRegisterPrivilegeReservedRemappedNamespace() throws Exception { NamePathMapper mapper = new NamePathMapperImpl(new LocalNameMapper(root, ImmutableMap.of("prefix", NamespaceRegistry.NAMESPACE_JCR)));
svn commit: r1841909 - in /jackrabbit/oak/trunk: oak-jcr/src/test/java/org/apache/jackrabbit/oak/jcr/security/user/ oak-security-spi/src/main/java/org/apache/jackrabbit/oak/spi/security/user/util/ oak
Author: stillalex Date: Tue Sep 25 08:13:45 2018 New Revision: 1841909 URL: http://svn.apache.org/viewvc?rev=1841909=rev Log: OAK-7778 PasswordUtil#isPlainTextPassword doesn't validate PBKDF2 scheme Modified: jackrabbit/oak/trunk/oak-jcr/src/test/java/org/apache/jackrabbit/oak/jcr/security/user/UserImportTest.java jackrabbit/oak/trunk/oak-security-spi/src/main/java/org/apache/jackrabbit/oak/spi/security/user/util/PasswordUtil.java jackrabbit/oak/trunk/oak-security-spi/src/test/java/org/apache/jackrabbit/oak/spi/security/user/util/PasswordUtilTest.java Modified: jackrabbit/oak/trunk/oak-jcr/src/test/java/org/apache/jackrabbit/oak/jcr/security/user/UserImportTest.java URL: http://svn.apache.org/viewvc/jackrabbit/oak/trunk/oak-jcr/src/test/java/org/apache/jackrabbit/oak/jcr/security/user/UserImportTest.java?rev=1841909=1841908=1841909=diff == --- jackrabbit/oak/trunk/oak-jcr/src/test/java/org/apache/jackrabbit/oak/jcr/security/user/UserImportTest.java (original) +++ jackrabbit/oak/trunk/oak-jcr/src/test/java/org/apache/jackrabbit/oak/jcr/security/user/UserImportTest.java Tue Sep 25 08:13:45 2018 @@ -35,6 +35,7 @@ import org.apache.jackrabbit.api.securit import org.apache.jackrabbit.api.security.user.Impersonation; import org.apache.jackrabbit.api.security.user.User; import org.apache.jackrabbit.oak.spi.security.user.UserConstants; +import org.apache.jackrabbit.oak.spi.security.user.util.PasswordUtil; import org.apache.jackrabbit.test.NotExecutableException; import org.junit.Test; @@ -226,7 +227,7 @@ public class UserImportTest extends Abst String pwValue = n.getProperty(UserConstants.REP_PASSWORD).getString(); assertFalse(plainPw.equals(pwValue)); -assertTrue(pwValue.toLowerCase().startsWith("{sha")); +assertTrue(pwValue.toLowerCase().startsWith("{" + PasswordUtil.DEFAULT_ALGORITHM.toLowerCase())); } /** Modified: jackrabbit/oak/trunk/oak-security-spi/src/main/java/org/apache/jackrabbit/oak/spi/security/user/util/PasswordUtil.java URL: http://svn.apache.org/viewvc/jackrabbit/oak/trunk/oak-security-spi/src/main/java/org/apache/jackrabbit/oak/spi/security/user/util/PasswordUtil.java?rev=1841909=1841908=1841909=diff == --- jackrabbit/oak/trunk/oak-security-spi/src/main/java/org/apache/jackrabbit/oak/spi/security/user/util/PasswordUtil.java (original) +++ jackrabbit/oak/trunk/oak-security-spi/src/main/java/org/apache/jackrabbit/oak/spi/security/user/util/PasswordUtil.java Tue Sep 25 08:13:45 2018 @@ -50,7 +50,7 @@ public final class PasswordUtil { /** * @since OAK 1.0 */ -private static final String PBKDF2_PREFIX = "PBKDF2"; +static final String PBKDF2_PREFIX = "PBKDF2"; public static final String DEFAULT_ALGORITHM = "SHA-256"; public static final int DEFAULT_SALT_SIZE = 8; @@ -159,7 +159,7 @@ public final class PasswordUtil { * the given {@code hashedPassword} string. */ public static boolean isSame(@Nullable String hashedPassword, @NotNull String password) { -if (hashedPassword == null) { +if (hashedPassword == null || password == null) { return false; } try { @@ -329,7 +329,11 @@ public final class PasswordUtil { if (hashedPwd.charAt(0) == '{' && end > 0 && end < hashedPwd.length()-1) { String algorithm = hashedPwd.substring(1, end); try { -MessageDigest.getInstance(algorithm); +if (algorithm.startsWith(PBKDF2_PREFIX)) { +SecretKeyFactory.getInstance(algorithm); +} else { +MessageDigest.getInstance(algorithm); +} return algorithm; } catch (NoSuchAlgorithmException e) { log.debug("Invalid algorithm detected " + algorithm, e); Modified: jackrabbit/oak/trunk/oak-security-spi/src/test/java/org/apache/jackrabbit/oak/spi/security/user/util/PasswordUtilTest.java URL: http://svn.apache.org/viewvc/jackrabbit/oak/trunk/oak-security-spi/src/test/java/org/apache/jackrabbit/oak/spi/security/user/util/PasswordUtilTest.java?rev=1841909=1841908=1841909=diff == --- jackrabbit/oak/trunk/oak-security-spi/src/test/java/org/apache/jackrabbit/oak/spi/security/user/util/PasswordUtilTest.java (original) +++ jackrabbit/oak/trunk/oak-security-spi/src/test/java/org/apache/jackrabbit/oak/spi/security/user/util/PasswordUtilTest.java Tue Sep 25 08:13:45 2018 @@ -33,6 +33,7 @@ import static org.junit.Assert.assertEqu import static org.junit.Assert.assertFalse; import static org.junit.Assert.assertTrue;
svn commit: r1840630 - in /jackrabbit/oak/trunk/oak-jcr/src/main/java/org/apache/jackrabbit/oak/jcr: repository/RepositoryImpl.java session/RefreshStrategy.java
Author: stillalex Date: Wed Sep 12 07:41:18 2018 New Revision: 1840630 URL: http://svn.apache.org/viewvc?rev=1840630=rev Log: OAK-6402 SessionStats log access warning Modified: jackrabbit/oak/trunk/oak-jcr/src/main/java/org/apache/jackrabbit/oak/jcr/repository/RepositoryImpl.java jackrabbit/oak/trunk/oak-jcr/src/main/java/org/apache/jackrabbit/oak/jcr/session/RefreshStrategy.java Modified: jackrabbit/oak/trunk/oak-jcr/src/main/java/org/apache/jackrabbit/oak/jcr/repository/RepositoryImpl.java URL: http://svn.apache.org/viewvc/jackrabbit/oak/trunk/oak-jcr/src/main/java/org/apache/jackrabbit/oak/jcr/repository/RepositoryImpl.java?rev=1840630=1840629=1840630=diff == --- jackrabbit/oak/trunk/oak-jcr/src/main/java/org/apache/jackrabbit/oak/jcr/repository/RepositoryImpl.java (original) +++ jackrabbit/oak/trunk/oak-jcr/src/main/java/org/apache/jackrabbit/oak/jcr/repository/RepositoryImpl.java Wed Sep 12 07:41:18 2018 @@ -22,7 +22,6 @@ import static java.util.Collections.sing import static org.apache.jackrabbit.oak.spi.whiteboard.WhiteboardUtils.registerMBean; import java.io.Closeable; -import java.util.List; import java.util.Map; import java.util.concurrent.Callable; import java.util.concurrent.ScheduledExecutorService; @@ -40,7 +39,6 @@ import javax.jcr.SimpleCredentials; import javax.jcr.Value; import javax.security.auth.login.LoginException; -import com.google.common.base.Predicate; import com.google.common.collect.ImmutableMap; import org.apache.commons.io.IOUtils; @@ -63,7 +61,6 @@ import org.apache.jackrabbit.oak.spi.gc. import org.apache.jackrabbit.oak.spi.mount.MountInfoProvider; import org.apache.jackrabbit.oak.spi.security.SecurityProvider; import org.apache.jackrabbit.oak.spi.whiteboard.Registration; -import org.apache.jackrabbit.oak.spi.whiteboard.Tracker; import org.apache.jackrabbit.oak.spi.whiteboard.Whiteboard; import org.apache.jackrabbit.oak.spi.whiteboard.WhiteboardUtils; import org.apache.jackrabbit.oak.stats.Clock; @@ -282,18 +279,12 @@ public class RepositoryImpl implements J throw new RepositoryException("Duplicate attribute '" + REFRESH_INTERVAL + "'."); } boolean relaxedLocking = getRelaxedLocking(attributes); - -RefreshPredicate predicate = new RefreshPredicate(); -RefreshStrategy refreshStrategy = refreshInterval == null -? new RefreshStrategy.ConditionalRefreshStrategy(new RefreshStrategy.LogOnce(60), predicate) -: new RefreshStrategy.Timed(refreshInterval); ContentSession contentSession = contentRepository.login(credentials, workspaceName); -SessionDelegate sessionDelegate = createSessionDelegate(refreshStrategy, contentSession); +SessionDelegate sessionDelegate = createSessionDelegate(refreshInterval, contentSession); SessionContext context = createSessionContext( statisticManager, securityProvider, createAttributes(refreshInterval, relaxedLocking), sessionDelegate, observationQueueLength, commitRateLimiter); -predicate.setSessionContext(context); return context.getSession(); } catch (LoginException e) { throw new javax.jcr.LoginException(e.getMessage(), e); @@ -301,11 +292,16 @@ public class RepositoryImpl implements J } private SessionDelegate createSessionDelegate( -RefreshStrategy refreshStrategy, +Long refreshInterval, ContentSession contentSession) { +RefreshStrategy refreshStrategy; final RefreshOnGC refreshOnGC = new RefreshOnGC(gcMonitor); -refreshStrategy = Composite.create(refreshStrategy, refreshOnGC); +if (refreshInterval == null) { +refreshStrategy = refreshOnGC; +} else { +refreshStrategy = Composite.create(new RefreshStrategy.Timed(refreshInterval), refreshOnGC); +} return new SessionDelegate( contentSession, securityProvider, refreshStrategy, @@ -517,26 +513,6 @@ public class RepositoryImpl implements J } } -/** - * Predicate which ensures that refresh strategy is invoked only - * if there is no event listeners registered with the session - */ -private static class RefreshPredicate implements Predicate{ -private SessionContext sessionContext; - -@Override -public boolean apply(@Nullable Long input) { -if (sessionContext == null){ -return true; -} -return !sessionContext.hasEventListeners(); -} - -public void setSessionContext(SessionContext sessionContext) { -this.sessionContext = sessionContext; -} -} - private static class RegistrationTask implements Runnable {
svn commit: r1840303 - in /jackrabbit/oak/trunk: oak-authorization-cug/src/main/java/org/apache/jackrabbit/oak/spi/security/authorization/cug/impl/ oak-core/src/main/java/org/apache/jackrabbit/oak/ oa
Author: stillalex Date: Fri Sep 7 14:38:36 2018 New Revision: 1840303 URL: http://svn.apache.org/viewvc?rev=1840303=rev Log: OAK-7510 Run repository initializers with hooks Modified: jackrabbit/oak/trunk/oak-authorization-cug/src/main/java/org/apache/jackrabbit/oak/spi/security/authorization/cug/impl/CugConfiguration.java jackrabbit/oak/trunk/oak-core/src/main/java/org/apache/jackrabbit/oak/InitialContent.java jackrabbit/oak/trunk/oak-core/src/main/java/org/apache/jackrabbit/oak/Oak.java jackrabbit/oak/trunk/oak-core/src/main/java/org/apache/jackrabbit/oak/OakInitializer.java jackrabbit/oak/trunk/oak-core/src/main/java/org/apache/jackrabbit/oak/plugins/name/NameValidator.java jackrabbit/oak/trunk/oak-core/src/main/java/org/apache/jackrabbit/oak/plugins/name/NameValidatorProvider.java jackrabbit/oak/trunk/oak-core/src/test/java/org/apache/jackrabbit/oak/InitialContentHelper.java jackrabbit/oak/trunk/oak-core/src/test/java/org/apache/jackrabbit/oak/plugins/index/property/PropertyIndexQueryTest.java jackrabbit/oak/trunk/oak-core/src/test/java/org/apache/jackrabbit/oak/plugins/name/NameValidatorTest.java jackrabbit/oak/trunk/oak-core/src/test/java/org/apache/jackrabbit/oak/security/user/UserProviderTest.java jackrabbit/oak/trunk/oak-lucene/src/test/java/org/apache/jackrabbit/oak/jcr/LuceneOakRepositoryStub.java jackrabbit/oak/trunk/oak-lucene/src/test/java/org/apache/jackrabbit/oak/plugins/index/lucene/FunctionIndexTest.java jackrabbit/oak/trunk/oak-lucene/src/test/java/org/apache/jackrabbit/oak/plugins/index/lucene/LuceneIndexAggregationTest.java jackrabbit/oak/trunk/oak-lucene/src/test/java/org/apache/jackrabbit/oak/plugins/index/lucene/LuceneIndexExclusionQueryTest.java jackrabbit/oak/trunk/oak-lucene/src/test/java/org/apache/jackrabbit/oak/plugins/index/lucene/LuceneIndexQueryTest.java jackrabbit/oak/trunk/oak-lucene/src/test/java/org/apache/jackrabbit/oak/plugins/index/lucene/LucenePropertyIndexTest.java Modified: jackrabbit/oak/trunk/oak-authorization-cug/src/main/java/org/apache/jackrabbit/oak/spi/security/authorization/cug/impl/CugConfiguration.java URL: http://svn.apache.org/viewvc/jackrabbit/oak/trunk/oak-authorization-cug/src/main/java/org/apache/jackrabbit/oak/spi/security/authorization/cug/impl/CugConfiguration.java?rev=1840303=1840302=1840303=diff == --- jackrabbit/oak/trunk/oak-authorization-cug/src/main/java/org/apache/jackrabbit/oak/spi/security/authorization/cug/impl/CugConfiguration.java (original) +++ jackrabbit/oak/trunk/oak-authorization-cug/src/main/java/org/apache/jackrabbit/oak/spi/security/authorization/cug/impl/CugConfiguration.java Fri Sep 7 14:38:36 2018 @@ -41,13 +41,9 @@ import org.apache.jackrabbit.oak.api.Roo import org.apache.jackrabbit.oak.api.Tree; import org.apache.jackrabbit.oak.namepath.NamePathMapper; import org.apache.jackrabbit.oak.plugins.memory.MemoryNodeStore; -import org.apache.jackrabbit.oak.plugins.name.NamespaceEditorProvider; import org.apache.jackrabbit.oak.plugins.nodetype.ReadOnlyNodeTypeManager; -import org.apache.jackrabbit.oak.plugins.nodetype.TypeEditorProvider; import org.apache.jackrabbit.oak.plugins.nodetype.write.NodeTypeRegistry; import org.apache.jackrabbit.oak.spi.commit.CommitHook; -import org.apache.jackrabbit.oak.spi.commit.CompositeEditorProvider; -import org.apache.jackrabbit.oak.spi.commit.EditorHook; import org.apache.jackrabbit.oak.spi.commit.MoveTracker; import org.apache.jackrabbit.oak.spi.commit.ValidatorProvider; import org.apache.jackrabbit.oak.spi.lifecycle.RepositoryInitializer; @@ -159,8 +155,7 @@ public class CugConfiguration extends Co NodeState base = builder.getNodeState(); NodeStore store = new MemoryNodeStore(base); -Root root = getRootProvider().createSystemRoot(store, -new EditorHook(new CompositeEditorProvider(new NamespaceEditorProvider(), new TypeEditorProvider(; +Root root = getRootProvider().createSystemRoot(store, null); if (registerCugNodeTypes(root)) { NodeState target = store.getRoot(); target.compareAgainstBaseState(base, new ApplyDiff(builder)); Modified: jackrabbit/oak/trunk/oak-core/src/main/java/org/apache/jackrabbit/oak/InitialContent.java URL: http://svn.apache.org/viewvc/jackrabbit/oak/trunk/oak-core/src/main/java/org/apache/jackrabbit/oak/InitialContent.java?rev=1840303=1840302=1840303=diff == --- jackrabbit/oak/trunk/oak-core/src/main/java/org/apache/jackrabbit/oak/InitialContent.java (original) +++ jackrabbit/oak/trunk/oak-core/src/main/java/org/apache/jackrabbit/oak/InitialContent.java Fri Sep 7 14:38:36 2018 @@ -16,8 +16,6 @@ */ package org.apache.jackrabbit.oak; -import java.io.IOException; -import java.io.InputStream
svn commit: r1840226 - in /jackrabbit/oak/trunk: oak-core/src/main/java/org/apache/jackrabbit/oak/security/authentication/token/ oak-core/src/test/java/org/apache/jackrabbit/oak/security/authenticatio
Author: stillalex Date: Thu Sep 6 14:45:42 2018 New Revision: 1840226 URL: http://svn.apache.org/viewvc?rev=1840226=rev Log: OAK-7741 Token LoginModule flag to skip refreshing the token expiration Modified: jackrabbit/oak/trunk/oak-core/src/main/java/org/apache/jackrabbit/oak/security/authentication/token/TokenAuthentication.java jackrabbit/oak/trunk/oak-core/src/test/java/org/apache/jackrabbit/oak/security/authentication/token/TokenAuthenticationTest.java jackrabbit/oak/trunk/oak-security-spi/src/main/java/org/apache/jackrabbit/oak/spi/security/authentication/token/TokenConstants.java jackrabbit/oak/trunk/oak-security-spi/src/main/java/org/apache/jackrabbit/oak/spi/security/authentication/token/package-info.java Modified: jackrabbit/oak/trunk/oak-core/src/main/java/org/apache/jackrabbit/oak/security/authentication/token/TokenAuthentication.java URL: http://svn.apache.org/viewvc/jackrabbit/oak/trunk/oak-core/src/main/java/org/apache/jackrabbit/oak/security/authentication/token/TokenAuthentication.java?rev=1840226=1840225=1840226=diff == --- jackrabbit/oak/trunk/oak-core/src/main/java/org/apache/jackrabbit/oak/security/authentication/token/TokenAuthentication.java (original) +++ jackrabbit/oak/trunk/oak-core/src/main/java/org/apache/jackrabbit/oak/security/authentication/token/TokenAuthentication.java Thu Sep 6 14:45:42 2018 @@ -23,6 +23,7 @@ import javax.security.auth.login.LoginEx import org.apache.jackrabbit.api.security.authentication.token.TokenCredentials; import org.apache.jackrabbit.oak.spi.security.authentication.Authentication; +import org.apache.jackrabbit.oak.spi.security.authentication.token.TokenConstants; import org.apache.jackrabbit.oak.spi.security.authentication.token.TokenInfo; import org.apache.jackrabbit.oak.spi.security.authentication.token.TokenProvider; import org.jetbrains.annotations.NotNull; @@ -116,7 +117,12 @@ class TokenAuthentication implements Aut } if (tokenInfo.matches(tokenCredentials)) { -tokenInfo.resetExpiration(loginTime); +if (tokenCredentials.getAttribute(TokenConstants.TOKEN_SKIP_REFRESH) == null) { +boolean reset = tokenInfo.resetExpiration(loginTime); +log.debug("Token reset={}", reset); +} else { +log.debug("Token reset skipped."); +} return true; } Modified: jackrabbit/oak/trunk/oak-core/src/test/java/org/apache/jackrabbit/oak/security/authentication/token/TokenAuthenticationTest.java URL: http://svn.apache.org/viewvc/jackrabbit/oak/trunk/oak-core/src/test/java/org/apache/jackrabbit/oak/security/authentication/token/TokenAuthenticationTest.java?rev=1840226=1840225=1840226=diff == --- jackrabbit/oak/trunk/oak-core/src/test/java/org/apache/jackrabbit/oak/security/authentication/token/TokenAuthenticationTest.java (original) +++ jackrabbit/oak/trunk/oak-core/src/test/java/org/apache/jackrabbit/oak/security/authentication/token/TokenAuthenticationTest.java Thu Sep 6 14:45:42 2018 @@ -36,6 +36,7 @@ import org.apache.jackrabbit.oak.spi.sec import org.jetbrains.annotations.NotNull; import org.junit.Before; import org.junit.Test; +import org.mockito.Mockito; import static org.junit.Assert.assertEquals; import static org.junit.Assert.assertFalse; @@ -177,4 +178,65 @@ public class TokenAuthenticationTest ext assertTrue(authentication.authenticate(new TokenCredentials(info.getToken(; assertEquals(getTestUser().getPrincipal(), authentication.getUserPrincipal()); } + +@Test +public void testAuthenticateRefreshToken() throws Exception { +TokenCredentials tc = new TokenCredentials("token"); +TokenProvider tp = Mockito.mock(TokenProvider.class); +TokenInfo ti = Mockito.mock(TokenInfo.class); + +Mockito.when(tp.getTokenInfo(Mockito.anyString())).thenReturn(ti); +Mockito.when(ti.isExpired(Mockito.anyLong())).thenReturn(false); +Mockito.when(ti.matches(tc)).thenReturn(true); + +TokenAuthentication auth = new TokenAuthentication(tp); +try { +assertTrue(auth.authenticate(tc)); +Mockito.verify(ti).resetExpiration(Mockito.anyLong()); +} catch (LoginException e) { +fail(e.getMessage()); +} +} + +@Test +public void testAuthenticateSkipRefreshToken() throws Exception { +TokenCredentials tc = new TokenCredentials("token"); +tc.setAttribute(TokenConstants.TOKEN_SKIP_REFRESH, ""); + +TokenProvider tp = Mockito.mock(TokenProvider.class); +TokenInfo ti = Mockito.mock(TokenInfo.class); + +Mockito.when(tp.getTokenInfo(Mockito.anyString())).thenReturn(ti); +Mockito.when(ti.isExpired(Mockito.an
svn commit: r1836553 - in /jackrabbit/oak/branches/1.6/oak-core/src: main/java/org/apache/jackrabbit/oak/security/authentication/token/ main/java/org/apache/jackrabbit/oak/spi/security/authentication/
Author: stillalex Date: Tue Jul 24 13:18:24 2018 New Revision: 1836553 URL: http://svn.apache.org/viewvc?rev=1836553=rev Log: OAK-6662 Extend CredentialsSupport pluggability - tweaked the backport some more Removed: jackrabbit/oak/branches/1.6/oak-core/src/main/java/org/apache/jackrabbit/oak/spi/security/authentication/credentials/AbstractCredentials.java jackrabbit/oak/branches/1.6/oak-core/src/main/java/org/apache/jackrabbit/oak/spi/security/authentication/credentials/CompositeCredentialsSupport.java jackrabbit/oak/branches/1.6/oak-core/src/test/java/org/apache/jackrabbit/oak/spi/security/authentication/credentials/CompositeCredentialsSupportTest.java Modified: jackrabbit/oak/branches/1.6/oak-core/src/main/java/org/apache/jackrabbit/oak/security/authentication/token/TokenConfigurationImpl.java jackrabbit/oak/branches/1.6/oak-core/src/main/java/org/apache/jackrabbit/oak/spi/security/authentication/credentials/package-info.java Modified: jackrabbit/oak/branches/1.6/oak-core/src/main/java/org/apache/jackrabbit/oak/security/authentication/token/TokenConfigurationImpl.java URL: http://svn.apache.org/viewvc/jackrabbit/oak/branches/1.6/oak-core/src/main/java/org/apache/jackrabbit/oak/security/authentication/token/TokenConfigurationImpl.java?rev=1836553=1836552=1836553=diff == --- jackrabbit/oak/branches/1.6/oak-core/src/main/java/org/apache/jackrabbit/oak/security/authentication/token/TokenConfigurationImpl.java (original) +++ jackrabbit/oak/branches/1.6/oak-core/src/main/java/org/apache/jackrabbit/oak/security/authentication/token/TokenConfigurationImpl.java Tue Jul 24 13:18:24 2018 @@ -16,6 +16,9 @@ */ package org.apache.jackrabbit.oak.security.authentication.token; +import static com.google.common.collect.Maps.newHashMap; +import static com.google.common.collect.Sets.newHashSet; + import java.security.Principal; import java.util.Collection; import java.util.List; @@ -23,7 +26,9 @@ import java.util.Map; import java.util.Set; import java.util.concurrent.ConcurrentHashMap; +import javax.annotation.CheckForNull; import javax.annotation.Nonnull; +import javax.jcr.Credentials; import com.google.common.base.Supplier; import com.google.common.collect.ImmutableList; @@ -46,7 +51,6 @@ import org.apache.jackrabbit.oak.spi.sec import org.apache.jackrabbit.oak.spi.security.ConfigurationParameters; import org.apache.jackrabbit.oak.spi.security.SecurityConfiguration; import org.apache.jackrabbit.oak.spi.security.SecurityProvider; -import org.apache.jackrabbit.oak.spi.security.authentication.credentials.CompositeCredentialsSupport; import org.apache.jackrabbit.oak.spi.security.authentication.credentials.CredentialsSupport; import org.apache.jackrabbit.oak.spi.security.authentication.credentials.SimpleCredentialsSupport; import org.apache.jackrabbit.oak.spi.security.authentication.token.TokenConfiguration; @@ -160,4 +164,81 @@ public class TokenConfigurationImpl exte return SimpleCredentialsSupport.getInstance(); } } + +/** + * Composite implementation of the + * {@link org.apache.jackrabbit.oak.spi.security.authentication.credentials.CredentialsSupport} + * interface that handles multiple providers. + */ +private static class CompositeCredentialsSupport implements CredentialsSupport { + +@Nonnull +private final Supplier> credentialSupplier; + +private CompositeCredentialsSupport(@Nonnull Supplier> credentialSupplier) { +this.credentialSupplier = credentialSupplier; +} + +public static CredentialsSupport newInstance( +@Nonnull Supplier> credentialSupplier) { +return new CompositeCredentialsSupport(credentialSupplier); +} + +@Override +@Nonnull +public Set getCredentialClasses() { +Collection all = this.credentialSupplier.get(); +if (all.isEmpty()) { +return ImmutableSet.of(); +} else if (all.size() == 1) { +return all.iterator().next().getCredentialClasses(); +} else { +Set classes = newHashSet(); +for (CredentialsSupport c : all) { +classes.addAll(c.getCredentialClasses()); +} +return classes; +} +} + +@Override +@CheckForNull +public String getUserId(@Nonnull Credentials credentials) { +Collection all = this.credentialSupplier.get(); +for (CredentialsSupport c : all) { +String userId = c.getUserId(credentials); +if (userId != null) { +return userId; +} +} +return null; +} + +@Override +@Nonnull +public Map getAttributes(@Nonnull Credentials cr
svn commit: r1836326 - in /jackrabbit/oak/branches/1.6: ./ oak-core/ oak-core/src/main/java/org/apache/jackrabbit/oak/security/authentication/token/ oak-core/src/main/java/org/apache/jackrabbit/oak/sp
Author: stillalex Date: Fri Jul 20 07:17:34 2018 New Revision: 1836326 URL: http://svn.apache.org/viewvc?rev=1836326=rev Log: OAK-6662 Extend CredentialsSupport pluggability Added: jackrabbit/oak/branches/1.6/oak-core/src/main/java/org/apache/jackrabbit/oak/spi/security/authentication/credentials/AbstractCredentials.java - copied unchanged from r1809178, jackrabbit/oak/trunk/oak-core/src/main/java/org/apache/jackrabbit/oak/spi/security/authentication/credentials/AbstractCredentials.java jackrabbit/oak/branches/1.6/oak-core/src/main/java/org/apache/jackrabbit/oak/spi/security/authentication/credentials/CompositeCredentialsSupport.java - copied, changed from r1809179, jackrabbit/oak/trunk/oak-core/src/main/java/org/apache/jackrabbit/oak/spi/security/authentication/credentials/CompositeCredentialsSupport.java jackrabbit/oak/branches/1.6/oak-core/src/test/java/org/apache/jackrabbit/oak/spi/security/authentication/credentials/CompositeCredentialsSupportTest.java - copied, changed from r1809179, jackrabbit/oak/trunk/oak-core/src/test/java/org/apache/jackrabbit/oak/spi/security/authentication/credentials/CompositeCredentialsSupportTest.java Modified: jackrabbit/oak/branches/1.6/ (props changed) jackrabbit/oak/branches/1.6/oak-core/ (props changed) jackrabbit/oak/branches/1.6/oak-core/src/main/java/org/apache/jackrabbit/oak/security/authentication/token/TokenConfigurationImpl.java jackrabbit/oak/branches/1.6/oak-core/src/main/java/org/apache/jackrabbit/oak/spi/security/authentication/credentials/CredentialsSupport.java jackrabbit/oak/branches/1.6/oak-core/src/main/java/org/apache/jackrabbit/oak/spi/security/authentication/credentials/SimpleCredentialsSupport.java jackrabbit/oak/branches/1.6/oak-core/src/main/java/org/apache/jackrabbit/oak/spi/security/authentication/credentials/package-info.java jackrabbit/oak/branches/1.6/oak-core/src/test/java/org/apache/jackrabbit/oak/security/authentication/token/TestCredentialsSupport.java jackrabbit/oak/branches/1.6/oak-core/src/test/java/org/apache/jackrabbit/oak/security/authentication/token/TokenConfigurationImplOSGiTest.java jackrabbit/oak/branches/1.6/oak-core/src/test/java/org/apache/jackrabbit/oak/security/authentication/token/TokenLoginModuleCredentialsSupportTest.java Propchange: jackrabbit/oak/branches/1.6/ -- --- svn:mergeinfo (original) +++ svn:mergeinfo Fri Jul 20 07:17:34 2018 @@ -1,3 +1,3 @@ /jackrabbit/oak/branches/1.0:1665962 -/jackrabbit/oak/trunk:1781068,1781075,1781248,1781386,1781846,1781907,1782000,1782029,1782196,1782447,1782476,1782770,1782945,1782966,1782973,1782990,1783061,1783066,1783089,1783104-1783105,1783110,1783619,1783720,1783731,1783733,1783738,1783742,1783773,1783855,1783891,1784023,1784034,1784130,1784162,1784251,1784401,1784551,1784574,1784689,1785095,1785108,1785283,1785652,1785838,1785916-1785917,1785919,1785946,1786122,1787074,1787145,1787151,1787217,1787425,1788056,1788378,1788387-1788389,1788463,1788476,1788850,1789056,1789534,1789925,1789940,1789987,1790006,1790013,1790069,1790077,1790079,1790382,1790502-1790503,1792049,1792463,1792742,1792746,1793013,1793088,1793618,1793627,1793644,1794393,1794417,1794683,1795138,1795314,1795330,1795475,1795488,1795491,1795502,1795594,1795613,1795618,1796144,1796230,1796239,1796274,1796278,1796988,1797378,1798035,1798832,1798834,1799219,1799389,1799393,1799924,1800244,1800269,1800606,1800613,1800974,1801011,1801013,1801118-1801119,1801675,1802260 ,1802262,1802286,1802548,1802905,1802934,1802938,1802973,1803026,1803247-1803249,1803951,1803953-1803955,1804437,1805851-1805852,1806668,1807308,1807688,1808022,1808125,1808128,1808142,1808240,1808246,1809024,1809026,1809131,1809163,1809253,1809255-1809256,1809289,1809745,1811071-1811072,1811155,1811380,1811655,1811952,1811963,1811986,1813192,1813538,1814189,1814332,1814397,1815201,1815438,1815926,1817326,1817919,1817987-1817988,1817990,1818038,1818042,1818056,1818124,1818554,1818576,1818645,1819048,1819050,1821325,1821358,1821495,1821516,1821847,1822850,1823172,1823655,1825471,1826237,1826338,1826532,1826640,1826932,1826957,1827472,1827486,1827977,1829527,1829569,1829987,1830019,1830160,1830748,1831374,1832379,1832535,1833308,1834648-1834649,1834681,1835060 +/jackrabbit/oak/trunk:1781068,1781075,1781248,1781386,1781846,1781907,1782000,1782029,1782196,1782447,1782476,1782770,1782945,1782966,1782973,1782990,1783061,1783066,1783089,1783104-1783105,1783110,1783619,1783720,1783731,1783733,1783738,1783742,1783773,1783855,1783891,1784023,1784034,1784130,1784162,1784251,1784401,1784551,1784574,1784689,1785095,1785108,1785283,1785652,1785838,1785916-1785917,1785919,1785946,1786122,1787074,1787145,1787151,1787217,1787425,1788056,1788378,1788387-1788389,1788463,1788476,1788850,1789056,1789534,1789925,1789940,1789987,1790006,1790013,1790069,1790077,1790079,1790382,1790502
svn commit: r1833892 - in /jackrabbit/oak/trunk: oak-core-spi/src/main/java/org/apache/jackrabbit/oak/spi/version/ oak-core/src/main/java/org/apache/jackrabbit/oak/ oak-core/src/main/java/org/apache/j
Author: stillalex Date: Wed Jun 20 07:30:56 2018 New Revision: 1833892 URL: http://svn.apache.org/viewvc?rev=1833892=rev Log: OAK-7532 VersionStorageEditor should allow bootstraping of initial content Modified: jackrabbit/oak/trunk/oak-core-spi/src/main/java/org/apache/jackrabbit/oak/spi/version/VersionConstants.java jackrabbit/oak/trunk/oak-core-spi/src/main/java/org/apache/jackrabbit/oak/spi/version/package-info.java jackrabbit/oak/trunk/oak-core/src/main/java/org/apache/jackrabbit/oak/InitialContent.java jackrabbit/oak/trunk/oak-core/src/main/java/org/apache/jackrabbit/oak/plugins/version/VersionStorageEditor.java jackrabbit/oak/trunk/oak-it/src/test/java/org/apache/jackrabbit/oak/InitialContentTest.java Modified: jackrabbit/oak/trunk/oak-core-spi/src/main/java/org/apache/jackrabbit/oak/spi/version/VersionConstants.java URL: http://svn.apache.org/viewvc/jackrabbit/oak/trunk/oak-core-spi/src/main/java/org/apache/jackrabbit/oak/spi/version/VersionConstants.java?rev=1833892=1833891=1833892=diff == --- jackrabbit/oak/trunk/oak-core-spi/src/main/java/org/apache/jackrabbit/oak/spi/version/VersionConstants.java (original) +++ jackrabbit/oak/trunk/oak-core-spi/src/main/java/org/apache/jackrabbit/oak/spi/version/VersionConstants.java Wed Jun 20 07:30:56 2018 @@ -150,4 +150,7 @@ public interface VersionConstants extend VersionConstants.REP_ACTIVITIES, VersionConstants.REP_CONFIGURATIONS ); + +// flag indicating the version store has been initialized +String VERSION_STORE_INIT = ":initialized"; } \ No newline at end of file Modified: jackrabbit/oak/trunk/oak-core-spi/src/main/java/org/apache/jackrabbit/oak/spi/version/package-info.java URL: http://svn.apache.org/viewvc/jackrabbit/oak/trunk/oak-core-spi/src/main/java/org/apache/jackrabbit/oak/spi/version/package-info.java?rev=1833892=1833891=1833892=diff == --- jackrabbit/oak/trunk/oak-core-spi/src/main/java/org/apache/jackrabbit/oak/spi/version/package-info.java (original) +++ jackrabbit/oak/trunk/oak-core-spi/src/main/java/org/apache/jackrabbit/oak/spi/version/package-info.java Wed Jun 20 07:30:56 2018 @@ -14,7 +14,7 @@ * See the License for the specific language governing permissions and * limitations under the License. */ -@Version("1.0.0") +@Version("1.1.0") package org.apache.jackrabbit.oak.spi.version; import org.osgi.annotation.versioning.Version; \ No newline at end of file Modified: jackrabbit/oak/trunk/oak-core/src/main/java/org/apache/jackrabbit/oak/InitialContent.java URL: http://svn.apache.org/viewvc/jackrabbit/oak/trunk/oak-core/src/main/java/org/apache/jackrabbit/oak/InitialContent.java?rev=1833892=1833891=1833892=diff == --- jackrabbit/oak/trunk/oak-core/src/main/java/org/apache/jackrabbit/oak/InitialContent.java (original) +++ jackrabbit/oak/trunk/oak-core/src/main/java/org/apache/jackrabbit/oak/InitialContent.java Wed Jun 20 07:30:56 2018 @@ -25,6 +25,7 @@ import static org.apache.jackrabbit.oak. import static org.apache.jackrabbit.oak.plugins.index.IndexConstants.TYPE_PROPERTY_NAME; import static org.apache.jackrabbit.oak.plugins.memory.ModifiedNodeState.squeeze; import static org.apache.jackrabbit.oak.spi.version.VersionConstants.REP_VERSIONSTORAGE; +import static org.apache.jackrabbit.oak.spi.version.VersionConstants.VERSION_STORE_INIT; import com.google.common.collect.ImmutableList; @@ -142,15 +143,15 @@ public class InitialContent implements R } //--< internal > - -private boolean isInitialized(NodeBuilder versionStorage) { -PropertyState init = versionStorage.getProperty(":initialized"); + +private static boolean isInitialized(NodeBuilder versionStorage) { +PropertyState init = versionStorage.getProperty(VERSION_STORE_INIT); return init != null && init.getValue(Type.LONG) > 0; } -private void createIntermediateNodes(NodeBuilder versionStorage) { +private static void createIntermediateNodes(NodeBuilder versionStorage) { String fmt = "%02x"; -versionStorage.setProperty(":initialized", 1); +versionStorage.setProperty(VERSION_STORE_INIT, 1); for (int i = 0; i < 0xff; i++) { NodeBuilder c = storageChild(versionStorage, String.format(fmt, i)); for (int j = 0; j < 0xff; j++) { @@ -158,8 +159,8 @@ public class InitialContent implements R } } } - -private NodeBuilder storageChild(NodeBuilder node, String name) { + +private static NodeBuilder storageChild(NodeBuilder node, String name) {
svn commit: r1833380 - in /jackrabbit/oak/trunk: oak-core/src/main/java/org/apache/jackrabbit/oak/plugins/name/NamespaceEditor.java oak-it/src/test/java/org/apache/jackrabbit/oak/plugins/name/ReadWrit
Author: stillalex Date: Tue Jun 12 07:36:56 2018 New Revision: 1833380 URL: http://svn.apache.org/viewvc?rev=1833380=rev Log: OAK-7537 Allow for initial registration of 'xml' namespace Modified: jackrabbit/oak/trunk/oak-core/src/main/java/org/apache/jackrabbit/oak/plugins/name/NamespaceEditor.java jackrabbit/oak/trunk/oak-it/src/test/java/org/apache/jackrabbit/oak/plugins/name/ReadWriteNamespaceRegistryTest.java Modified: jackrabbit/oak/trunk/oak-core/src/main/java/org/apache/jackrabbit/oak/plugins/name/NamespaceEditor.java URL: http://svn.apache.org/viewvc/jackrabbit/oak/trunk/oak-core/src/main/java/org/apache/jackrabbit/oak/plugins/name/NamespaceEditor.java?rev=1833380=1833379=1833380=diff == --- jackrabbit/oak/trunk/oak-core/src/main/java/org/apache/jackrabbit/oak/plugins/name/NamespaceEditor.java (original) +++ jackrabbit/oak/trunk/oak-core/src/main/java/org/apache/jackrabbit/oak/plugins/name/NamespaceEditor.java Tue Jun 12 07:36:56 2018 @@ -74,7 +74,7 @@ class NamespaceEditor extends DefaultEdi throw new CommitFailedException( CommitFailedException.NAMESPACE, 2, "Invalid namespace mapping: " + prefix); -} else if (prefix.toLowerCase(Locale.ENGLISH).startsWith("xml")) { +} else if (prefix.toLowerCase(Locale.ENGLISH).startsWith("xml") && namespaces.hasProperty("xml")) { throw new CommitFailedException( CommitFailedException.NAMESPACE, 3, "XML prefixes are reserved: " + prefix); Modified: jackrabbit/oak/trunk/oak-it/src/test/java/org/apache/jackrabbit/oak/plugins/name/ReadWriteNamespaceRegistryTest.java URL: http://svn.apache.org/viewvc/jackrabbit/oak/trunk/oak-it/src/test/java/org/apache/jackrabbit/oak/plugins/name/ReadWriteNamespaceRegistryTest.java?rev=1833380=1833379=1833380=diff == --- jackrabbit/oak/trunk/oak-it/src/test/java/org/apache/jackrabbit/oak/plugins/name/ReadWriteNamespaceRegistryTest.java (original) +++ jackrabbit/oak/trunk/oak-it/src/test/java/org/apache/jackrabbit/oak/plugins/name/ReadWriteNamespaceRegistryTest.java Tue Jun 12 07:36:56 2018 @@ -16,16 +16,20 @@ */ package org.apache.jackrabbit.oak.plugins.name; +import static com.google.common.collect.Sets.newHashSet; import static org.junit.Assert.assertEquals; +import static org.junit.Assert.assertTrue; +import static org.junit.Assert.fail; +import javax.jcr.NamespaceException; import javax.jcr.NamespaceRegistry; +import org.apache.jackrabbit.oak.InitialContent; import org.apache.jackrabbit.oak.Oak; import org.apache.jackrabbit.oak.OakBaseTest; import org.apache.jackrabbit.oak.api.ContentSession; import org.apache.jackrabbit.oak.api.Root; import org.apache.jackrabbit.oak.fixture.NodeStoreFixture; -import org.apache.jackrabbit.oak.InitialContent; import org.apache.jackrabbit.oak.spi.security.OpenSecurityProvider; import org.junit.Test; @@ -77,5 +81,13 @@ public class ReadWriteNamespaceRegistryT assertEquals(r.getURI("p2"), "n2"); assertEquals(r.getPrefix("n2"), "p2"); +// xml namespace check +assertTrue(newHashSet(r.getPrefixes()).contains("xml")); +try { +r.registerNamespace("xml", "test"); +fail("Trying to register the namespace 'xml' must throw a NamespaceException."); +} catch (NamespaceException ex) { +// expected +} } }
svn commit: r1833334 - in /jackrabbit/oak/branches/1.6/oak-core/src/test/java/org/apache/jackrabbit/oak/security/user: UserImporterBaseTest.java UserImporterImpersonationIgnoreTest.java
Author: stillalex Date: Mon Jun 11 14:21:37 2018 New Revision: 184 URL: http://svn.apache.org/viewvc?rev=184=rev Log: OAK-6028 UserImporter.start: should return false for User tree - tweaked tests that are not compiling Modified: jackrabbit/oak/branches/1.6/oak-core/src/test/java/org/apache/jackrabbit/oak/security/user/UserImporterBaseTest.java jackrabbit/oak/branches/1.6/oak-core/src/test/java/org/apache/jackrabbit/oak/security/user/UserImporterImpersonationIgnoreTest.java Modified: jackrabbit/oak/branches/1.6/oak-core/src/test/java/org/apache/jackrabbit/oak/security/user/UserImporterBaseTest.java URL: http://svn.apache.org/viewvc/jackrabbit/oak/branches/1.6/oak-core/src/test/java/org/apache/jackrabbit/oak/security/user/UserImporterBaseTest.java?rev=184=183=184=diff == --- jackrabbit/oak/branches/1.6/oak-core/src/test/java/org/apache/jackrabbit/oak/security/user/UserImporterBaseTest.java (original) +++ jackrabbit/oak/branches/1.6/oak-core/src/test/java/org/apache/jackrabbit/oak/security/user/UserImporterBaseTest.java Mon Jun 11 14:21:37 2018 @@ -145,7 +145,7 @@ public abstract class UserImporterBaseTe Tree folder = root.getTree(getUserConfiguration().getParameters().getConfigValue(PARAM_USER_PATH, DEFAULT_USER_PATH)); Tree userTree = folder.addChild("userTree"); userTree.setProperty(JcrConstants.JCR_PRIMARYTYPE, NT_REP_USER, Type.NAME); -userTree.setProperty(JcrConstants.JCR_UUID, new UserProvider(root, ConfigurationParameters.EMPTY).getContentID(TEST_USER_ID)); +userTree.setProperty(JcrConstants.JCR_UUID, new UserProvider(root, ConfigurationParameters.EMPTY).getContentID(TEST_USER_ID, false)); return userTree; } @@ -156,7 +156,7 @@ public abstract class UserImporterBaseTe NodeUtil groupRoot = node.getOrAddTree(PathUtils.relativize(PathUtils.ROOT_PATH, groupPath), NT_REP_AUTHORIZABLE_FOLDER); Tree groupTree = groupRoot.addChild("testGroup", NT_REP_GROUP).getTree(); -groupTree.setProperty(JcrConstants.JCR_UUID, new UserProvider(root, ConfigurationParameters.EMPTY).getContentID(TEST_GROUP_ID)); +groupTree.setProperty(JcrConstants.JCR_UUID, new UserProvider(root, ConfigurationParameters.EMPTY).getContentID(TEST_GROUP_ID, false)); return groupTree; } Modified: jackrabbit/oak/branches/1.6/oak-core/src/test/java/org/apache/jackrabbit/oak/security/user/UserImporterImpersonationIgnoreTest.java URL: http://svn.apache.org/viewvc/jackrabbit/oak/branches/1.6/oak-core/src/test/java/org/apache/jackrabbit/oak/security/user/UserImporterImpersonationIgnoreTest.java?rev=184=183=184=diff == --- jackrabbit/oak/branches/1.6/oak-core/src/test/java/org/apache/jackrabbit/oak/security/user/UserImporterImpersonationIgnoreTest.java (original) +++ jackrabbit/oak/branches/1.6/oak-core/src/test/java/org/apache/jackrabbit/oak/security/user/UserImporterImpersonationIgnoreTest.java Mon Jun 11 14:21:37 2018 @@ -106,7 +106,7 @@ public class UserImporterImpersonationIg Tree folder = root.getTree(getUserConfiguration().getParameters().getConfigValue(PARAM_USER_PATH, DEFAULT_USER_PATH)); Tree impersonatorTree = folder.addChild("impersonatorTree"); impersonatorTree.setProperty(JcrConstants.JCR_PRIMARYTYPE, NT_REP_USER, Type.NAME); -impersonatorTree.setProperty(JcrConstants.JCR_UUID, new UserProvider(root, ConfigurationParameters.EMPTY).getContentID("impersonator1")); +impersonatorTree.setProperty(JcrConstants.JCR_UUID, new UserProvider(root, ConfigurationParameters.EMPTY).getContentID("impersonator1", false)); assertTrue(importer.handlePropInfo(userTree, createPropInfo(REP_IMPERSONATORS, "impersonator1"), mockPropertyDefinition(NT_REP_USER, true))); assertTrue(importer.handlePropInfo(impersonatorTree, createPropInfo(REP_PRINCIPAL_NAME, "impersonator1"), mockPropertyDefinition(NT_REP_AUTHORIZABLE, false))); @@ -123,7 +123,7 @@ public class UserImporterImpersonationIg Tree folder = root.getTree(getUserConfiguration().getParameters().getConfigValue(PARAM_USER_PATH, DEFAULT_USER_PATH)); Tree impersonatorTree = folder.addChild("impersonatorTree"); impersonatorTree.setProperty(JcrConstants.JCR_PRIMARYTYPE, NT_REP_USER, Type.NAME); -impersonatorTree.setProperty(JcrConstants.JCR_UUID, new UserProvider(root, ConfigurationParameters.EMPTY).getContentID("impersonator1")); +impersonatorTree.setProperty(JcrConstants.JCR_UUID, new UserProvider(root, ConfigurationParameters.EMPTY).getContentID("impersonator1", false)); // NOTE: reversed over of import compared to 'testNewImpersonator' ass
svn commit: r1833332 - in /jackrabbit/oak/branches/1.6: ./ oak-core/ oak-core/src/main/java/org/apache/jackrabbit/oak/security/user/ oak-core/src/test/java/org/apache/jackrabbit/oak/security/user/
Author: stillalex Date: Mon Jun 11 14:09:19 2018 New Revision: 182 URL: http://svn.apache.org/viewvc?rev=182=rev Log: OAK-6029 UserImporter.startChildInfo: rather check state than for currentMembership being null - merged to 1.6 Modified: jackrabbit/oak/branches/1.6/ (props changed) jackrabbit/oak/branches/1.6/oak-core/ (props changed) jackrabbit/oak/branches/1.6/oak-core/src/main/java/org/apache/jackrabbit/oak/security/user/UserImporter.java jackrabbit/oak/branches/1.6/oak-core/src/test/java/org/apache/jackrabbit/oak/security/user/UserImporterBaseTest.java jackrabbit/oak/branches/1.6/oak-core/src/test/java/org/apache/jackrabbit/oak/security/user/UserImporterTest.java Propchange: jackrabbit/oak/branches/1.6/ -- --- svn:mergeinfo (original) +++ svn:mergeinfo Mon Jun 11 14:09:19 2018 @@ -1,3 +1,3 @@ /jackrabbit/oak/branches/1.0:1665962 -/jackrabbit/oak/trunk:1781068,1781075,1781248,1781386,1781846,1781907,1782000,1782029,1782196,1782447,1782476,1782770,1782945,1782966,1782973,1782990,1783061,1783066,1783089,1783104-1783105,1783110,1783619,1783720,1783731,1783733,1783738,1783742,1783773,1783855,1783891,1784023,1784034,1784130,1784162,1784251,1784401,1784551,1784574,1784689,1785095,1785108,1785283,1785652,1785838,1785917,1785919,1785946,1786122,1787074,1787145,1787151,1787217,1787425,1788056,1788378,1788387-1788389,1788463,1788476,1788850,1789056,1789534,1789925,1789940,1789987,1790006,1790013,1790069,1790077,1790382,1790502-1790503,1792049,1792463,1792742,1792746,1793013,1793088,1793618,1793627,1793644,1794393,1794417,1794683,1795138,1795314,1795330,1795475,1795488,1795491,1795502,1795594,1795613,1795618,1796144,1796230,1796239,1796274,1796278,1796988,1797378,1798035,1798832,1798834,1799219,1799389,1799393,1799924,1800244,1800269,1800606,1800613,1800974,1801011,1801013,1801118-1801119,1801675,1802260,1802262,1802286 ,1802548,1802905,1802934,1802938,1802973,1803026,1803247-1803249,1803951,1803953-1803955,1804437,1805851-1805852,1806668,1807308,1807688,1808022,1808125,1808128,1808142,1808240,1808246,1809024,1809026,1809131,1809163,1809253,1809255-1809256,1809289,1809745,1811071-1811072,1811155,1811380,1811655,1811952,1811963,1811986,1813192,1814189,1814332,1814397,1815201,1815438,1815926,1817326,1817919,1817987-1817988,1817990,1818038,1818042,1818056,1818124,1818554,1818576,1818645,1819048,1819050,1821325,1821358,1821495,1821516,1822850,1823172,1825471,1826237,1826338,1826532,1826640,1826932,1826957,1827472,1827486,1827977,1829569,1829987,1830019,1830160,1830748,1831374,1832379,1832535 +/jackrabbit/oak/trunk:1781068,1781075,1781248,1781386,1781846,1781907,1782000,1782029,1782196,1782447,1782476,1782770,1782945,1782966,1782973,1782990,1783061,1783066,1783089,1783104-1783105,1783110,1783619,1783720,1783731,1783733,1783738,1783742,1783773,1783855,1783891,1784023,1784034,1784130,1784162,1784251,1784401,1784551,1784574,1784689,1785095,1785108,1785283,1785652,1785838,1785917,1785919,1785946,1786122,1787074,1787145,1787151,1787217,1787425,1788056,1788378,1788387-1788389,1788463,1788476,1788850,1789056,1789534,1789925,1789940,1789987,1790006,1790013,1790069,1790077,1790079,1790382,1790502-1790503,1792049,1792463,1792742,1792746,1793013,1793088,1793618,1793627,1793644,1794393,1794417,1794683,1795138,1795314,1795330,1795475,1795488,1795491,1795502,1795594,1795613,1795618,1796144,1796230,1796239,1796274,1796278,1796988,1797378,1798035,1798832,1798834,1799219,1799389,1799393,1799924,1800244,1800269,1800606,1800613,1800974,1801011,1801013,1801118-1801119,1801675,1802260,1802262 ,1802286,1802548,1802905,1802934,1802938,1802973,1803026,1803247-1803249,1803951,1803953-1803955,1804437,1805851-1805852,1806668,1807308,1807688,1808022,1808125,1808128,1808142,1808240,1808246,1809024,1809026,1809131,1809163,1809253,1809255-1809256,1809289,1809745,1811071-1811072,1811155,1811380,1811655,1811952,1811963,1811986,1813192,1814189,1814332,1814397,1815201,1815438,1815926,1817326,1817919,1817987-1817988,1817990,1818038,1818042,1818056,1818124,1818554,1818576,1818645,1819048,1819050,1821325,1821358,1821495,1821516,1822850,1823172,1825471,1826237,1826338,1826532,1826640,1826932,1826957,1827472,1827486,1827977,1829569,1829987,1830019,1830160,1830748,1831374,1832379,1832535 /jackrabbit/trunk:1345480 Propchange: jackrabbit/oak/branches/1.6/oak-core/ -- --- svn:mergeinfo (original) +++ svn:mergeinfo Mon Jun 11 14:09:19 2018 @@ -1,5 +1,5 @@ /jackrabbit/oak/branches/1.0/oak-core:1665962 /jackrabbit/oak/trunk/oak-blob-plugins:1819950 -/jackrabbit/oak/trunk/oak-core:1781068,1781075,1781248,1781386,1781846,1781907,1782000,1782029,1782196,1782447,1782476,1782770,1782945,1782966,1782973,1782990,1783061,1783066,1783089,1783104
svn commit: r1833331 - in /jackrabbit/oak/branches/1.6: ./ oak-core/ oak-core/src/main/java/org/apache/jackrabbit/oak/security/user/ oak-core/src/test/java/org/apache/jackrabbit/oak/security/user/
Author: stillalex Date: Mon Jun 11 14:07:25 2018 New Revision: 181 URL: http://svn.apache.org/viewvc?rev=181=rev Log: OAK-6028 UserImporter.start: should return false for User tree - backported r1790013,1790069,1790077 to 1.6 branch Added: jackrabbit/oak/branches/1.6/oak-core/src/test/java/org/apache/jackrabbit/oak/security/user/UserImporterBaseTest.java - copied unchanged from r1790013, jackrabbit/oak/trunk/oak-core/src/test/java/org/apache/jackrabbit/oak/security/user/UserImporterBaseTest.java jackrabbit/oak/branches/1.6/oak-core/src/test/java/org/apache/jackrabbit/oak/security/user/UserImporterImpersonationAbortTest.java - copied unchanged from r1790013, jackrabbit/oak/trunk/oak-core/src/test/java/org/apache/jackrabbit/oak/security/user/UserImporterImpersonationAbortTest.java jackrabbit/oak/branches/1.6/oak-core/src/test/java/org/apache/jackrabbit/oak/security/user/UserImporterImpersonationBestEffortTest.java - copied unchanged from r1790013, jackrabbit/oak/trunk/oak-core/src/test/java/org/apache/jackrabbit/oak/security/user/UserImporterImpersonationBestEffortTest.java jackrabbit/oak/branches/1.6/oak-core/src/test/java/org/apache/jackrabbit/oak/security/user/UserImporterImpersonationIgnoreTest.java - copied unchanged from r1790013, jackrabbit/oak/trunk/oak-core/src/test/java/org/apache/jackrabbit/oak/security/user/UserImporterImpersonationIgnoreTest.java Modified: jackrabbit/oak/branches/1.6/ (props changed) jackrabbit/oak/branches/1.6/oak-core/ (props changed) jackrabbit/oak/branches/1.6/oak-core/src/main/java/org/apache/jackrabbit/oak/security/user/UserImporter.java jackrabbit/oak/branches/1.6/oak-core/src/test/java/org/apache/jackrabbit/oak/security/user/UserImporterTest.java Propchange: jackrabbit/oak/branches/1.6/ -- --- svn:mergeinfo (original) +++ svn:mergeinfo Mon Jun 11 14:07:25 2018 @@ -1,3 +1,3 @@ /jackrabbit/oak/branches/1.0:1665962 -/jackrabbit/oak/trunk:1781068,1781075,1781248,1781386,1781846,1781907,1782000,1782029,1782196,1782447,1782476,1782770,1782945,1782966,1782973,1782990,1783061,1783066,1783089,1783104-1783105,1783110,1783619,1783720,1783731,1783733,1783738,1783742,1783773,1783855,1783891,1784023,1784034,1784130,1784162,1784251,1784401,1784551,1784574,1784689,1785095,1785108,1785283,1785652,1785838,1785917,1785919,1785946,1786122,1787074,1787145,1787151,1787217,1787425,1788056,1788378,1788387-1788389,1788463,1788476,1788850,1789056,1789534,1789925,1789940,1789987,1790006,1790382,1790502-1790503,1792049,1792463,1792742,1792746,1793013,1793088,1793618,1793627,1793644,1794393,1794417,1794683,1795138,1795314,1795330,1795475,1795488,1795491,1795502,1795594,1795613,1795618,1796144,1796230,1796239,1796274,1796278,1796988,1797378,1798035,1798832,1798834,1799219,1799389,1799393,1799924,1800244,1800269,1800606,1800613,1800974,1801011,1801013,1801118-1801119,1801675,1802260,1802262,1802286,1802548,1802905,1802934 ,1802938,1802973,1803026,1803247-1803249,1803951,1803953-1803955,1804437,1805851-1805852,1806668,1807308,1807688,1808022,1808125,1808128,1808142,1808240,1808246,1809024,1809026,1809131,1809163,1809253,1809255-1809256,1809289,1809745,1811071-1811072,1811155,1811380,1811655,1811952,1811963,1811986,1813192,1814189,1814332,1814397,1815201,1815438,1815926,1817326,1817919,1817987-1817988,1817990,1818038,1818042,1818056,1818124,1818554,1818576,1818645,1819048,1819050,1821325,1821358,1821495,1821516,1822850,1823172,1825471,1826237,1826338,1826532,1826640,1826932,1826957,1827472,1827486,1827977,1829569,1829987,1830019,1830160,1830748,1831374,1832379,1832535 +/jackrabbit/oak/trunk:1781068,1781075,1781248,1781386,1781846,1781907,1782000,1782029,1782196,1782447,1782476,1782770,1782945,1782966,1782973,1782990,1783061,1783066,1783089,1783104-1783105,1783110,1783619,1783720,1783731,1783733,1783738,1783742,1783773,1783855,1783891,1784023,1784034,1784130,1784162,1784251,1784401,1784551,1784574,1784689,1785095,1785108,1785283,1785652,1785838,1785917,1785919,1785946,1786122,1787074,1787145,1787151,1787217,1787425,1788056,1788378,1788387-1788389,1788463,1788476,1788850,1789056,1789534,1789925,1789940,1789987,1790006,1790013,1790069,1790077,1790382,1790502-1790503,1792049,1792463,1792742,1792746,1793013,1793088,1793618,1793627,1793644,1794393,1794417,1794683,1795138,1795314,1795330,1795475,1795488,1795491,1795502,1795594,1795613,1795618,1796144,1796230,1796239,1796274,1796278,1796988,1797378,1798035,1798832,1798834,1799219,1799389,1799393,1799924,1800244,1800269,1800606,1800613,1800974,1801011,1801013,1801118-1801119,1801675,1802260,1802262,1802286 ,1802548,1802905,1802934,1802938,1802973,1803026,1803247-1803249,1803951,1803953-1803955,1804437,1805851-1805852,1806668,1807308,1807688,1808022,1808125,1808128,1808142,1808240,1808246,1809024,1809026,1809131,1809163,1809253,1809255-1809256,1809289,1809745,1811071
svn commit: r1833329 - in /jackrabbit/oak/branches/1.6: ./ oak-core/ oak-core/src/main/java/org/apache/jackrabbit/oak/security/user/UserImporter.java oak-core/src/test/java/org/apache/jackrabbit/oak/s
Author: stillalex Date: Mon Jun 11 13:56:52 2018 New Revision: 1833329 URL: http://svn.apache.org/viewvc?rev=1833329=rev Log: OAK-6027 UserImporter.Impersonators : use Oak path to user instead of ID - merged r1790006 into 1.6 branch Modified: jackrabbit/oak/branches/1.6/ (props changed) jackrabbit/oak/branches/1.6/oak-core/ (props changed) jackrabbit/oak/branches/1.6/oak-core/src/main/java/org/apache/jackrabbit/oak/security/user/UserImporter.java jackrabbit/oak/branches/1.6/oak-core/src/test/java/org/apache/jackrabbit/oak/security/user/UserImporterTest.java Propchange: jackrabbit/oak/branches/1.6/ -- --- svn:mergeinfo (original) +++ svn:mergeinfo Mon Jun 11 13:56:52 2018 @@ -1,3 +1,3 @@ /jackrabbit/oak/branches/1.0:1665962 -/jackrabbit/oak/trunk:1781068,1781075,1781248,1781386,1781846,1781907,1782000,1782029,1782196,1782447,1782476,1782770,1782945,1782966,1782973,1782990,1783061,1783066,1783089,1783104-1783105,1783110,1783619,1783720,1783731,1783733,1783738,1783742,1783773,1783855,1783891,1784023,1784034,1784130,1784162,1784251,1784401,1784551,1784574,1784689,1785095,1785108,1785283,1785652,1785838,1785917,1785919,1785946,1786122,1787074,1787145,1787151,1787217,1787425,1788056,1788378,1788387-1788389,1788463,1788476,1788850,1789056,1789534,1789925,1789940,1789987,1790382,1790502-1790503,1792049,1792463,1792742,1792746,1793013,1793088,1793618,1793627,1793644,1794393,1794417,1794683,1795138,1795314,1795330,1795475,1795488,1795491,1795502,1795594,1795613,1795618,1796144,1796230,1796239,1796274,1796278,1796988,1797378,1798035,1798832,1798834,1799219,1799389,1799393,1799924,1800244,1800269,1800606,1800613,1800974,1801011,1801013,1801118-1801119,1801675,1802260,1802262,1802286,1802548,1802905,1802934,1802938 ,1802973,1803026,1803247-1803249,1803951,1803953-1803955,1804437,1805851-1805852,1806668,1807308,1807688,1808022,1808125,1808128,1808142,1808240,1808246,1809024,1809026,1809131,1809163,1809253,1809255-1809256,1809289,1809745,1811071-1811072,1811155,1811380,1811655,1811952,1811963,1811986,1813192,1814189,1814332,1814397,1815201,1815438,1815926,1817326,1817919,1817987-1817988,1817990,1818038,1818042,1818056,1818124,1818554,1818576,1818645,1819048,1819050,1821325,1821358,1821495,1821516,1822850,1823172,1825471,1826237,1826338,1826532,1826640,1826932,1826957,1827472,1827486,1827977,1829569,1829987,1830019,1830160,1830748,1831374,1832379,1832535 +/jackrabbit/oak/trunk:1781068,1781075,1781248,1781386,1781846,1781907,1782000,1782029,1782196,1782447,1782476,1782770,1782945,1782966,1782973,1782990,1783061,1783066,1783089,1783104-1783105,1783110,1783619,1783720,1783731,1783733,1783738,1783742,1783773,1783855,1783891,1784023,1784034,1784130,1784162,1784251,1784401,1784551,1784574,1784689,1785095,1785108,1785283,1785652,1785838,1785917,1785919,1785946,1786122,1787074,1787145,1787151,1787217,1787425,1788056,1788378,1788387-1788389,1788463,1788476,1788850,1789056,1789534,1789925,1789940,1789987,1790006,1790382,1790502-1790503,1792049,1792463,1792742,1792746,1793013,1793088,1793618,1793627,1793644,1794393,1794417,1794683,1795138,1795314,1795330,1795475,1795488,1795491,1795502,1795594,1795613,1795618,1796144,1796230,1796239,1796274,1796278,1796988,1797378,1798035,1798832,1798834,1799219,1799389,1799393,1799924,1800244,1800269,1800606,1800613,1800974,1801011,1801013,1801118-1801119,1801675,1802260,1802262,1802286,1802548,1802905,1802934 ,1802938,1802973,1803026,1803247-1803249,1803951,1803953-1803955,1804437,1805851-1805852,1806668,1807308,1807688,1808022,1808125,1808128,1808142,1808240,1808246,1809024,1809026,1809131,1809163,1809253,1809255-1809256,1809289,1809745,1811071-1811072,1811155,1811380,1811655,1811952,1811963,1811986,1813192,1814189,1814332,1814397,1815201,1815438,1815926,1817326,1817919,1817987-1817988,1817990,1818038,1818042,1818056,1818124,1818554,1818576,1818645,1819048,1819050,1821325,1821358,1821495,1821516,1822850,1823172,1825471,1826237,1826338,1826532,1826640,1826932,1826957,1827472,1827486,1827977,1829569,1829987,1830019,1830160,1830748,1831374,1832379,1832535 /jackrabbit/trunk:1345480 Propchange: jackrabbit/oak/branches/1.6/oak-core/ -- --- svn:mergeinfo (original) +++ svn:mergeinfo Mon Jun 11 13:56:52 2018 @@ -1,5 +1,5 @@ /jackrabbit/oak/branches/1.0/oak-core:1665962 /jackrabbit/oak/trunk/oak-blob-plugins:1819950 -/jackrabbit/oak/trunk/oak-core:1781068,1781075,1781248,1781386,1781846,1781907,1782000,1782029,1782196,1782447,1782476,1782770,1782945,1782966,1782973,1782990,1783061,1783066,1783089,1783104-1783105,1783110,1783619,1783720,1783731,1783733,1783738,1783742,1783773,1783855,1783891,1784023,1784034,1784130,1784162,1784251,1784401,1784551,1784574,1784689,1785095,1785108,1785283,1785652,1785838,1785917,1785919,1785946,1786122,1787074,1787145,1787151,1787217,1787425,1788056,1788378,1788387
svn commit: r1833328 - in /jackrabbit/oak/branches/1.6: ./ oak-core/ oak-core/src/main/java/org/apache/jackrabbit/oak/security/user/ oak-core/src/test/java/org/apache/jackrabbit/oak/security/user/
Author: stillalex Date: Mon Jun 11 13:55:07 2018 New Revision: 1833328 URL: http://svn.apache.org/viewvc?rev=1833328=rev Log: OAK-6023 UserImporter: handlePropInfo for rep:authorizableId never returns true - merged r1789987 into 1.6 branch Modified: jackrabbit/oak/branches/1.6/ (props changed) jackrabbit/oak/branches/1.6/oak-core/ (props changed) jackrabbit/oak/branches/1.6/oak-core/src/main/java/org/apache/jackrabbit/oak/security/user/UserImporter.java jackrabbit/oak/branches/1.6/oak-core/src/main/java/org/apache/jackrabbit/oak/security/user/UserManagerImpl.java jackrabbit/oak/branches/1.6/oak-core/src/test/java/org/apache/jackrabbit/oak/security/user/UserImporterSessionAutosaveTest.java jackrabbit/oak/branches/1.6/oak-core/src/test/java/org/apache/jackrabbit/oak/security/user/UserImporterTest.java Propchange: jackrabbit/oak/branches/1.6/ -- --- svn:mergeinfo (original) +++ svn:mergeinfo Mon Jun 11 13:55:07 2018 @@ -1,3 +1,3 @@ /jackrabbit/oak/branches/1.0:1665962 -/jackrabbit/oak/trunk:1781068,1781075,1781248,1781386,1781846,1781907,1782000,1782029,1782196,1782447,1782476,1782770,1782945,1782966,1782973,1782990,1783061,1783066,1783089,1783104-1783105,1783110,1783619,1783720,1783731,1783733,1783738,1783742,1783773,1783855,1783891,1784023,1784034,1784130,1784162,1784251,1784401,1784551,1784574,1784689,1785095,1785108,1785283,1785652,1785838,1785917,1785919,1785946,1786122,1787074,1787145,1787151,1787217,1787425,1788056,1788378,1788387-1788389,1788463,1788476,1788850,1789056,1789534,1789925,1789940,1790382,1790502-1790503,1792049,1792463,1792742,1792746,1793013,1793088,1793618,1793627,1793644,1794393,1794417,1794683,1795138,1795314,1795330,1795475,1795488,1795491,1795502,1795594,1795613,1795618,1796144,1796230,1796239,1796274,1796278,1796988,1797378,1798035,1798832,1798834,1799219,1799389,1799393,1799924,1800244,1800269,1800606,1800613,1800974,1801011,1801013,1801118-1801119,1801675,1802260,1802262,1802286,1802548,1802905,1802934,1802938,1802973 ,1803026,1803247-1803249,1803951,1803953-1803955,1804437,1805851-1805852,1806668,1807308,1807688,1808022,1808125,1808128,1808142,1808240,1808246,1809024,1809026,1809131,1809163,1809253,1809255-1809256,1809289,1809745,1811071-1811072,1811155,1811380,1811655,1811952,1811963,1811986,1813192,1814189,1814332,1814397,1815201,1815438,1815926,1817326,1817919,1817987-1817988,1817990,1818038,1818042,1818056,1818124,1818554,1818576,1818645,1819048,1819050,1821325,1821358,1821495,1821516,1822850,1823172,1825471,1826237,1826338,1826532,1826640,1826932,1826957,1827472,1827486,1827977,1829569,1829987,1830019,1830160,1830748,1831374,1832379,1832535 +/jackrabbit/oak/trunk:1781068,1781075,1781248,1781386,1781846,1781907,1782000,1782029,1782196,1782447,1782476,1782770,1782945,1782966,1782973,1782990,1783061,1783066,1783089,1783104-1783105,1783110,1783619,1783720,1783731,1783733,1783738,1783742,1783773,1783855,1783891,1784023,1784034,1784130,1784162,1784251,1784401,1784551,1784574,1784689,1785095,1785108,1785283,1785652,1785838,1785917,1785919,1785946,1786122,1787074,1787145,1787151,1787217,1787425,1788056,1788378,1788387-1788389,1788463,1788476,1788850,1789056,1789534,1789925,1789940,1789987,1790382,1790502-1790503,1792049,1792463,1792742,1792746,1793013,1793088,1793618,1793627,1793644,1794393,1794417,1794683,1795138,1795314,1795330,1795475,1795488,1795491,1795502,1795594,1795613,1795618,1796144,1796230,1796239,1796274,1796278,1796988,1797378,1798035,1798832,1798834,1799219,1799389,1799393,1799924,1800244,1800269,1800606,1800613,1800974,1801011,1801013,1801118-1801119,1801675,1802260,1802262,1802286,1802548,1802905,1802934,1802938 ,1802973,1803026,1803247-1803249,1803951,1803953-1803955,1804437,1805851-1805852,1806668,1807308,1807688,1808022,1808125,1808128,1808142,1808240,1808246,1809024,1809026,1809131,1809163,1809253,1809255-1809256,1809289,1809745,1811071-1811072,1811155,1811380,1811655,1811952,1811963,1811986,1813192,1814189,1814332,1814397,1815201,1815438,1815926,1817326,1817919,1817987-1817988,1817990,1818038,1818042,1818056,1818124,1818554,1818576,1818645,1819048,1819050,1821325,1821358,1821495,1821516,1822850,1823172,1825471,1826237,1826338,1826532,1826640,1826932,1826957,1827472,1827486,1827977,1829569,1829987,1830019,1830160,1830748,1831374,1832379,1832535 /jackrabbit/trunk:1345480 Propchange: jackrabbit/oak/branches/1.6/oak-core/ -- --- svn:mergeinfo (original) +++ svn:mergeinfo Mon Jun 11 13:55:07 2018 @@ -1,5 +1,5 @@ /jackrabbit/oak/branches/1.0/oak-core:1665962 /jackrabbit/oak/trunk/oak-blob-plugins:1819950 -/jackrabbit/oak/trunk/oak-core:1781068,1781075,1781248,1781386,1781846,1781907,1782000,1782029,1782196,1782447,1782476,1782770,1782945,1782966,1782973,1782990,1783061,1783066,1783089,1783104
svn commit: r1833327 - in /jackrabbit/oak/branches/1.6: ./ oak-core/ oak-core/src/main/java/org/apache/jackrabbit/oak/security/user/UserImporter.java oak-core/src/test/java/org/apache/jackrabbit/oak/s
Author: stillalex Date: Mon Jun 11 13:52:48 2018 New Revision: 1833327 URL: http://svn.apache.org/viewvc?rev=1833327=rev Log: OAK-6019 UserImporter: Redundant assignment of UserManager - merged r1789940 to 1.6 branch Modified: jackrabbit/oak/branches/1.6/ (props changed) jackrabbit/oak/branches/1.6/oak-core/ (props changed) jackrabbit/oak/branches/1.6/oak-core/src/main/java/org/apache/jackrabbit/oak/security/user/UserImporter.java jackrabbit/oak/branches/1.6/oak-core/src/test/java/org/apache/jackrabbit/oak/security/user/UserImporterTest.java Propchange: jackrabbit/oak/branches/1.6/ -- --- svn:mergeinfo (original) +++ svn:mergeinfo Mon Jun 11 13:52:48 2018 @@ -1,3 +1,3 @@ /jackrabbit/oak/branches/1.0:1665962 -/jackrabbit/oak/trunk:1781068,1781075,1781248,1781386,1781846,1781907,1782000,1782029,1782196,1782447,1782476,1782770,1782945,1782966,1782973,1782990,1783061,1783066,1783089,1783104-1783105,1783110,1783619,1783720,1783731,1783733,1783738,1783742,1783773,1783855,1783891,1784023,1784034,1784130,1784162,1784251,1784401,1784551,1784574,1784689,1785095,1785108,1785283,1785652,1785838,1785917,1785919,1785946,1786122,1787074,1787145,1787151,1787217,1787425,1788056,1788378,1788387-1788389,1788463,1788476,1788850,1789056,1789534,1789925,1790382,1790502-1790503,1792049,1792463,1792742,1792746,1793013,1793088,1793618,1793627,1793644,1794393,1794417,1794683,1795138,1795314,1795330,1795475,1795488,1795491,1795502,1795594,1795613,1795618,1796144,1796230,1796239,1796274,1796278,1796988,1797378,1798035,1798832,1798834,1799219,1799389,1799393,1799924,1800244,1800269,1800606,1800613,1800974,1801011,1801013,1801118-1801119,1801675,1802260,1802262,1802286,1802548,1802905,1802934,1802938,1802973,1803026 ,1803247-1803249,1803951,1803953-1803955,1804437,1805851-1805852,1806668,1807308,1807688,1808022,1808125,1808128,1808142,1808240,1808246,1809024,1809026,1809131,1809163,1809253,1809255-1809256,1809289,1809745,1811071-1811072,1811155,1811380,1811655,1811952,1811963,1811986,1813192,1814189,1814332,1814397,1815201,1815438,1815926,1817326,1817919,1817987-1817988,1817990,1818038,1818042,1818056,1818124,1818554,1818576,1818645,1819048,1819050,1821325,1821358,1821495,1821516,1822850,1823172,1825471,1826237,1826338,1826532,1826640,1826932,1826957,1827472,1827486,1827977,1829569,1829987,1830019,1830160,1830748,1831374,1832379,1832535 +/jackrabbit/oak/trunk:1781068,1781075,1781248,1781386,1781846,1781907,1782000,1782029,1782196,1782447,1782476,1782770,1782945,1782966,1782973,1782990,1783061,1783066,1783089,1783104-1783105,1783110,1783619,1783720,1783731,1783733,1783738,1783742,1783773,1783855,1783891,1784023,1784034,1784130,1784162,1784251,1784401,1784551,1784574,1784689,1785095,1785108,1785283,1785652,1785838,1785917,1785919,1785946,1786122,1787074,1787145,1787151,1787217,1787425,1788056,1788378,1788387-1788389,1788463,1788476,1788850,1789056,1789534,1789925,1789940,1790382,1790502-1790503,1792049,1792463,1792742,1792746,1793013,1793088,1793618,1793627,1793644,1794393,1794417,1794683,1795138,1795314,1795330,1795475,1795488,1795491,1795502,1795594,1795613,1795618,1796144,1796230,1796239,1796274,1796278,1796988,1797378,1798035,1798832,1798834,1799219,1799389,1799393,1799924,1800244,1800269,1800606,1800613,1800974,1801011,1801013,1801118-1801119,1801675,1802260,1802262,1802286,1802548,1802905,1802934,1802938,1802973 ,1803026,1803247-1803249,1803951,1803953-1803955,1804437,1805851-1805852,1806668,1807308,1807688,1808022,1808125,1808128,1808142,1808240,1808246,1809024,1809026,1809131,1809163,1809253,1809255-1809256,1809289,1809745,1811071-1811072,1811155,1811380,1811655,1811952,1811963,1811986,1813192,1814189,1814332,1814397,1815201,1815438,1815926,1817326,1817919,1817987-1817988,1817990,1818038,1818042,1818056,1818124,1818554,1818576,1818645,1819048,1819050,1821325,1821358,1821495,1821516,1822850,1823172,1825471,1826237,1826338,1826532,1826640,1826932,1826957,1827472,1827486,1827977,1829569,1829987,1830019,1830160,1830748,1831374,1832379,1832535 /jackrabbit/trunk:1345480 Propchange: jackrabbit/oak/branches/1.6/oak-core/ -- --- svn:mergeinfo (original) +++ svn:mergeinfo Mon Jun 11 13:52:48 2018 @@ -1,5 +1,5 @@ /jackrabbit/oak/branches/1.0/oak-core:1665962 /jackrabbit/oak/trunk/oak-blob-plugins:1819950 -/jackrabbit/oak/trunk/oak-core:1781068,1781075,1781248,1781386,1781846,1781907,1782000,1782029,1782196,1782447,1782476,1782770,1782945,1782966,1782973,1782990,1783061,1783066,1783089,1783104-1783105,1783110,1783619,1783720,1783731,1783733,1783738,1783742,1783773,1783855,1783891,1784023,1784034,1784130,1784162,1784251,1784401,1784551,1784574,1784689,1785095,1785108,1785283,1785652,1785838,1785917,1785919,1785946,1786122,1787074,1787145,1787151,1787217,1787425,1788056,1788378,1788387
svn commit: r1833326 - in /jackrabbit/oak/branches/1.6: ./ oak-core/ oak-core/src/main/java/org/apache/jackrabbit/oak/security/user/ oak-core/src/test/java/org/apache/jackrabbit/oak/security/user/
Author: stillalex Date: Mon Jun 11 13:50:07 2018 New Revision: 1833326 URL: http://svn.apache.org/viewvc?rev=1833326=rev Log: OAK-6018 UserImporter: session field can avoided by passing to init method - merged r1789925 to 1.6 Added: jackrabbit/oak/branches/1.6/oak-core/src/test/java/org/apache/jackrabbit/oak/security/user/UserImporterSessionAutosaveTest.java - copied unchanged from r1789925, jackrabbit/oak/trunk/oak-core/src/test/java/org/apache/jackrabbit/oak/security/user/UserImporterSessionAutosaveTest.java jackrabbit/oak/branches/1.6/oak-core/src/test/java/org/apache/jackrabbit/oak/security/user/UserImporterTest.java - copied unchanged from r1789925, jackrabbit/oak/trunk/oak-core/src/test/java/org/apache/jackrabbit/oak/security/user/UserImporterTest.java jackrabbit/oak/branches/1.6/oak-core/src/test/java/org/apache/jackrabbit/oak/security/user/UserImporterWorkspaceTest.java - copied unchanged from r1789925, jackrabbit/oak/trunk/oak-core/src/test/java/org/apache/jackrabbit/oak/security/user/UserImporterWorkspaceTest.java Modified: jackrabbit/oak/branches/1.6/ (props changed) jackrabbit/oak/branches/1.6/oak-core/ (props changed) jackrabbit/oak/branches/1.6/oak-core/src/main/java/org/apache/jackrabbit/oak/security/user/UserImporter.java Propchange: jackrabbit/oak/branches/1.6/ -- --- svn:mergeinfo (original) +++ svn:mergeinfo Mon Jun 11 13:50:07 2018 @@ -1,3 +1,3 @@ /jackrabbit/oak/branches/1.0:1665962 -/jackrabbit/oak/trunk:1781068,1781075,1781248,1781386,1781846,1781907,1782000,1782029,1782196,1782447,1782476,1782770,1782945,1782966,1782973,1782990,1783061,1783066,1783089,1783104-1783105,1783110,1783619,1783720,1783731,1783733,1783738,1783742,1783773,1783855,1783891,1784023,1784034,1784130,1784162,1784251,1784401,1784551,1784574,1784689,1785095,1785108,1785283,1785652,1785838,1785917,1785919,1785946,1786122,1787074,1787145,1787151,1787217,1787425,1788056,1788378,1788387-1788389,1788463,1788476,1788850,1789056,1789534,1790382,1790502-1790503,1792049,1792463,1792742,1792746,1793013,1793088,1793618,1793627,1793644,1794393,1794417,1794683,1795138,1795314,1795330,1795475,1795488,1795491,1795502,1795594,1795613,1795618,1796144,1796230,1796239,1796274,1796278,1796988,1797378,1798035,1798832,1798834,1799219,1799389,1799393,1799924,1800244,1800269,1800606,1800613,1800974,1801011,1801013,1801118-1801119,1801675,1802260,1802262,1802286,1802548,1802905,1802934,1802938,1802973,1803026,1803247 -1803249,1803951,1803953-1803955,1804437,1805851-1805852,1806668,1807308,1807688,1808022,1808125,1808128,1808142,1808240,1808246,1809024,1809026,1809131,1809163,1809253,1809255-1809256,1809289,1809745,1811071-1811072,1811155,1811380,1811655,1811952,1811963,1811986,1813192,1814189,1814332,1814397,1815201,1815438,1815926,1817326,1817919,1817987-1817988,1817990,1818038,1818042,1818056,1818124,1818554,1818576,1818645,1819048,1819050,1821325,1821358,1821495,1821516,1822850,1823172,1825471,1826237,1826338,1826532,1826640,1826932,1826957,1827472,1827486,1827977,1829569,1829987,1830019,1830160,1830748,1831374,1832379,1832535 +/jackrabbit/oak/trunk:1781068,1781075,1781248,1781386,1781846,1781907,1782000,1782029,1782196,1782447,1782476,1782770,1782945,1782966,1782973,1782990,1783061,1783066,1783089,1783104-1783105,1783110,1783619,1783720,1783731,1783733,1783738,1783742,1783773,1783855,1783891,1784023,1784034,1784130,1784162,1784251,1784401,1784551,1784574,1784689,1785095,1785108,1785283,1785652,1785838,1785917,1785919,1785946,1786122,1787074,1787145,1787151,1787217,1787425,1788056,1788378,1788387-1788389,1788463,1788476,1788850,1789056,1789534,1789925,1790382,1790502-1790503,1792049,1792463,1792742,1792746,1793013,1793088,1793618,1793627,1793644,1794393,1794417,1794683,1795138,1795314,1795330,1795475,1795488,1795491,1795502,1795594,1795613,1795618,1796144,1796230,1796239,1796274,1796278,1796988,1797378,1798035,1798832,1798834,1799219,1799389,1799393,1799924,1800244,1800269,1800606,1800613,1800974,1801011,1801013,1801118-1801119,1801675,1802260,1802262,1802286,1802548,1802905,1802934,1802938,1802973,1803026 ,1803247-1803249,1803951,1803953-1803955,1804437,1805851-1805852,1806668,1807308,1807688,1808022,1808125,1808128,1808142,1808240,1808246,1809024,1809026,1809131,1809163,1809253,1809255-1809256,1809289,1809745,1811071-1811072,1811155,1811380,1811655,1811952,1811963,1811986,1813192,1814189,1814332,1814397,1815201,1815438,1815926,1817326,1817919,1817987-1817988,1817990,1818038,1818042,1818056,1818124,1818554,1818576,1818645,1819048,1819050,1821325,1821358,1821495,1821516,1822850,1823172,1825471,1826237,1826338,1826532,1826640,1826932,1826957,1827472,1827486,1827977,1829569,1829987,1830019,1830160,1830748,1831374,1832379,1832535 /jackrabbit/trunk:1345480 Propchange: jackrabbit/oak/branches/1.6/oak-core/ -- --- svn:mergeinfo
svn commit: r1833323 - in /jackrabbit/oak/branches/1.6: ./ oak-core/ oak-core/src/main/java/org/apache/jackrabbit/oak/security/user/AuthorizableIterator.java oak-core/src/main/java/org/apache/jackrabb
Author: stillalex Date: Mon Jun 11 13:13:13 2018 New Revision: 1833323 URL: http://svn.apache.org/viewvc?rev=1833323=rev Log: OAK-5895 Avoid jcr-path conversion in AuthorizableIterator - merged r1785652 to 1.6 branch Modified: jackrabbit/oak/branches/1.6/ (props changed) jackrabbit/oak/branches/1.6/oak-core/ (props changed) jackrabbit/oak/branches/1.6/oak-core/src/main/java/org/apache/jackrabbit/oak/security/user/AuthorizableIterator.java jackrabbit/oak/branches/1.6/oak-core/src/main/java/org/apache/jackrabbit/oak/security/user/UserManagerImpl.java Propchange: jackrabbit/oak/branches/1.6/ -- --- svn:mergeinfo (original) +++ svn:mergeinfo Mon Jun 11 13:13:13 2018 @@ -1,3 +1,3 @@ /jackrabbit/oak/branches/1.0:1665962 -/jackrabbit/oak/trunk:1781068,1781075,1781248,1781386,1781846,1781907,1782000,1782029,1782196,1782447,1782476,1782770,1782945,1782966,1782973,1782990,1783061,1783066,1783089,1783104-1783105,1783110,1783619,1783720,1783731,1783733,1783738,1783742,1783773,1783855,1783891,1784023,1784034,1784130,1784162,1784251,1784401,1784551,1784574,1784689,1785095,1785108,1785283,1785838,1785917,1785919,1785946,1786122,1787074,1787145,1787151,1787217,1787425,1788056,1788378,1788387-1788389,1788463,1788476,1788850,1789056,1789534,1790382,1790502-1790503,1792049,1792463,1792742,1792746,1793013,1793088,1793618,1793627,1793644,1794393,1794417,1794683,1795138,1795314,1795330,1795475,1795488,1795491,1795502,1795594,1795613,1795618,1796144,1796230,1796239,1796274,1796278,1796988,1797378,1798035,1798832,1798834,1799219,1799389,1799393,1799924,1800244,1800269,1800606,1800613,1800974,1801011,1801013,1801118-1801119,1801675,1802260,1802262,1802286,1802548,1802905,1802934,1802938,1802973,1803026,1803247-1803249 ,1803951,1803953-1803955,1804437,1805851-1805852,1806668,1807308,1807688,1808022,1808125,1808128,1808142,1808240,1808246,1809024,1809026,1809131,1809163,1809253,1809255-1809256,1809289,1809745,1811071-1811072,1811155,1811380,1811655,1811952,1811963,1811986,1813192,1814189,1814332,1814397,1815201,1815438,1815926,1817326,1817919,1817987-1817988,1817990,1818038,1818042,1818056,1818124,1818554,1818576,1818645,1819048,1819050,1821325,1821358,1821495,1821516,1822850,1823172,1825471,1826237,1826338,1826532,1826640,1826932,1826957,1827472,1827486,1827977,1829569,1829987,1830019,1830160,1830748,1831374,1832379,1832535 +/jackrabbit/oak/trunk:1781068,1781075,1781248,1781386,1781846,1781907,1782000,1782029,1782196,1782447,1782476,1782770,1782945,1782966,1782973,1782990,1783061,1783066,1783089,1783104-1783105,1783110,1783619,1783720,1783731,1783733,1783738,1783742,1783773,1783855,1783891,1784023,1784034,1784130,1784162,1784251,1784401,1784551,1784574,1784689,1785095,1785108,1785283,1785652,1785838,1785917,1785919,1785946,1786122,1787074,1787145,1787151,1787217,1787425,1788056,1788378,1788387-1788389,1788463,1788476,1788850,1789056,1789534,1790382,1790502-1790503,1792049,1792463,1792742,1792746,1793013,1793088,1793618,1793627,1793644,1794393,1794417,1794683,1795138,1795314,1795330,1795475,1795488,1795491,1795502,1795594,1795613,1795618,1796144,1796230,1796239,1796274,1796278,1796988,1797378,1798035,1798832,1798834,1799219,1799389,1799393,1799924,1800244,1800269,1800606,1800613,1800974,1801011,1801013,1801118-1801119,1801675,1802260,1802262,1802286,1802548,1802905,1802934,1802938,1802973,1803026,1803247 -1803249,1803951,1803953-1803955,1804437,1805851-1805852,1806668,1807308,1807688,1808022,1808125,1808128,1808142,1808240,1808246,1809024,1809026,1809131,1809163,1809253,1809255-1809256,1809289,1809745,1811071-1811072,1811155,1811380,1811655,1811952,1811963,1811986,1813192,1814189,1814332,1814397,1815201,1815438,1815926,1817326,1817919,1817987-1817988,1817990,1818038,1818042,1818056,1818124,1818554,1818576,1818645,1819048,1819050,1821325,1821358,1821495,1821516,1822850,1823172,1825471,1826237,1826338,1826532,1826640,1826932,1826957,1827472,1827486,1827977,1829569,1829987,1830019,1830160,1830748,1831374,1832379,1832535 /jackrabbit/trunk:1345480 Propchange: jackrabbit/oak/branches/1.6/oak-core/ -- --- svn:mergeinfo (original) +++ svn:mergeinfo Mon Jun 11 13:13:13 2018 @@ -1,5 +1,5 @@ /jackrabbit/oak/branches/1.0/oak-core:1665962 /jackrabbit/oak/trunk/oak-blob-plugins:1819950 -/jackrabbit/oak/trunk/oak-core:1781068,1781075,1781248,1781386,1781846,1781907,1782000,1782029,1782196,1782447,1782476,1782770,1782945,1782966,1782973,1782990,1783061,1783066,1783089,1783104-1783105,1783110,1783619,1783720,1783731,1783733,1783738,1783742,1783773,1783855,1783891,1784023,1784034,1784130,1784162,1784251,1784401,1784551,1784574,1784689,1785095,1785108,1785283,1785838,1785917,1785919,1785946,1786122,1787074,1787145,1787151,1787217,1787425,1788056,1788378,1788387
svn commit: r1833309 - in /jackrabbit/oak/trunk/oak-core/src: main/java/org/apache/jackrabbit/oak/plugins/name/ test/java/org/apache/jackrabbit/oak/plugins/name/
Author: stillalex Date: Mon Jun 11 08:02:29 2018 New Revision: 1833309 URL: http://svn.apache.org/viewvc?rev=1833309=rev Log: OAK-7533 NameValidator is not using namespaces defined in the current transaction Modified: jackrabbit/oak/trunk/oak-core/src/main/java/org/apache/jackrabbit/oak/plugins/name/NameValidator.java jackrabbit/oak/trunk/oak-core/src/main/java/org/apache/jackrabbit/oak/plugins/name/NameValidatorProvider.java jackrabbit/oak/trunk/oak-core/src/main/java/org/apache/jackrabbit/oak/plugins/name/Namespaces.java jackrabbit/oak/trunk/oak-core/src/test/java/org/apache/jackrabbit/oak/plugins/name/NameValidatorTest.java Modified: jackrabbit/oak/trunk/oak-core/src/main/java/org/apache/jackrabbit/oak/plugins/name/NameValidator.java URL: http://svn.apache.org/viewvc/jackrabbit/oak/trunk/oak-core/src/main/java/org/apache/jackrabbit/oak/plugins/name/NameValidator.java?rev=1833309=1833308=1833309=diff == --- jackrabbit/oak/trunk/oak-core/src/main/java/org/apache/jackrabbit/oak/plugins/name/NameValidator.java (original) +++ jackrabbit/oak/trunk/oak-core/src/main/java/org/apache/jackrabbit/oak/plugins/name/NameValidator.java Mon Jun 11 08:02:29 2018 @@ -16,6 +16,10 @@ */ package org.apache.jackrabbit.oak.plugins.name; +import static com.google.common.collect.Sets.newHashSet; +import static org.apache.jackrabbit.oak.spi.namespace.NamespaceConstants.REP_NSDATA; +import static org.apache.jackrabbit.oak.spi.namespace.NamespaceConstants.REP_PREFIXES; + import java.util.Set; import org.apache.jackrabbit.oak.api.CommitFailedException; @@ -31,10 +35,12 @@ import org.apache.jackrabbit.oak.spi.sta */ class NameValidator extends DefaultValidator { +private final NodeState namespaces; private final Set prefixes; -NameValidator(Set prefixes) { -this.prefixes = prefixes; +NameValidator(NodeState namespaces) { +this.namespaces = namespaces; +this.prefixes = newHashSet(namespaces.getChildNode(REP_NSDATA).getStrings(REP_PREFIXES)); } // escape non-printable non-USASCII characters using standard Java escapes @@ -65,7 +71,7 @@ class NameValidator extends DefaultValid int colon = name.indexOf(':'); if (colon > 0) { String prefix = name.substring(0, colon); -if (prefix.isEmpty() || !prefixes.contains(prefix)) { +if (prefix.isEmpty() || !contains(prefixes, namespaces, prefix)) { throw new CommitFailedException( CommitFailedException.NAME, 1, "Invalid namespace prefix("+prefixes+"): " + prefix); } @@ -93,6 +99,10 @@ class NameValidator extends DefaultValid } } +private static boolean contains(Set prefixes, NodeState namespaces, String prefix) { +return prefixes.contains(prefix) || Namespaces.collectNamespaces(namespaces.getProperties()).containsKey(prefix); +} + protected void checkValidValue(PropertyState property) throws CommitFailedException { if (Type.NAME.equals(property.getType()) || Type.NAMES.equals(property.getType())) { Modified: jackrabbit/oak/trunk/oak-core/src/main/java/org/apache/jackrabbit/oak/plugins/name/NameValidatorProvider.java URL: http://svn.apache.org/viewvc/jackrabbit/oak/trunk/oak-core/src/main/java/org/apache/jackrabbit/oak/plugins/name/NameValidatorProvider.java?rev=1833309=1833308=1833309=diff == --- jackrabbit/oak/trunk/oak-core/src/main/java/org/apache/jackrabbit/oak/plugins/name/NameValidatorProvider.java (original) +++ jackrabbit/oak/trunk/oak-core/src/main/java/org/apache/jackrabbit/oak/plugins/name/NameValidatorProvider.java Mon Jun 11 08:02:29 2018 @@ -23,11 +23,8 @@ import org.apache.jackrabbit.oak.spi.com import org.apache.jackrabbit.oak.spi.state.NodeState; import org.osgi.service.component.annotations.Component; -import static com.google.common.collect.Sets.newHashSet; import static org.apache.jackrabbit.JcrConstants.JCR_SYSTEM; import static org.apache.jackrabbit.oak.spi.namespace.NamespaceConstants.REP_NAMESPACES; -import static org.apache.jackrabbit.oak.spi.namespace.NamespaceConstants.REP_NSDATA; -import static org.apache.jackrabbit.oak.spi.namespace.NamespaceConstants.REP_PREFIXES; /** * Validator service that checks that all node and property names as well @@ -40,11 +37,9 @@ public class NameValidatorProvider exten @Override public Validator getRootValidator( NodeState before, NodeState after, CommitInfo info) { -return new NameValidator(newHashSet(after +return new NameValidator(after .getChildNode(JCR_SYSTEM) -.getChildNode(REP_NAMESPACES) -.getChildNode(REP_NSDATA) -.getStrings(REP_PREFIXES))); +.getC
svn commit: r1833118 - in /jackrabbit/oak/trunk: oak-core-spi/src/main/java/org/apache/jackrabbit/oak/spi/namespace/ oak-core/src/main/java/org/apache/jackrabbit/oak/plugins/name/
Author: stillalex Date: Thu Jun 7 12:24:25 2018 New Revision: 1833118 URL: http://svn.apache.org/viewvc?rev=1833118=rev Log: OAK-7529 Define and register oak namespace Modified: jackrabbit/oak/trunk/oak-core-spi/src/main/java/org/apache/jackrabbit/oak/spi/namespace/NamespaceConstants.java jackrabbit/oak/trunk/oak-core-spi/src/main/java/org/apache/jackrabbit/oak/spi/namespace/package-info.java jackrabbit/oak/trunk/oak-core/src/main/java/org/apache/jackrabbit/oak/plugins/name/NamespaceEditor.java jackrabbit/oak/trunk/oak-core/src/main/java/org/apache/jackrabbit/oak/plugins/name/Namespaces.java Modified: jackrabbit/oak/trunk/oak-core-spi/src/main/java/org/apache/jackrabbit/oak/spi/namespace/NamespaceConstants.java URL: http://svn.apache.org/viewvc/jackrabbit/oak/trunk/oak-core-spi/src/main/java/org/apache/jackrabbit/oak/spi/namespace/NamespaceConstants.java?rev=1833118=1833117=1833118=diff == --- jackrabbit/oak/trunk/oak-core-spi/src/main/java/org/apache/jackrabbit/oak/spi/namespace/NamespaceConstants.java (original) +++ jackrabbit/oak/trunk/oak-core-spi/src/main/java/org/apache/jackrabbit/oak/spi/namespace/NamespaceConstants.java Thu Jun 7 12:24:25 2018 @@ -43,6 +43,10 @@ public interface NamespaceConstants { String PREFIX_XMLNS = "xmlns"; String NAMESPACE_XMLNS = "http://www.w3.org/2000/xmlns/;; +// additional Oak namespace +String PREFIX_OAK = "oak"; +String NAMESPACE_OAK = "http://jackrabbit.apache.org/oak/ns/1.0;; + /** * Reserved namespace prefixes as defined in jackrabbit 2 */ @@ -53,7 +57,8 @@ public interface NamespaceConstants { NamespaceRegistry.PREFIX_MIX, PREFIX_XMLNS, PREFIX_REP, -PREFIX_SV +PREFIX_SV, +PREFIX_OAK )); /** @@ -66,7 +71,8 @@ public interface NamespaceConstants { NamespaceRegistry.NAMESPACE_MIX, NAMESPACE_XMLNS, NAMESPACE_REP, -NAMESPACE_SV +NAMESPACE_SV, +NAMESPACE_OAK )); // index nodes for faster lookup Modified: jackrabbit/oak/trunk/oak-core-spi/src/main/java/org/apache/jackrabbit/oak/spi/namespace/package-info.java URL: http://svn.apache.org/viewvc/jackrabbit/oak/trunk/oak-core-spi/src/main/java/org/apache/jackrabbit/oak/spi/namespace/package-info.java?rev=1833118=1833117=1833118=diff == --- jackrabbit/oak/trunk/oak-core-spi/src/main/java/org/apache/jackrabbit/oak/spi/namespace/package-info.java (original) +++ jackrabbit/oak/trunk/oak-core-spi/src/main/java/org/apache/jackrabbit/oak/spi/namespace/package-info.java Thu Jun 7 12:24:25 2018 @@ -14,7 +14,7 @@ * See the License for the specific language governing permissions and * limitations under the License. */ -@Version("1.0.0") +@Version("1.1.0") package org.apache.jackrabbit.oak.spi.namespace; import org.osgi.annotation.versioning.Version; \ No newline at end of file Modified: jackrabbit/oak/trunk/oak-core/src/main/java/org/apache/jackrabbit/oak/plugins/name/NamespaceEditor.java URL: http://svn.apache.org/viewvc/jackrabbit/oak/trunk/oak-core/src/main/java/org/apache/jackrabbit/oak/plugins/name/NamespaceEditor.java?rev=1833118=1833117=1833118=diff == --- jackrabbit/oak/trunk/oak-core/src/main/java/org/apache/jackrabbit/oak/plugins/name/NamespaceEditor.java (original) +++ jackrabbit/oak/trunk/oak-core/src/main/java/org/apache/jackrabbit/oak/plugins/name/NamespaceEditor.java Thu Jun 7 12:24:25 2018 @@ -26,15 +26,15 @@ import static org.apache.jackrabbit.oak. import static org.apache.jackrabbit.oak.spi.namespace.NamespaceConstants.REP_NSDATA; import static org.apache.jackrabbit.oak.spi.namespace.NamespaceConstants.REP_URIS; import static org.apache.jackrabbit.oak.plugins.name.Namespaces.isValidPrefix; -import static org.apache.jackrabbit.oak.plugins.name.Namespaces.safeGet; import java.util.Locale; import java.util.Set; import com.google.common.collect.ImmutableSet; +import com.google.common.collect.Iterables; + import org.apache.jackrabbit.oak.api.CommitFailedException; import org.apache.jackrabbit.oak.api.PropertyState; -import org.apache.jackrabbit.oak.plugins.tree.factories.TreeFactory; import org.apache.jackrabbit.oak.spi.commit.DefaultEditor; import org.apache.jackrabbit.oak.spi.commit.Editor; import org.apache.jackrabbit.oak.spi.namespace.NamespaceConstants; @@ -89,8 +89,7 @@ class NamespaceEditor extends DefaultEdi } private static boolean containsValue(NodeState namespaces, String value) { -return safeGet(TreeFactory.createReadOnlyTree(namespaces.getChildNode(REP_NSDATA)), -REP_URIS).contains(value); +return Ite
svn commit: r1833100 - /jackrabbit/oak/trunk/oak-core/src/main/java/org/apache/jackrabbit/oak/security/privilege/PrivilegeInitializer.java
Author: stillalex Date: Thu Jun 7 07:29:41 2018 New Revision: 1833100 URL: http://svn.apache.org/viewvc?rev=1833100=rev Log: OAK-7530 PrivilegeInitializer should not attempt to create jcr:system node Modified: jackrabbit/oak/trunk/oak-core/src/main/java/org/apache/jackrabbit/oak/security/privilege/PrivilegeInitializer.java Modified: jackrabbit/oak/trunk/oak-core/src/main/java/org/apache/jackrabbit/oak/security/privilege/PrivilegeInitializer.java URL: http://svn.apache.org/viewvc/jackrabbit/oak/trunk/oak-core/src/main/java/org/apache/jackrabbit/oak/security/privilege/PrivilegeInitializer.java?rev=1833100=1833099=1833100=diff == --- jackrabbit/oak/trunk/oak-core/src/main/java/org/apache/jackrabbit/oak/security/privilege/PrivilegeInitializer.java (original) +++ jackrabbit/oak/trunk/oak-core/src/main/java/org/apache/jackrabbit/oak/security/privilege/PrivilegeInitializer.java Thu Jun 7 07:29:41 2018 @@ -25,7 +25,6 @@ import org.apache.jackrabbit.oak.api.Typ import org.apache.jackrabbit.oak.plugins.memory.MemoryNodeStore; import org.apache.jackrabbit.oak.plugins.tree.RootProvider; import org.apache.jackrabbit.oak.spi.lifecycle.RepositoryInitializer; -import org.apache.jackrabbit.oak.spi.nodetype.NodeTypeConstants; import org.apache.jackrabbit.oak.spi.security.privilege.PrivilegeConstants; import org.apache.jackrabbit.oak.spi.state.ApplyDiff; import org.apache.jackrabbit.oak.spi.state.NodeBuilder; @@ -54,9 +53,10 @@ class PrivilegeInitializer implements Re @Override public void initialize(@Nonnull NodeBuilder builder) { -NodeBuilder system = builder.child(JcrConstants.JCR_SYSTEM); -system.setProperty(JcrConstants.JCR_PRIMARYTYPE, NodeTypeConstants.NT_REP_SYSTEM, Type.NAME); - +if (!builder.hasChildNode(JcrConstants.JCR_SYSTEM)) { +throw new IllegalStateException("Missing " + JcrConstants.JCR_SYSTEM + " node, NodeStore not initialized."); +} +NodeBuilder system = builder.getChildNode(JcrConstants.JCR_SYSTEM); if (!system.hasChildNode(REP_PRIVILEGES)) { NodeBuilder privileges = system.child(REP_PRIVILEGES); privileges.setProperty(JcrConstants.JCR_PRIMARYTYPE, NT_REP_PRIVILEGES, Type.NAME);
svn commit: r1833010 - /jackrabbit/oak/trunk/oak-core/src/main/java/org/apache/jackrabbit/oak/security/user/UserAuthentication.java
Author: stillalex Date: Wed Jun 6 11:20:14 2018 New Revision: 1833010 URL: http://svn.apache.org/viewvc?rev=1833010=rev Log: OAK-7506 Prevent user enumeration by exploiting time delay vulnerability Modified: jackrabbit/oak/trunk/oak-core/src/main/java/org/apache/jackrabbit/oak/security/user/UserAuthentication.java Modified: jackrabbit/oak/trunk/oak-core/src/main/java/org/apache/jackrabbit/oak/security/user/UserAuthentication.java URL: http://svn.apache.org/viewvc/jackrabbit/oak/trunk/oak-core/src/main/java/org/apache/jackrabbit/oak/security/user/UserAuthentication.java?rev=1833010=1833009=1833010=diff == --- jackrabbit/oak/trunk/oak-core/src/main/java/org/apache/jackrabbit/oak/security/user/UserAuthentication.java (original) +++ jackrabbit/oak/trunk/oak-core/src/main/java/org/apache/jackrabbit/oak/security/user/UserAuthentication.java Wed Jun 6 11:20:14 2018 @@ -16,6 +16,8 @@ */ package org.apache.jackrabbit.oak.security.user; +import java.io.UnsupportedEncodingException; +import java.security.NoSuchAlgorithmException; import java.security.Principal; import java.util.Collections; import java.util.concurrent.TimeUnit; @@ -103,6 +105,13 @@ class UserAuthentication implements Auth UserManager userManager = config.getUserManager(root, NamePathMapper.DEFAULT); Authorizable authorizable = userManager.getAuthorizable(loginId); if (authorizable == null) { +// best effort prevent user enumeration timing attacks +try { +String hash = PasswordUtil.buildPasswordHash("oak"); +PasswordUtil.isSame(hash, "oak"); +} catch (NoSuchAlgorithmException | UnsupportedEncodingException e) { +// ignore +} return false; }
svn commit: r1832984 - /jackrabbit/oak/trunk/oak-core/src/main/resources/org/apache/jackrabbit/oak/builtin_nodetypes.cnd
Author: stillalex Date: Wed Jun 6 06:44:00 2018 New Revision: 1832984 URL: http://svn.apache.org/viewvc?rev=1832984=rev Log: OAK-7527 Drop mandatory constraint on "rep:system" node for "rep:privileges" Modified: jackrabbit/oak/trunk/oak-core/src/main/resources/org/apache/jackrabbit/oak/builtin_nodetypes.cnd Modified: jackrabbit/oak/trunk/oak-core/src/main/resources/org/apache/jackrabbit/oak/builtin_nodetypes.cnd URL: http://svn.apache.org/viewvc/jackrabbit/oak/trunk/oak-core/src/main/resources/org/apache/jackrabbit/oak/builtin_nodetypes.cnd?rev=1832984=1832983=1832984=diff == --- jackrabbit/oak/trunk/oak-core/src/main/resources/org/apache/jackrabbit/oak/builtin_nodetypes.cnd (original) +++ jackrabbit/oak/trunk/oak-core/src/main/resources/org/apache/jackrabbit/oak/builtin_nodetypes.cnd Wed Jun 6 06:44:00 2018 @@ -610,7 +610,7 @@ + jcr:configurations (rep:Configurations) = rep:Configurations protected ABORT + * (nt:base) = nt:base IGNORE // @since oak 1.0 - + rep:privileges (rep:Privileges) = rep:Privileges mandatory protected ABORT + + rep:privileges (rep:Privileges) = rep:Privileges protected ABORT /**
svn commit: r1832933 [1/2] - in /jackrabbit/oak/trunk: oak-core/src/main/java/org/apache/jackrabbit/oak/ oak-core/src/test/java/org/apache/jackrabbit/oak/ oak-core/src/test/java/org/apache/jackrabbit/
Author: stillalex Date: Tue Jun 5 12:32:15 2018 New Revision: 1832933 URL: http://svn.apache.org/viewvc?rev=1832933=rev Log: OAK-7526 Move InitialContent#INITIAL_CONTENT to test Added: jackrabbit/oak/trunk/oak-core/src/test/java/org/apache/jackrabbit/oak/InitialContentHelper.java (with props) Modified: jackrabbit/oak/trunk/oak-core/src/main/java/org/apache/jackrabbit/oak/InitialContent.java jackrabbit/oak/trunk/oak-core/src/test/java/org/apache/jackrabbit/oak/plugins/index/IndexUpdateTest.java jackrabbit/oak/trunk/oak-core/src/test/java/org/apache/jackrabbit/oak/plugins/index/importer/IndexImporterTest.java jackrabbit/oak/trunk/oak-core/src/test/java/org/apache/jackrabbit/oak/plugins/index/nodetype/NodeTypeIndexTest.java jackrabbit/oak/trunk/oak-core/src/test/java/org/apache/jackrabbit/oak/plugins/index/property/PropertyIndexLookupTest.java jackrabbit/oak/trunk/oak-core/src/test/java/org/apache/jackrabbit/oak/plugins/index/property/PropertyIndexTest.java jackrabbit/oak/trunk/oak-core/src/test/java/org/apache/jackrabbit/oak/plugins/index/reference/ReferenceIndexTest.java jackrabbit/oak/trunk/oak-core/src/test/java/org/apache/jackrabbit/oak/plugins/nodetype/TypeEditorTest.java jackrabbit/oak/trunk/oak-core/src/test/java/org/apache/jackrabbit/oak/query/NativeQueryTest.java jackrabbit/oak/trunk/oak-core/src/test/java/org/apache/jackrabbit/oak/query/SQL2OptimiseQueryTest.java jackrabbit/oak/trunk/oak-core/src/test/java/org/apache/jackrabbit/oak/query/SQL2ParserTest.java jackrabbit/oak/trunk/oak-it/src/test/java/org/apache/jackrabbit/oak/InitialContentTest.java jackrabbit/oak/trunk/oak-lucene/src/test/java/org/apache/jackrabbit/oak/plugins/index/lucene/AggregateTest.java jackrabbit/oak/trunk/oak-lucene/src/test/java/org/apache/jackrabbit/oak/plugins/index/lucene/IndexCopierTest.java jackrabbit/oak/trunk/oak-lucene/src/test/java/org/apache/jackrabbit/oak/plugins/index/lucene/IndexDefinitionTest.java jackrabbit/oak/trunk/oak-lucene/src/test/java/org/apache/jackrabbit/oak/plugins/index/lucene/IndexNodeManagerTest.java jackrabbit/oak/trunk/oak-lucene/src/test/java/org/apache/jackrabbit/oak/plugins/index/lucene/IndexPlannerTest.java jackrabbit/oak/trunk/oak-lucene/src/test/java/org/apache/jackrabbit/oak/plugins/index/lucene/IndexTrackerTest.java jackrabbit/oak/trunk/oak-lucene/src/test/java/org/apache/jackrabbit/oak/plugins/index/lucene/LuceneDocumentMakerTest.java jackrabbit/oak/trunk/oak-lucene/src/test/java/org/apache/jackrabbit/oak/plugins/index/lucene/LuceneIndexEditor2Test.java jackrabbit/oak/trunk/oak-lucene/src/test/java/org/apache/jackrabbit/oak/plugins/index/lucene/LuceneIndexEditorProviderTest.java jackrabbit/oak/trunk/oak-lucene/src/test/java/org/apache/jackrabbit/oak/plugins/index/lucene/LuceneIndexEditorTest.java jackrabbit/oak/trunk/oak-lucene/src/test/java/org/apache/jackrabbit/oak/plugins/index/lucene/LuceneIndexLookupTest.java jackrabbit/oak/trunk/oak-lucene/src/test/java/org/apache/jackrabbit/oak/plugins/index/lucene/LuceneIndexTest.java jackrabbit/oak/trunk/oak-lucene/src/test/java/org/apache/jackrabbit/oak/plugins/index/lucene/LucenePropertyIndexTest.java jackrabbit/oak/trunk/oak-lucene/src/test/java/org/apache/jackrabbit/oak/plugins/index/lucene/MultiplexingLucenePropertyIndexTest.java jackrabbit/oak/trunk/oak-lucene/src/test/java/org/apache/jackrabbit/oak/plugins/index/lucene/binary/BinaryTextExtractorTest.java jackrabbit/oak/trunk/oak-lucene/src/test/java/org/apache/jackrabbit/oak/plugins/index/lucene/directory/FSDirectoryFactoryTest.java jackrabbit/oak/trunk/oak-lucene/src/test/java/org/apache/jackrabbit/oak/plugins/index/lucene/directory/IndexConsistencyCheckerTest.java jackrabbit/oak/trunk/oak-lucene/src/test/java/org/apache/jackrabbit/oak/plugins/index/lucene/directory/IndexRootDirectoryTest.java jackrabbit/oak/trunk/oak-lucene/src/test/java/org/apache/jackrabbit/oak/plugins/index/lucene/directory/LuceneIndexDumperTest.java jackrabbit/oak/trunk/oak-lucene/src/test/java/org/apache/jackrabbit/oak/plugins/index/lucene/directory/LuceneIndexImporterTest.java jackrabbit/oak/trunk/oak-lucene/src/test/java/org/apache/jackrabbit/oak/plugins/index/lucene/directory/OakDirectoryTestBase.java jackrabbit/oak/trunk/oak-lucene/src/test/java/org/apache/jackrabbit/oak/plugins/index/lucene/hybrid/DocumentQueueTest.java jackrabbit/oak/trunk/oak-lucene/src/test/java/org/apache/jackrabbit/oak/plugins/index/lucene/hybrid/ExternalIndexObserverTest.java jackrabbit/oak/trunk/oak-lucene/src/test/java/org/apache/jackrabbit/oak/plugins/index/lucene/hybrid/LocalIndexWriterFactoryTest.java jackrabbit/oak/trunk/oak-lucene/src/test/java/org/apache/jackrabbit/oak/plugins/index/lucene/hybrid/NRTIndexFactoryTest.java jackrabbit/oak/trunk/oak-lucene/src/test/java/org/apache/jackrabbit/oak/plugins/index/lucene/hybrid
svn commit: r1832933 [2/2] - in /jackrabbit/oak/trunk: oak-core/src/main/java/org/apache/jackrabbit/oak/ oak-core/src/test/java/org/apache/jackrabbit/oak/ oak-core/src/test/java/org/apache/jackrabbit/
Modified: jackrabbit/oak/trunk/oak-store-document/src/test/java/org/apache/jackrabbit/oak/plugins/document/bundlor/BundlingConfigInitializerTest.java URL: http://svn.apache.org/viewvc/jackrabbit/oak/trunk/oak-store-document/src/test/java/org/apache/jackrabbit/oak/plugins/document/bundlor/BundlingConfigInitializerTest.java?rev=1832933=1832932=1832933=diff == --- jackrabbit/oak/trunk/oak-store-document/src/test/java/org/apache/jackrabbit/oak/plugins/document/bundlor/BundlingConfigInitializerTest.java (original) +++ jackrabbit/oak/trunk/oak-store-document/src/test/java/org/apache/jackrabbit/oak/plugins/document/bundlor/BundlingConfigInitializerTest.java Tue Jun 5 12:32:15 2018 @@ -25,7 +25,7 @@ import org.apache.jackrabbit.oak.spi.sta import org.junit.Test; import static org.apache.jackrabbit.oak.plugins.memory.EmptyNodeState.EMPTY_NODE; -import static org.apache.jackrabbit.oak.InitialContent.INITIAL_CONTENT; +import static org.apache.jackrabbit.oak.InitialContentHelper.INITIAL_CONTENT; import static org.junit.Assert.*; public class BundlingConfigInitializerTest {
svn commit: r1830845 - /jackrabbit/oak/trunk/oak-auth-external/src/main/java/org/apache/jackrabbit/oak/spi/security/authentication/external/basic/DefaultSyncContext.java
Author: stillalex Date: Thu May 3 17:30:51 2018 New Revision: 1830845 URL: http://svn.apache.org/viewvc?rev=1830845=rev Log: OAK-7469 User membership synchronization could skip updating groups the user is already part of Modified: jackrabbit/oak/trunk/oak-auth-external/src/main/java/org/apache/jackrabbit/oak/spi/security/authentication/external/basic/DefaultSyncContext.java Modified: jackrabbit/oak/trunk/oak-auth-external/src/main/java/org/apache/jackrabbit/oak/spi/security/authentication/external/basic/DefaultSyncContext.java URL: http://svn.apache.org/viewvc/jackrabbit/oak/trunk/oak-auth-external/src/main/java/org/apache/jackrabbit/oak/spi/security/authentication/external/basic/DefaultSyncContext.java?rev=1830845=1830844=1830845=diff == --- jackrabbit/oak/trunk/oak-auth-external/src/main/java/org/apache/jackrabbit/oak/spi/security/authentication/external/basic/DefaultSyncContext.java (original) +++ jackrabbit/oak/trunk/oak-auth-external/src/main/java/org/apache/jackrabbit/oak/spi/security/authentication/external/basic/DefaultSyncContext.java Thu May 3 17:30:51 2018 @@ -549,27 +549,31 @@ public class DefaultSyncContext implemen } log.debug("- idp returned '{}'", extGroup.getId()); -Group grp; -Authorizable a = userManager.getAuthorizable(extGroup.getId()); -if (a == null) { -grp = createGroup(extGroup); -log.debug("- created new group"); -} else if (a.isGroup() && isSameIDP(a)) { -grp = (Group) a; -} else { -log.warn("Existing authorizable '{}' is not a group from this IDP '{}'.", extGroup.getId(), idp.getName()); -continue; +// mark group as processed +Group grp = declaredExternalGroups.remove(extGroup.getId()); +boolean exists = grp != null; + +if (!exists) { +Authorizable a = userManager.getAuthorizable(extGroup.getId()); +if (a == null) { +grp = createGroup(extGroup); +log.debug("- created new group"); +} else if (a.isGroup() && isSameIDP(a)) { +grp = (Group) a; +} else { +log.warn("Existing authorizable '{}' is not a group from this IDP '{}'.", extGroup.getId(), idp.getName()); +continue; +} +log.debug("- user manager returned '{}'", grp); } -log.debug("- user manager returned '{}'", grp); syncGroup(extGroup, grp); -// ensure membership -grp.addMember(auth); -log.debug("- added '{}' as member to '{}'", auth, grp); - -// remember the declared group -declaredExternalGroups.remove(grp.getID()); +if (!exists) { +// ensure membership +grp.addMember(auth); +log.debug("- added '{}' as member to '{}'", auth, grp); +} // recursively apply further membership if (depth > 1) {
svn commit: r1830821 - /jackrabbit/oak/trunk/oak-benchmarks/src/main/java/org/apache/jackrabbit/oak/benchmark/authentication/external/SyncAllUsersTest.java
Author: stillalex Date: Thu May 3 13:22:23 2018 New Revision: 1830821 URL: http://svn.apache.org/viewvc?rev=1830821=rev Log: OAK-7462 Benchmark for SynchronizationMBean#syncAllUsers - fixed assertions for the dynamic membership case Modified: jackrabbit/oak/trunk/oak-benchmarks/src/main/java/org/apache/jackrabbit/oak/benchmark/authentication/external/SyncAllUsersTest.java Modified: jackrabbit/oak/trunk/oak-benchmarks/src/main/java/org/apache/jackrabbit/oak/benchmark/authentication/external/SyncAllUsersTest.java URL: http://svn.apache.org/viewvc/jackrabbit/oak/trunk/oak-benchmarks/src/main/java/org/apache/jackrabbit/oak/benchmark/authentication/external/SyncAllUsersTest.java?rev=1830821=1830820=1830821=diff == --- jackrabbit/oak/trunk/oak-benchmarks/src/main/java/org/apache/jackrabbit/oak/benchmark/authentication/external/SyncAllUsersTest.java (original) +++ jackrabbit/oak/trunk/oak-benchmarks/src/main/java/org/apache/jackrabbit/oak/benchmark/authentication/external/SyncAllUsersTest.java Thu May 3 13:22:23 2018 @@ -33,15 +33,17 @@ import org.apache.jackrabbit.oak.spi.sec */ public class SyncAllUsersTest extends AbstractExternalTest { -private final int numberOfUsers; -private final int numberOfGroups; +private final int expectedUpdates; private SynchronizationMBean bean; public SyncAllUsersTest(int numberOfUsers, int numberOfGroups, long expTime, boolean dynamicMembership, @Nonnull List autoMembership) { super(numberOfUsers, numberOfGroups, expTime, dynamicMembership, autoMembership); -this.numberOfUsers = numberOfUsers; -this.numberOfGroups = numberOfGroups; +if (dynamicMembership) { +expectedUpdates = numberOfUsers; +} else { +expectedUpdates = numberOfUsers + numberOfGroups; +} } @Override @@ -60,6 +62,6 @@ public class SyncAllUsersTest extends Ab @Override protected void runTest() throws Exception { String[] ops = bean.syncAllUsers(true); -assertEquals(numberOfUsers + numberOfGroups, ops.length); +assertEquals(expectedUpdates, ops.length); } } \ No newline at end of file
svn commit: r1828971 - /jackrabbit/oak/trunk/oak-core/src/test/java/org/apache/jackrabbit/oak/AbstractSecurityTest.java
Author: stillalex Date: Thu Apr 12 11:33:31 2018 New Revision: 1828971 URL: http://svn.apache.org/viewvc?rev=1828971=rev Log: OAK-7340 Remove SecurityProviderImpl usage from tests Modified: jackrabbit/oak/trunk/oak-core/src/test/java/org/apache/jackrabbit/oak/AbstractSecurityTest.java Modified: jackrabbit/oak/trunk/oak-core/src/test/java/org/apache/jackrabbit/oak/AbstractSecurityTest.java URL: http://svn.apache.org/viewvc/jackrabbit/oak/trunk/oak-core/src/test/java/org/apache/jackrabbit/oak/AbstractSecurityTest.java?rev=1828971=1828970=1828971=diff == --- jackrabbit/oak/trunk/oak-core/src/test/java/org/apache/jackrabbit/oak/AbstractSecurityTest.java (original) +++ jackrabbit/oak/trunk/oak-core/src/test/java/org/apache/jackrabbit/oak/AbstractSecurityTest.java Thu Apr 12 11:33:31 2018 @@ -139,7 +139,10 @@ public abstract class AbstractSecurityTe } protected SecurityProvider initSecurityProvider() { -return SecurityProviderBuilder.newBuilder().with(getSecurityConfigParameters()).build(); +return SecurityProviderBuilder.newBuilder().with(getSecurityConfigParameters()) +.withRootProvider(rootProvider) +.withTreeProvider(treeProvider) +.build(); } protected Oak withEditors(Oak oak) {
svn commit: r1828765 - /jackrabbit/oak/trunk/oak-benchmarks/README.md
Author: stillalex Date: Mon Apr 9 19:03:12 2018 New Revision: 1828765 URL: http://svn.apache.org/viewvc?rev=1828765=rev Log: @trivial updated readme on how to run benchmarks Modified: jackrabbit/oak/trunk/oak-benchmarks/README.md Modified: jackrabbit/oak/trunk/oak-benchmarks/README.md URL: http://svn.apache.org/viewvc/jackrabbit/oak/trunk/oak-benchmarks/README.md?rev=1828765=1828764=1828765=diff == --- jackrabbit/oak/trunk/oak-benchmarks/README.md (original) +++ jackrabbit/oak/trunk/oak-benchmarks/README.md Mon Apr 9 19:03:12 2018 @@ -16,7 +16,7 @@ Benchmark mode The benchmark mode is used for executing various micro-benchmarks. It can be invoked like this: -$ java -jar oak-run-*.jar benchmark [options] [testcases] [fixtures] +$ java -jar oak-benchmarks-*.jar benchmark [options] [testcases] [fixtures] The following benchmark options (with default values) are currently supported: @@ -216,7 +216,7 @@ Scalability mode The scalability mode is used for executing various scalability suites to test the performance of various associated tests. It can be invoked like this: -$ java -jar oak-run-*.jar scalability [options] [suites] [fixtures] +$ java -jar oak-benchmarks-*.jar scalability [options] [suites] [fixtures] The following scalability options (with default values) are currently supported:
svn commit: r1828689 - in /jackrabbit/oak/trunk: oak-authorization-cug/src/main/java/org/apache/jackrabbit/oak/spi/security/authorization/cug/impl/ oak-authorization-cug/src/test/java/org/apache/jackr
Author: stillalex Date: Mon Apr 9 09:50:21 2018 New Revision: 1828689 URL: http://svn.apache.org/viewvc?rev=1828689=rev Log: OAK-7340 Remove SecurityProviderImpl usage from tests Modified: jackrabbit/oak/trunk/oak-authorization-cug/src/main/java/org/apache/jackrabbit/oak/spi/security/authorization/cug/impl/CugConfiguration.java jackrabbit/oak/trunk/oak-authorization-cug/src/test/java/org/apache/jackrabbit/oak/spi/security/authorization/cug/impl/CugSecurityProvider.java jackrabbit/oak/trunk/oak-core/src/test/java/org/apache/jackrabbit/oak/security/principal/PrincipalConfigurationImplTest.java jackrabbit/oak/trunk/oak-doc/src/site/markdown/security/authorization/composite.md jackrabbit/oak/trunk/oak-doc/src/site/markdown/security/authorization/cug.md jackrabbit/oak/trunk/oak-doc/src/site/markdown/security/authorization/restriction.md jackrabbit/oak/trunk/oak-doc/src/site/markdown/security/introduction.md jackrabbit/oak/trunk/oak-doc/src/site/markdown/security/user/authorizableaction.md jackrabbit/oak/trunk/oak-doc/src/site/markdown/security/user/authorizablenodename.md Modified: jackrabbit/oak/trunk/oak-authorization-cug/src/main/java/org/apache/jackrabbit/oak/spi/security/authorization/cug/impl/CugConfiguration.java URL: http://svn.apache.org/viewvc/jackrabbit/oak/trunk/oak-authorization-cug/src/main/java/org/apache/jackrabbit/oak/spi/security/authorization/cug/impl/CugConfiguration.java?rev=1828689=1828688=1828689=diff == --- jackrabbit/oak/trunk/oak-authorization-cug/src/main/java/org/apache/jackrabbit/oak/spi/security/authorization/cug/impl/CugConfiguration.java (original) +++ jackrabbit/oak/trunk/oak-authorization-cug/src/main/java/org/apache/jackrabbit/oak/spi/security/authorization/cug/impl/CugConfiguration.java Mon Apr 9 09:50:21 2018 @@ -192,13 +192,17 @@ public class CugConfiguration extends Co return CugContext.INSTANCE; } +@Override +public void setParameters(ConfigurationParameters config) { +super.setParameters(config); +supportedPaths = CugUtil.getSupportedPaths(config, mountInfoProvider); +} + //< SCR Integration >--- @SuppressWarnings("UnusedDeclaration") @Activate protected void activate(Map<String, Object> properties) { -ConfigurationParameters params = ConfigurationParameters.of(properties); -setParameters(params); -supportedPaths = CugUtil.getSupportedPaths(params, mountInfoProvider); +setParameters(ConfigurationParameters.of(properties)); } @SuppressWarnings("UnusedDeclaration") Modified: jackrabbit/oak/trunk/oak-authorization-cug/src/test/java/org/apache/jackrabbit/oak/spi/security/authorization/cug/impl/CugSecurityProvider.java URL: http://svn.apache.org/viewvc/jackrabbit/oak/trunk/oak-authorization-cug/src/test/java/org/apache/jackrabbit/oak/spi/security/authorization/cug/impl/CugSecurityProvider.java?rev=1828689=1828688=1828689=diff == --- jackrabbit/oak/trunk/oak-authorization-cug/src/test/java/org/apache/jackrabbit/oak/spi/security/authorization/cug/impl/CugSecurityProvider.java (original) +++ jackrabbit/oak/trunk/oak-authorization-cug/src/test/java/org/apache/jackrabbit/oak/spi/security/authorization/cug/impl/CugSecurityProvider.java Mon Apr 9 09:50:21 2018 @@ -33,7 +33,7 @@ final class CugSecurityProvider { CugConfiguration cugConfiguration = new CugConfiguration(); ConfigurationParameters params = configuration.getConfigValue(AuthorizationConfiguration.NAME, ConfigurationParameters.EMPTY); -cugConfiguration.activate(params); +cugConfiguration.setParameters(params); SecurityProvider sp = SecurityProviderBuilder.newBuilder().with(configuration).build(); SecurityProviderHelper.updateConfig(sp, cugConfiguration, AuthorizationConfiguration.class); Modified: jackrabbit/oak/trunk/oak-core/src/test/java/org/apache/jackrabbit/oak/security/principal/PrincipalConfigurationImplTest.java URL: http://svn.apache.org/viewvc/jackrabbit/oak/trunk/oak-core/src/test/java/org/apache/jackrabbit/oak/security/principal/PrincipalConfigurationImplTest.java?rev=1828689=1828688=1828689=diff == --- jackrabbit/oak/trunk/oak-core/src/test/java/org/apache/jackrabbit/oak/security/principal/PrincipalConfigurationImplTest.java (original) +++ jackrabbit/oak/trunk/oak-core/src/test/java/org/apache/jackrabbit/oak/security/principal/PrincipalConfigurationImplTest.java Mon Apr 9 09:50:21 2018 @@ -24,11 +24,16 @@ import org.apache.jackrabbit.api.securit import org.apache.jackrabbit.oak.AbstractSecurityTest; import org.apache.
svn commit: r1828529 - /jackrabbit/oak/trunk/oak-parent/pom.xml
Author: stillalex Date: Fri Apr 6 14:59:41 2018 New Revision: 1828529 URL: http://svn.apache.org/viewvc?rev=1828529=rev Log: OAK-7364 code coverage checks fail on Java 10 Modified: jackrabbit/oak/trunk/oak-parent/pom.xml Modified: jackrabbit/oak/trunk/oak-parent/pom.xml URL: http://svn.apache.org/viewvc/jackrabbit/oak/trunk/oak-parent/pom.xml?rev=1828529=1828528=1828529=diff == --- jackrabbit/oak/trunk/oak-parent/pom.xml (original) +++ jackrabbit/oak/trunk/oak-parent/pom.xml Fri Apr 6 14:59:41 2018 @@ -390,7 +390,7 @@ org.jacoco jacoco-maven-plugin - 0.7.9 + 0.8.1
svn commit: r1828445 - /jackrabbit/oak/trunk/oak-exercise/src/main/java/org/apache/jackrabbit/oak/exercise/security/authorization/models/readonly/ReadOnlyAuthorizationConfiguration.java
Author: stillalex Date: Thu Apr 5 15:29:49 2018 New Revision: 1828445 URL: http://svn.apache.org/viewvc?rev=1828445=rev Log: OAK-5122 Exercise for Custom Authorization Models - javadocs Modified: jackrabbit/oak/trunk/oak-exercise/src/main/java/org/apache/jackrabbit/oak/exercise/security/authorization/models/readonly/ReadOnlyAuthorizationConfiguration.java Modified: jackrabbit/oak/trunk/oak-exercise/src/main/java/org/apache/jackrabbit/oak/exercise/security/authorization/models/readonly/ReadOnlyAuthorizationConfiguration.java URL: http://svn.apache.org/viewvc/jackrabbit/oak/trunk/oak-exercise/src/main/java/org/apache/jackrabbit/oak/exercise/security/authorization/models/readonly/ReadOnlyAuthorizationConfiguration.java?rev=1828445=1828444=1828445=diff == --- jackrabbit/oak/trunk/oak-exercise/src/main/java/org/apache/jackrabbit/oak/exercise/security/authorization/models/readonly/ReadOnlyAuthorizationConfiguration.java (original) +++ jackrabbit/oak/trunk/oak-exercise/src/main/java/org/apache/jackrabbit/oak/exercise/security/authorization/models/readonly/ReadOnlyAuthorizationConfiguration.java Thu Apr 5 15:29:49 2018 @@ -74,7 +74,7 @@ import static org.apache.jackrabbit.oak. * This authorization module forms part of the training material provided by the * oak-exercise module and must not be used in a productive environment! * - * Overview + * Overview * This simplistic authorization model is limited to permission evaluation and * doesn't support access control management. * @@ -85,7 +85,7 @@ import static org.apache.jackrabbit.oak. * There exists a single exception to that rule: For the internal {@link SystemPrincipal} * permission evaluation is not enforced by this module i.e. this module is skipped. * - * Intended Usage + * Intended Usage * This authorization model is intended to be used in 'AND' combination with the * default authorization setup defined by Oak (and optionally additional models * such as e.g. oak-authorization-cug. @@ -93,14 +93,14 @@ import static org.apache.jackrabbit.oak. * It is not intended to be used as standalone model as it would grant full read * access to everyone. * - * Limitations + * Limitations * Experimental model for training purpose and not intended for usage in production. * - * Key Features + * Key Features * - * Access Control Management + * Access Control Management * - * + * * FeatureDescription * Supported Privilegesall * Supports Custom Privilegesyes @@ -111,25 +111,25 @@ import static org.apache.jackrabbit.oak. * Effective Policies by Principalsfor every set of principals a single effective policy of type {@link NamedAccessControlPolicy} * * - * Permission Evaluation + * Permission Evaluation * - * + * * FeatureDescription * Supported Permissionsall * Aggregated Permission Provideryes * * - * Representation in the Repository + * Representation in the Repository * * There exists no dedicated access control or permission content for this * authorization model as it doesn't persist any information into the repository. * {@link SecurityConfiguration#getContext()} therefore returns the {@link Context#DEFAULT default}. * - * Configuration + * Configuration * * This model doesn't come with any configuration options. * - * Installation Instructions + * Installation Instructions * * The following steps are required to install this authorization model in an OSGi based Oak setup. * @@ -142,7 +142,7 @@ import static org.apache.jackrabbit.oak. * make sure the 'Authorization Composition Type' is set to AND * * - * Wait for the {@link SecurityProvider} to be successfully registered again. + * Wait for the {@link org.apache.jackrabbit.oak.spi.security.SecurityProvider} to be successfully registered again. * * */
svn commit: r1828444 - /jackrabbit/oak/trunk/oak-segment-tar/src/main/java/org/apache/jackrabbit/oak/segment/SegmentNodeStoreStatsMBean.java
Author: stillalex Date: Thu Apr 5 15:28:12 2018 New Revision: 1828444 URL: http://svn.apache.org/viewvc?rev=1828444=rev Log: OAK-7384 SegmentNodeStoreStats should expose stats for previous minute per thread group - javadocs Modified: jackrabbit/oak/trunk/oak-segment-tar/src/main/java/org/apache/jackrabbit/oak/segment/SegmentNodeStoreStatsMBean.java Modified: jackrabbit/oak/trunk/oak-segment-tar/src/main/java/org/apache/jackrabbit/oak/segment/SegmentNodeStoreStatsMBean.java URL: http://svn.apache.org/viewvc/jackrabbit/oak/trunk/oak-segment-tar/src/main/java/org/apache/jackrabbit/oak/segment/SegmentNodeStoreStatsMBean.java?rev=1828444=1828443=1828444=diff == --- jackrabbit/oak/trunk/oak-segment-tar/src/main/java/org/apache/jackrabbit/oak/segment/SegmentNodeStoreStatsMBean.java (original) +++ jackrabbit/oak/trunk/oak-segment-tar/src/main/java/org/apache/jackrabbit/oak/segment/SegmentNodeStoreStatsMBean.java Thu Apr 5 15:28:12 2018 @@ -47,21 +47,21 @@ public interface SegmentNodeStoreStatsMB CompositeData getQueuingTimes(); /** - * @return tabular data of the form <commits,writerGroup> collected + * @return tabular data of the form commits,writerGroup collected * in the last minute * @throws OpenDataException if data is not available */ TabularData getCommitsCountPerWriterGroupLastMinute() throws OpenDataException; /** - * @return tabular data of the form <commits,writer> for writers + * @return tabular data of the form commits,writer for writers * not included in groups * @throws OpenDataException if data is not available */ TabularData getCommitsCountForOtherWriters() throws OpenDataException; /** - * @return tabular data of the form <writer,writerDetails> for each writer + * @return tabular data of the form writer,writerDetails for each writer * currently in the queue * @throws OpenDataException if data is not available */
svn commit: r1828443 - /jackrabbit/oak/trunk/oak-auth-external/src/main/java/org/apache/jackrabbit/oak/spi/security/authentication/external/impl/principal/ExternalPrincipalConfiguration.java
Author: stillalex Date: Thu Apr 5 15:26:48 2018 New Revision: 1828443 URL: http://svn.apache.org/viewvc?rev=1828443=rev Log: OAK-7024 java.security.acl deprecated in Java 10, marked for removal in Java 12 - more javadocs Modified: jackrabbit/oak/trunk/oak-auth-external/src/main/java/org/apache/jackrabbit/oak/spi/security/authentication/external/impl/principal/ExternalPrincipalConfiguration.java Modified: jackrabbit/oak/trunk/oak-auth-external/src/main/java/org/apache/jackrabbit/oak/spi/security/authentication/external/impl/principal/ExternalPrincipalConfiguration.java URL: http://svn.apache.org/viewvc/jackrabbit/oak/trunk/oak-auth-external/src/main/java/org/apache/jackrabbit/oak/spi/security/authentication/external/impl/principal/ExternalPrincipalConfiguration.java?rev=1828443=1828442=1828443=diff == --- jackrabbit/oak/trunk/oak-auth-external/src/main/java/org/apache/jackrabbit/oak/spi/security/authentication/external/impl/principal/ExternalPrincipalConfiguration.java (original) +++ jackrabbit/oak/trunk/oak-auth-external/src/main/java/org/apache/jackrabbit/oak/spi/security/authentication/external/impl/principal/ExternalPrincipalConfiguration.java Thu Apr 5 15:26:48 2018 @@ -69,7 +69,7 @@ import org.slf4j.LoggerFactory; /** * Implementation of the {@code PrincipalConfiguration} interface that provides - * principal management for {@link Group principals} associated with + * principal management for {@code Group principals} associated with * {@link org.apache.jackrabbit.oak.spi.security.authentication.external.ExternalIdentity external identities} * managed outside of the scope of the repository by an * {@link org.apache.jackrabbit.oak.spi.security.authentication.external.ExternalIdentityProvider}.
svn commit: r1828437 - /jackrabbit/oak/trunk/oak-security-spi/src/main/java/org/apache/jackrabbit/oak/spi/security/principal/PrincipalProvider.java
Author: stillalex Date: Thu Apr 5 14:30:11 2018 New Revision: 1828437 URL: http://svn.apache.org/viewvc?rev=1828437=rev Log: OAK-7024 java.security.acl deprecated in Java 10, marked for removal in Java 11 - fixed javadocs Modified: jackrabbit/oak/trunk/oak-security-spi/src/main/java/org/apache/jackrabbit/oak/spi/security/principal/PrincipalProvider.java Modified: jackrabbit/oak/trunk/oak-security-spi/src/main/java/org/apache/jackrabbit/oak/spi/security/principal/PrincipalProvider.java URL: http://svn.apache.org/viewvc/jackrabbit/oak/trunk/oak-security-spi/src/main/java/org/apache/jackrabbit/oak/spi/security/principal/PrincipalProvider.java?rev=1828437=1828436=1828437=diff == --- jackrabbit/oak/trunk/oak-security-spi/src/main/java/org/apache/jackrabbit/oak/spi/security/principal/PrincipalProvider.java (original) +++ jackrabbit/oak/trunk/oak-security-spi/src/main/java/org/apache/jackrabbit/oak/spi/security/principal/PrincipalProvider.java Thu Apr 5 14:30:11 2018 @@ -76,7 +76,7 @@ public interface PrincipalProvider { /** * Returns an iterator over all group principals for which the given * principal is either direct or indirect member of. Thus for any principal - * returned in the iterator {@link GroupPrincipal#isMember(Principal)} + * returned in the iterator {@link org.apache.jackrabbit.api.security.principal.GroupPrincipal#isMember(Principal)} * must return {@code true}. * * Example: @@ -85,7 +85,7 @@ public interface PrincipalProvider { * * @param principal the principal to return it's membership from. * @return an iterator returning all groups the given principal is member of. - * @see GroupPrincipal#isMember(java.security.Principal) + * @see org.apache.jackrabbit.api.security.principal.GroupPrincipal#isMember(java.security.Principal) */ @Nonnull default Set getMembershipPrincipals(@Nonnull Principal principal) {
svn commit: r1827509 - /jackrabbit/oak/trunk/oak-pojosr/src/test/groovy/org/apache/jackrabbit/oak/run/osgi/TokenAuthenticationTest.groovy
Author: stillalex Date: Thu Mar 22 15:20:41 2018 New Revision: 1827509 URL: http://svn.apache.org/viewvc?rev=1827509=rev Log: OAK-2155 TokenAuthenticationTest#tokenCreationWithPreAuth test failing repeatedly Modified: jackrabbit/oak/trunk/oak-pojosr/src/test/groovy/org/apache/jackrabbit/oak/run/osgi/TokenAuthenticationTest.groovy Modified: jackrabbit/oak/trunk/oak-pojosr/src/test/groovy/org/apache/jackrabbit/oak/run/osgi/TokenAuthenticationTest.groovy URL: http://svn.apache.org/viewvc/jackrabbit/oak/trunk/oak-pojosr/src/test/groovy/org/apache/jackrabbit/oak/run/osgi/TokenAuthenticationTest.groovy?rev=1827509=1827508=1827509=diff == --- jackrabbit/oak/trunk/oak-pojosr/src/test/groovy/org/apache/jackrabbit/oak/run/osgi/TokenAuthenticationTest.groovy (original) +++ jackrabbit/oak/trunk/oak-pojosr/src/test/groovy/org/apache/jackrabbit/oak/run/osgi/TokenAuthenticationTest.groovy Thu Mar 22 15:20:41 2018 @@ -38,16 +38,15 @@ import javax.security.auth.spi.LoginModu import static org.apache.jackrabbit.oak.run.osgi.OakOSGiRepositoryFactory.REPOSITORY_CONFIG_FILE -class TokenAuthenticationTest extends AbstractRepositoryFactoryTest{ +class TokenAuthenticationTest extends AbstractRepositoryFactoryTest { @Before void setupRepo(){ config[REPOSITORY_CONFIG_FILE] = createConfigValue("oak-base-config.json", "oak-tar-config.json") } -@Ignore @Test -public void tokenCreationWithPreAuth() throws Exception{ +public void tokenCreationWithPreAuth() throws Exception { repository = repositoryFactory.getRepository(config) registry.registerService(LoginModuleFactory.class.name, new PreAuthLoginModuleFactory(), [ 'jaas.controlFlag' : 'sufficient', @@ -58,7 +57,6 @@ class TokenAuthenticationTest extends Ab MyCredential myCred = new MyCredential("admin") Session session = repository.login(myCred) -//assert session.getAttribute(".token") assert myCred.getAttribute(".token") }
svn commit: r1827473 - in /jackrabbit/oak/trunk/oak-core/src/main/java/org/apache/jackrabbit/oak/security/internal: ConfigurationInitializer.java SecurityProviderBuilder.java
Author: stillalex Date: Thu Mar 22 09:51:43 2018 New Revision: 1827473 URL: http://svn.apache.org/viewvc?rev=1827473=rev Log: OAK-7354 Test failure ExternalIdentityImporterTest.importExternalUserWithPrincipalNames Modified: jackrabbit/oak/trunk/oak-core/src/main/java/org/apache/jackrabbit/oak/security/internal/ConfigurationInitializer.java jackrabbit/oak/trunk/oak-core/src/main/java/org/apache/jackrabbit/oak/security/internal/SecurityProviderBuilder.java Modified: jackrabbit/oak/trunk/oak-core/src/main/java/org/apache/jackrabbit/oak/security/internal/ConfigurationInitializer.java URL: http://svn.apache.org/viewvc/jackrabbit/oak/trunk/oak-core/src/main/java/org/apache/jackrabbit/oak/security/internal/ConfigurationInitializer.java?rev=1827473=1827472=1827473=diff == --- jackrabbit/oak/trunk/oak-core/src/main/java/org/apache/jackrabbit/oak/security/internal/ConfigurationInitializer.java (original) +++ jackrabbit/oak/trunk/oak-core/src/main/java/org/apache/jackrabbit/oak/security/internal/ConfigurationInitializer.java Thu Mar 22 09:51:43 2018 @@ -48,7 +48,7 @@ final class ConfigurationInitializer { return configuration; } -static void initializeConfigurations(@Nonnull CompositeConfiguration configuration, @Nonnull SecurityProvider securityProvider, +static void initializeConfigurations(@Nonnull CompositeConfiguration configuration, @Nonnull SecurityProvider securityProvider, @Nonnull ConfigurationParameters parameters, @Nonnull RootProvider rootProvider, @Nonnull TreeProvider treeProvider) { @@ -56,8 +56,8 @@ final class ConfigurationInitializer { configuration.setRootProvider(rootProvider); configuration.setTreeProvider(treeProvider); -List configs = configuration.getConfigurations(); -for (SecurityConfiguration config : configs) { +List configs = configuration.getConfigurations(); +for (T config : configs) { initializeConfiguration(config, securityProvider, parameters, rootProvider, treeProvider); } } Modified: jackrabbit/oak/trunk/oak-core/src/main/java/org/apache/jackrabbit/oak/security/internal/SecurityProviderBuilder.java URL: http://svn.apache.org/viewvc/jackrabbit/oak/trunk/oak-core/src/main/java/org/apache/jackrabbit/oak/security/internal/SecurityProviderBuilder.java?rev=1827473=1827472=1827473=diff == --- jackrabbit/oak/trunk/oak-core/src/main/java/org/apache/jackrabbit/oak/security/internal/SecurityProviderBuilder.java (original) +++ jackrabbit/oak/trunk/oak-core/src/main/java/org/apache/jackrabbit/oak/security/internal/SecurityProviderBuilder.java Thu Mar 22 09:51:43 2018 @@ -94,7 +94,7 @@ public class SecurityProviderBuilder { userParams = configuration.getConfigValue(UserConfiguration.NAME, EMPTY); } else { AuthorizableActionProvider authorizableActionProvider = new DefaultAuthorizableActionProvider(); -AuthorizableNodeName authorizableNodeName = new RandomAuthorizableNodeName(); +AuthorizableNodeName authorizableNodeName = AuthorizableNodeName.DEFAULT; UserAuthenticationFactory userAuthenticationFactory = UserConfigurationImpl .getDefaultAuthenticationFactory(); @@ -182,7 +182,8 @@ public class SecurityProviderBuilder { // authorization if (authorizationConfiguration == null) { authorizationConfiguration = new CompositeAuthorizationConfiguration(); -authorizationConfiguration.setDefaultConfig(new AuthorizationConfigurationImpl()); + authorizationConfiguration.setDefaultConfig(initializeConfiguration(new AuthorizationConfigurationImpl(), +securityProvider, rootProvider, treeProvider)); } initializeConfigurations(authorizationConfiguration, securityProvider, authorizationParams, rootProvider, treeProvider); @@ -191,7 +192,8 @@ public class SecurityProviderBuilder { // principal if (principalConfiguration == null) { principalConfiguration = new CompositePrincipalConfiguration(); -principalConfiguration.setDefaultConfig(new PrincipalConfigurationImpl()); + principalConfiguration.setDefaultConfig(initializeConfiguration(new PrincipalConfigurationImpl(), +securityProvider, rootProvider, treeProvider)); } initializeConfigurations(principalConfiguration, securityProvider, principalParams, rootProvider, treeProvider); securityProvider.setPrincipalConfiguration(principalConfiguration); @@ -199,12 +201,13 @@ public class SecurityProviderBuilder { // token
svn commit: r1827423 - in /jackrabbit/oak/trunk: oak-auth-ldap/pom.xml oak-security-spi/pom.xml
Author: stillalex Date: Wed Mar 21 17:29:22 2018 New Revision: 1827423 URL: http://svn.apache.org/viewvc?rev=1827423=rev Log: OAK-7366 update to mockito version compatible with jdk 10 Modified: jackrabbit/oak/trunk/oak-auth-ldap/pom.xml jackrabbit/oak/trunk/oak-security-spi/pom.xml Modified: jackrabbit/oak/trunk/oak-auth-ldap/pom.xml URL: http://svn.apache.org/viewvc/jackrabbit/oak/trunk/oak-auth-ldap/pom.xml?rev=1827423=1827422=1827423=diff == --- jackrabbit/oak/trunk/oak-auth-ldap/pom.xml (original) +++ jackrabbit/oak/trunk/oak-auth-ldap/pom.xml Wed Mar 21 17:29:22 2018 @@ -412,7 +412,7 @@ org.mockito mockito-core -2.11.0 +2.12.0 test Modified: jackrabbit/oak/trunk/oak-security-spi/pom.xml URL: http://svn.apache.org/viewvc/jackrabbit/oak/trunk/oak-security-spi/pom.xml?rev=1827423=1827422=1827423=diff == --- jackrabbit/oak/trunk/oak-security-spi/pom.xml (original) +++ jackrabbit/oak/trunk/oak-security-spi/pom.xml Wed Mar 21 17:29:22 2018 @@ -165,7 +165,7 @@ org.mockito mockito-core - 2.11.0 + 2.12.0 test
svn commit: r1827395 - in /jackrabbit/oak/trunk/oak-segment-azure: pom.xml src/test/java/org/apache/jackrabbit/oak/segment/azure/AzureGCJournalTest.java src/test/java/org/apache/jackrabbit/oak/segment
Author: stillalex Date: Wed Mar 21 09:25:30 2018 New Revision: 1827395 URL: http://svn.apache.org/viewvc?rev=1827395=rev Log: OAK-7355 Move the pluggable storage interfaces to the SPI package Modified: jackrabbit/oak/trunk/oak-segment-azure/pom.xml jackrabbit/oak/trunk/oak-segment-azure/src/test/java/org/apache/jackrabbit/oak/segment/azure/AzureGCJournalTest.java jackrabbit/oak/trunk/oak-segment-azure/src/test/java/org/apache/jackrabbit/oak/segment/azure/AzureManifestFileTest.java Modified: jackrabbit/oak/trunk/oak-segment-azure/pom.xml URL: http://svn.apache.org/viewvc/jackrabbit/oak/trunk/oak-segment-azure/pom.xml?rev=1827395=1827394=1827395=diff == --- jackrabbit/oak/trunk/oak-segment-azure/pom.xml (original) +++ jackrabbit/oak/trunk/oak-segment-azure/pom.xml Wed Mar 21 09:25:30 2018 @@ -63,6 +63,15 @@ + +org.apache.rat +apache-rat-plugin + + +start-azurite.sh + + + Modified: jackrabbit/oak/trunk/oak-segment-azure/src/test/java/org/apache/jackrabbit/oak/segment/azure/AzureGCJournalTest.java URL: http://svn.apache.org/viewvc/jackrabbit/oak/trunk/oak-segment-azure/src/test/java/org/apache/jackrabbit/oak/segment/azure/AzureGCJournalTest.java?rev=1827395=1827394=1827395=diff == --- jackrabbit/oak/trunk/oak-segment-azure/src/test/java/org/apache/jackrabbit/oak/segment/azure/AzureGCJournalTest.java (original) +++ jackrabbit/oak/trunk/oak-segment-azure/src/test/java/org/apache/jackrabbit/oak/segment/azure/AzureGCJournalTest.java Wed Mar 21 09:25:30 2018 @@ -1,3 +1,21 @@ +/* + * Licensed to the Apache Software Foundation (ASF) under one + * or more contributor license agreements. See the NOTICE file + * distributed with this work for additional information + * regarding copyright ownership. The ASF licenses this file + * to you under the Apache License, Version 2.0 (the + * "License"); you may not use this file except in compliance + * with the License. You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, + * software distributed under the License is distributed on an + * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY + * KIND, either express or implied. See the License for the + * specific language governing permissions and limitations + * under the License. + */ package org.apache.jackrabbit.oak.segment.azure; import com.microsoft.azure.storage.StorageException; Modified: jackrabbit/oak/trunk/oak-segment-azure/src/test/java/org/apache/jackrabbit/oak/segment/azure/AzureManifestFileTest.java URL: http://svn.apache.org/viewvc/jackrabbit/oak/trunk/oak-segment-azure/src/test/java/org/apache/jackrabbit/oak/segment/azure/AzureManifestFileTest.java?rev=1827395=1827394=1827395=diff == --- jackrabbit/oak/trunk/oak-segment-azure/src/test/java/org/apache/jackrabbit/oak/segment/azure/AzureManifestFileTest.java (original) +++ jackrabbit/oak/trunk/oak-segment-azure/src/test/java/org/apache/jackrabbit/oak/segment/azure/AzureManifestFileTest.java Wed Mar 21 09:25:30 2018 @@ -1,3 +1,21 @@ +/* + * Licensed to the Apache Software Foundation (ASF) under one + * or more contributor license agreements. See the NOTICE file + * distributed with this work for additional information + * regarding copyright ownership. The ASF licenses this file + * to you under the Apache License, Version 2.0 (the + * "License"); you may not use this file except in compliance + * with the License. You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, + * software distributed under the License is distributed on an + * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY + * KIND, either express or implied. See the License for the + * specific language governing permissions and limitations + * under the License. + */ package org.apache.jackrabbit.oak.segment.azure; import com.microsoft.azure.storage.StorageException;
svn commit: r1827304 - /jackrabbit/oak/trunk/oak-upgrade/src/main/java/org/apache/jackrabbit/oak/upgrade/RepositoryUpgrade.java
Author: stillalex Date: Tue Mar 20 12:43:05 2018 New Revision: 1827304 URL: http://svn.apache.org/viewvc?rev=1827304=rev Log: OAK-6956 RepositoryUpgrade hardcodes SecurityProvider Modified: jackrabbit/oak/trunk/oak-upgrade/src/main/java/org/apache/jackrabbit/oak/upgrade/RepositoryUpgrade.java Modified: jackrabbit/oak/trunk/oak-upgrade/src/main/java/org/apache/jackrabbit/oak/upgrade/RepositoryUpgrade.java URL: http://svn.apache.org/viewvc/jackrabbit/oak/trunk/oak-upgrade/src/main/java/org/apache/jackrabbit/oak/upgrade/RepositoryUpgrade.java?rev=1827304=1827303=1827304=diff == --- jackrabbit/oak/trunk/oak-upgrade/src/main/java/org/apache/jackrabbit/oak/upgrade/RepositoryUpgrade.java (original) +++ jackrabbit/oak/trunk/oak-upgrade/src/main/java/org/apache/jackrabbit/oak/upgrade/RepositoryUpgrade.java Tue Mar 20 12:43:05 2018 @@ -106,7 +106,7 @@ import org.apache.jackrabbit.oak.plugins import org.apache.jackrabbit.oak.InitialContent; import org.apache.jackrabbit.oak.plugins.nodetype.write.ReadWriteNodeTypeManager; import org.apache.jackrabbit.oak.plugins.value.jcr.ValueFactoryImpl; -import org.apache.jackrabbit.oak.security.SecurityProviderImpl; +import org.apache.jackrabbit.oak.security.internal.SecurityProviderBuilder; import org.apache.jackrabbit.oak.spi.commit.CommitHook; import org.apache.jackrabbit.oak.spi.commit.CommitInfo; import org.apache.jackrabbit.oak.spi.commit.CompositeEditorProvider; @@ -118,6 +118,7 @@ import org.apache.jackrabbit.oak.spi.lif import org.apache.jackrabbit.oak.spi.lifecycle.WorkspaceInitializer; import org.apache.jackrabbit.oak.spi.security.ConfigurationParameters; import org.apache.jackrabbit.oak.spi.security.SecurityConfiguration; +import org.apache.jackrabbit.oak.spi.security.SecurityProvider; import org.apache.jackrabbit.oak.spi.security.privilege.PrivilegeBits; import org.apache.jackrabbit.oak.spi.security.privilege.PrivilegeConfiguration; import org.apache.jackrabbit.oak.spi.security.user.UserConfiguration; @@ -414,8 +415,8 @@ public class RepositoryUpgrade { String workspaceName = source.getRepositoryConfig().getDefaultWorkspaceName(); -SecurityProviderImpl security = new SecurityProviderImpl( -mapSecurityConfig(config.getSecurityConfig())); +SecurityProvider security = SecurityProviderBuilder.newBuilder() + .with(mapSecurityConfig(config.getSecurityConfig())).build(); if (skipInitialization) { logger.info("Skipping the repository initialization");
svn commit: r1827296 - in /jackrabbit/oak/trunk: oak-auth-external/src/main/java/org/apache/jackrabbit/oak/spi/security/authentication/external/impl/principal/ oak-core/src/main/java/org/apache/jackra
Author: stillalex Date: Tue Mar 20 11:31:56 2018 New Revision: 1827296 URL: http://svn.apache.org/viewvc?rev=1827296=rev Log: OAK-7024 java.security.acl deprecated in Java 10, marked for removal in Java 11 - reintroduced Group implementation for backwards compatibility reasons Modified: jackrabbit/oak/trunk/oak-auth-external/src/main/java/org/apache/jackrabbit/oak/spi/security/authentication/external/impl/principal/ExternalGroupPrincipalProvider.java jackrabbit/oak/trunk/oak-core/src/main/java/org/apache/jackrabbit/oak/security/user/AbstractGroupPrincipal.java Modified: jackrabbit/oak/trunk/oak-auth-external/src/main/java/org/apache/jackrabbit/oak/spi/security/authentication/external/impl/principal/ExternalGroupPrincipalProvider.java URL: http://svn.apache.org/viewvc/jackrabbit/oak/trunk/oak-auth-external/src/main/java/org/apache/jackrabbit/oak/spi/security/authentication/external/impl/principal/ExternalGroupPrincipalProvider.java?rev=1827296=1827295=1827296=diff == --- jackrabbit/oak/trunk/oak-auth-external/src/main/java/org/apache/jackrabbit/oak/spi/security/authentication/external/impl/principal/ExternalGroupPrincipalProvider.java (original) +++ jackrabbit/oak/trunk/oak-auth-external/src/main/java/org/apache/jackrabbit/oak/spi/security/authentication/external/impl/principal/ExternalGroupPrincipalProvider.java Tue Mar 20 11:31:56 2018 @@ -272,7 +272,7 @@ class ExternalGroupPrincipalProvider imp * identities that are not represented as authorizable group * in the repository's user management. */ -private final class ExternalGroupPrincipal extends PrincipalImpl implements GroupPrincipal { +private final class ExternalGroupPrincipal extends PrincipalImpl implements GroupPrincipal, java.security.acl.Group { private ExternalGroupPrincipal(String principalName) { super(principalName); @@ -280,6 +280,24 @@ class ExternalGroupPrincipalProvider imp } @Override +public boolean addMember(Principal user) { +if (isMember(user)) { +return false; +} else { +throw new UnsupportedOperationException("Adding members to external group principals is not supported."); +} +} + +@Override +public boolean removeMember(Principal user) { +if (!isMember(user)) { +return false; +} else { +throw new UnsupportedOperationException("Removing members from external group principals is not supported."); +} +} + +@Override public boolean isMember(Principal member) { if (GroupPrincipals.isGroup(member)) { return false; Modified: jackrabbit/oak/trunk/oak-core/src/main/java/org/apache/jackrabbit/oak/security/user/AbstractGroupPrincipal.java URL: http://svn.apache.org/viewvc/jackrabbit/oak/trunk/oak-core/src/main/java/org/apache/jackrabbit/oak/security/user/AbstractGroupPrincipal.java?rev=1827296=1827295=1827296=diff == --- jackrabbit/oak/trunk/oak-core/src/main/java/org/apache/jackrabbit/oak/security/user/AbstractGroupPrincipal.java (original) +++ jackrabbit/oak/trunk/oak-core/src/main/java/org/apache/jackrabbit/oak/security/user/AbstractGroupPrincipal.java Tue Mar 20 11:31:56 2018 @@ -38,7 +38,7 @@ import org.slf4j.LoggerFactory; /** * Base class for {@code Group} principals. */ -abstract class AbstractGroupPrincipal extends TreeBasedPrincipal implements GroupPrincipal { +abstract class AbstractGroupPrincipal extends TreeBasedPrincipal implements GroupPrincipal, java.security.acl.Group { private static final Logger log = LoggerFactory.getLogger(AbstractGroupPrincipal.class); @@ -112,4 +112,13 @@ abstract class AbstractGroupPrincipal ex return Iterators.asEnumeration(Iterators.filter(principals, Predicates.notNull())); } +@Override +public boolean addMember(Principal principal) { +throw new UnsupportedOperationException(); +} + +@Override +public boolean removeMember(Principal principal) { +throw new UnsupportedOperationException(); +} }
svn commit: r1827287 - /jackrabbit/oak/trunk/oak-auth-external/src/test/java/org/apache/jackrabbit/oak/spi/security/authentication/external/impl/principal/ExternalIdentityImporterTest.java
Author: stillalex Date: Tue Mar 20 10:10:17 2018 New Revision: 1827287 URL: http://svn.apache.org/viewvc?rev=1827287=rev Log: OAK-7354 Test failure ExternalIdentityImporterTest.importExternalUserWithPrincipalNames - refactor repo creation Modified: jackrabbit/oak/trunk/oak-auth-external/src/test/java/org/apache/jackrabbit/oak/spi/security/authentication/external/impl/principal/ExternalIdentityImporterTest.java Modified: jackrabbit/oak/trunk/oak-auth-external/src/test/java/org/apache/jackrabbit/oak/spi/security/authentication/external/impl/principal/ExternalIdentityImporterTest.java URL: http://svn.apache.org/viewvc/jackrabbit/oak/trunk/oak-auth-external/src/test/java/org/apache/jackrabbit/oak/spi/security/authentication/external/impl/principal/ExternalIdentityImporterTest.java?rev=1827287=1827286=1827287=diff == --- jackrabbit/oak/trunk/oak-auth-external/src/test/java/org/apache/jackrabbit/oak/spi/security/authentication/external/impl/principal/ExternalIdentityImporterTest.java (original) +++ jackrabbit/oak/trunk/oak-auth-external/src/test/java/org/apache/jackrabbit/oak/spi/security/authentication/external/impl/principal/ExternalIdentityImporterTest.java Tue Mar 20 10:10:17 2018 @@ -37,8 +37,6 @@ import org.apache.jackrabbit.oak.spi.sec import org.apache.jackrabbit.oak.spi.security.authentication.external.TestSecurityProvider; import org.apache.jackrabbit.oak.spi.security.authentication.external.impl.ExternalIdentityConstants; import org.apache.jackrabbit.oak.spi.security.user.UserConstants; -import org.junit.After; -import org.junit.Before; import org.junit.Test; import static org.junit.Assert.assertFalse; @@ -71,11 +69,8 @@ public class ExternalIdentityImporterTes " 2016-05-03T10:03:08.061+02:00" + ""; -private Repository repo; - -@Before -public void before() throws Exception { -SecurityProvider securityProvider = TestSecurityProvider.newTestSecurityProvider(getConfigurationParameters(), +private Repository createRepo() throws Exception { +SecurityProvider securityProvider = TestSecurityProvider.newTestSecurityProvider(ConfigurationParameters.EMPTY, new ExternalPrincipalConfiguration()); QueryEngineSettings queryEngineSettings = new QueryEngineSettings(); queryEngineSettings.setFailTraversal(true); @@ -83,22 +78,16 @@ public class ExternalIdentityImporterTes Jcr jcr = new Jcr(); jcr.with(securityProvider); jcr.with(queryEngineSettings); -repo = jcr.createRepository(); +return jcr.createRepository(); } -@After -public void after() throws Exception { -if (repo instanceof JackrabbitRepository) { +private static void shutdown(Repository repo) throws Exception { +if (repo != null && repo instanceof JackrabbitRepository) { ((JackrabbitRepository) repo).shutdown(); } } -@Nonnull -ConfigurationParameters getConfigurationParameters() { -return ConfigurationParameters.EMPTY; -} - -Session createSession(boolean isSystem) throws Exception { +Session createSession(Repository repo, boolean isSystem) throws Exception { if (isSystem) { return Subject.doAs(SystemSubject.INSTANCE, new PrivilegedExceptionAction() { @Override @@ -140,9 +129,11 @@ public class ExternalIdentityImporterTes @Test public void importExternalUser() throws Exception { +Repository repo = null; Session s = null; try { -s = createSession(false); +repo = createRepo(); +s = createSession(repo, false); Node parent = doImport(s, UserConstants.DEFAULT_USER_PATH, XML_EXTERNAL_USER); assertHasProperties(parent.getNode("t"), ExternalIdentityConstants.REP_EXTERNAL_ID, ExternalIdentityConstants.REP_LAST_SYNCED); @@ -151,14 +142,17 @@ public class ExternalIdentityImporterTes if (s != null) { s.logout(); } +shutdown(repo); } } @Test public void importExternalUserAsSystem() throws Exception { +Repository repo = null; Session s = null; try { -s = createSession(true); +repo = createRepo(); +s = createSession(repo, true); Node parent = doImport(s, UserConstants.DEFAULT_USER_PATH, XML_EXTERNAL_USER); assertHasProperties(parent.getNode("t"), ExternalIdentityConstants.REP_EXTERNAL_ID, ExternalIdentityConstants.REP_LAST_SYNCED); @@ -167,14 +161,17 @@ public class ExternalIdentityImporterTes if (s != null) { s.logout(); } +shutdown(repo); } } @Test public vo
svn commit: r1827239 [2/2] - in /jackrabbit/oak/trunk: oak-auth-external/src/main/java/org/apache/jackrabbit/oak/spi/security/authentication/external/impl/principal/ oak-auth-external/src/test/java/or
Added: jackrabbit/oak/trunk/oak-security-spi/src/main/java/org/apache/jackrabbit/oak/spi/security/principal/GroupPrincipals.java URL: http://svn.apache.org/viewvc/jackrabbit/oak/trunk/oak-security-spi/src/main/java/org/apache/jackrabbit/oak/spi/security/principal/GroupPrincipals.java?rev=1827239=auto == --- jackrabbit/oak/trunk/oak-security-spi/src/main/java/org/apache/jackrabbit/oak/spi/security/principal/GroupPrincipals.java (added) +++ jackrabbit/oak/trunk/oak-security-spi/src/main/java/org/apache/jackrabbit/oak/spi/security/principal/GroupPrincipals.java Mon Mar 19 20:08:56 2018 @@ -0,0 +1,112 @@ +/* + * Licensed to the Apache Software Foundation (ASF) under one or more + * contributor license agreements. See the NOTICE file distributed with + * this work for additional information regarding copyright ownership. + * The ASF licenses this file to You under the Apache License, Version 2.0 + * (the "License"); you may not use this file except in compliance with + * the License. You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ +package org.apache.jackrabbit.oak.spi.security.principal; + +import java.security.Principal; +import java.security.acl.Group; +import java.util.Collections; +import java.util.Enumeration; +import java.util.Iterator; +import java.util.Set; + +import javax.annotation.Nonnull; + +import org.apache.jackrabbit.api.security.principal.GroupPrincipal; + +import com.google.common.base.Function; +import com.google.common.collect.ImmutableSet; +import com.google.common.collect.Iterators; + +/** + * Helper class to deal with the migration between the 2 types of groups + * + */ +public final class GroupPrincipals { + +private static final GroupTransformer TRANSFORMER = new GroupTransformer(); + +private GroupPrincipals() { +} + +/** + * Checks if the provided principal is a group. + * + * @param principal + *to be checked. + * + * @return true if the principal is of type group. + */ +public static boolean isGroup(@Nonnull Principal principal) { +return principal instanceof Group || principal instanceof GroupPrincipal; +} + +/** + * Returns an enumeration of the members in the group. + * @param principal the principal whose membership is listed. + * @return an enumeration of the group members. + */ +public static Enumeration members(@Nonnull Principal principal) { +if (principal instanceof Group) { +return ((Group) principal).members(); +} +if (principal instanceof GroupPrincipal) { +return ((GroupPrincipal) principal).members(); +} +return Collections.emptyEnumeration(); +} + +/** + * Returns true if the passed principal is a member of the group. + * @param principal the principal whose members are being checked. + * @param member the principal whose membership is to be checked. + * @return true if the principal is a member of this group, false otherwise. + */ +public static boolean isMember(@Nonnull Principal principal, @Nonnull Principal member) { +if (principal instanceof Group) { +return ((Group) principal).isMember(member); +} +if (principal instanceof GroupPrincipal) { +return ((GroupPrincipal) principal).isMember(member); +} +return false; +} + +public static Set transform(Set groups) { +ImmutableSet.Builder g2 = ImmutableSet.builder(); +for (Group g : groups) { +g2.add(new GroupPrincipalWrapper(g)); +} +return g2.build(); +} + +public static Enumeration transform(Enumeration members) { +Iterator m2 = Iterators.transform(Iterators.forEnumeration(members), TRANSFORMER); +return Iterators.asEnumeration(m2); +} + +private static class GroupTransformer implements Function{ + +@Override +public Principal apply(Principal input) { +if (input instanceof Group) { +return new GroupPrincipalWrapper((Group) input); +} else { +return input; +} +} +} +} Propchange: jackrabbit/oak/trunk/oak-security-spi/src/main/java/org/apache/jackrabbit/oak/spi/security/principal/GroupPrincipals.java -- svn:eol-style = native Modified:
svn commit: r1827239 [1/2] - in /jackrabbit/oak/trunk: oak-auth-external/src/main/java/org/apache/jackrabbit/oak/spi/security/authentication/external/impl/principal/ oak-auth-external/src/test/java/or
Author: stillalex Date: Mon Mar 19 20:08:56 2018 New Revision: 1827239 URL: http://svn.apache.org/viewvc?rev=1827239=rev Log: OAK-7024 java.security.acl deprecated in Java 10, marked for removal in Java 11 Added: jackrabbit/oak/trunk/oak-security-spi/src/main/java/org/apache/jackrabbit/oak/spi/security/principal/GroupPrincipalWrapper.java (with props) jackrabbit/oak/trunk/oak-security-spi/src/main/java/org/apache/jackrabbit/oak/spi/security/principal/GroupPrincipals.java (with props) jackrabbit/oak/trunk/oak-security-spi/src/test/java/org/apache/jackrabbit/oak/spi/security/principal/GroupPrincipalsTest.java (with props) Modified: jackrabbit/oak/trunk/oak-auth-external/src/main/java/org/apache/jackrabbit/oak/spi/security/authentication/external/impl/principal/ExternalGroupPrincipalProvider.java jackrabbit/oak/trunk/oak-auth-external/src/main/java/org/apache/jackrabbit/oak/spi/security/authentication/external/impl/principal/ExternalPrincipalConfiguration.java jackrabbit/oak/trunk/oak-auth-external/src/test/java/org/apache/jackrabbit/oak/spi/security/authentication/external/impl/principal/AbstractPrincipalTest.java jackrabbit/oak/trunk/oak-auth-external/src/test/java/org/apache/jackrabbit/oak/spi/security/authentication/external/impl/principal/ExternalGroupPrincipalProviderTest.java jackrabbit/oak/trunk/oak-auth-external/src/test/java/org/apache/jackrabbit/oak/spi/security/authentication/external/impl/principal/ExternalGroupPrincipalTest.java jackrabbit/oak/trunk/oak-auth-external/src/test/java/org/apache/jackrabbit/oak/spi/security/authentication/external/impl/principal/PrincipalProviderAutoMembershipTest.java jackrabbit/oak/trunk/oak-auth-external/src/test/java/org/apache/jackrabbit/oak/spi/security/authentication/external/impl/principal/PrincipalProviderDeepNestingTest.java jackrabbit/oak/trunk/oak-core/src/main/java/org/apache/jackrabbit/oak/security/authorization/permission/CompiledPermissionImpl.java jackrabbit/oak/trunk/oak-core/src/main/java/org/apache/jackrabbit/oak/security/principal/PrincipalProviderImpl.java jackrabbit/oak/trunk/oak-core/src/main/java/org/apache/jackrabbit/oak/security/user/AbstractGroupPrincipal.java jackrabbit/oak/trunk/oak-core/src/main/java/org/apache/jackrabbit/oak/security/user/ImpersonationImpl.java jackrabbit/oak/trunk/oak-core/src/main/java/org/apache/jackrabbit/oak/security/user/UserPrincipalProvider.java jackrabbit/oak/trunk/oak-core/src/test/java/org/apache/jackrabbit/oak/security/authorization/accesscontrol/ACLTest.java jackrabbit/oak/trunk/oak-core/src/test/java/org/apache/jackrabbit/oak/security/principal/AbstractPrincipalProviderTest.java jackrabbit/oak/trunk/oak-core/src/test/java/org/apache/jackrabbit/oak/security/principal/PrincipalProviderImplTest.java jackrabbit/oak/trunk/oak-core/src/test/java/org/apache/jackrabbit/oak/security/user/AbstractGroupPrincipalTest.java jackrabbit/oak/trunk/oak-core/src/test/java/org/apache/jackrabbit/oak/security/user/ImpersonationImplEmptyTest.java jackrabbit/oak/trunk/oak-core/src/test/java/org/apache/jackrabbit/oak/security/user/UserPrincipalProviderTest.java jackrabbit/oak/trunk/oak-core/src/test/java/org/apache/jackrabbit/oak/security/user/UserPrincipalProviderWithCacheTest.java jackrabbit/oak/trunk/oak-exercise/src/main/java/org/apache/jackrabbit/oak/exercise/security/principal/CustomPrincipalProvider.java jackrabbit/oak/trunk/oak-exercise/src/test/java/org/apache/jackrabbit/oak/exercise/security/authorization/permission/L3_PrecedenceRulesTest.java jackrabbit/oak/trunk/oak-exercise/src/test/java/org/apache/jackrabbit/oak/exercise/security/principal/L3_EveryoneTest.java jackrabbit/oak/trunk/oak-jcr/src/test/java/org/apache/jackrabbit/oak/jcr/security/principal/PrincipalManagerTest.java jackrabbit/oak/trunk/oak-jcr/src/test/java/org/apache/jackrabbit/oak/jcr/security/user/EveryoneGroupTest.java jackrabbit/oak/trunk/oak-jcr/src/test/java/org/apache/jackrabbit/oak/jcr/security/user/GroupTest.java jackrabbit/oak/trunk/oak-security-spi/pom.xml jackrabbit/oak/trunk/oak-security-spi/src/main/java/org/apache/jackrabbit/oak/spi/security/authentication/AbstractLoginModule.java jackrabbit/oak/trunk/oak-security-spi/src/main/java/org/apache/jackrabbit/oak/spi/security/principal/CompositePrincipalProvider.java jackrabbit/oak/trunk/oak-security-spi/src/main/java/org/apache/jackrabbit/oak/spi/security/principal/EmptyPrincipalProvider.java jackrabbit/oak/trunk/oak-security-spi/src/main/java/org/apache/jackrabbit/oak/spi/security/principal/EveryonePrincipal.java jackrabbit/oak/trunk/oak-security-spi/src/main/java/org/apache/jackrabbit/oak/spi/security/principal/PrincipalManagerImpl.java jackrabbit/oak/trunk/oak-security-spi/src/main/java/org/apache/jackrabbit/oak/spi/security/principal/PrincipalProvider.java jackrabbit/oak/trunk/oak-security-spi/src/main
svn commit: r1827181 - /jackrabbit/oak/trunk/oak-auth-external/src/test/java/org/apache/jackrabbit/oak/spi/security/authentication/external/impl/principal/ExternalIdentityImporterTest.java
Author: stillalex Date: Mon Mar 19 09:40:58 2018 New Revision: 1827181 URL: http://svn.apache.org/viewvc?rev=1827181=rev Log: OAK-7354 Test failure ExternalIdentityImporterTest.importExternalUserWithPrincipalNames Modified: jackrabbit/oak/trunk/oak-auth-external/src/test/java/org/apache/jackrabbit/oak/spi/security/authentication/external/impl/principal/ExternalIdentityImporterTest.java Modified: jackrabbit/oak/trunk/oak-auth-external/src/test/java/org/apache/jackrabbit/oak/spi/security/authentication/external/impl/principal/ExternalIdentityImporterTest.java URL: http://svn.apache.org/viewvc/jackrabbit/oak/trunk/oak-auth-external/src/test/java/org/apache/jackrabbit/oak/spi/security/authentication/external/impl/principal/ExternalIdentityImporterTest.java?rev=1827181=1827180=1827181=diff == --- jackrabbit/oak/trunk/oak-auth-external/src/test/java/org/apache/jackrabbit/oak/spi/security/authentication/external/impl/principal/ExternalIdentityImporterTest.java (original) +++ jackrabbit/oak/trunk/oak-auth-external/src/test/java/org/apache/jackrabbit/oak/spi/security/authentication/external/impl/principal/ExternalIdentityImporterTest.java Mon Mar 19 09:40:58 2018 @@ -29,7 +29,6 @@ import javax.jcr.SimpleCredentials; import javax.security.auth.Subject; import org.apache.jackrabbit.api.JackrabbitRepository; -import org.apache.jackrabbit.api.JackrabbitSession; import org.apache.jackrabbit.oak.jcr.Jcr; import org.apache.jackrabbit.oak.query.QueryEngineSettings; import org.apache.jackrabbit.oak.spi.security.ConfigurationParameters; @@ -73,12 +72,10 @@ public class ExternalIdentityImporterTes ""; private Repository repo; -private SecurityProvider securityProvider; -private JackrabbitSession session; @Before public void before() throws Exception { -securityProvider = TestSecurityProvider.newTestSecurityProvider(getConfigurationParameters(), +SecurityProvider securityProvider = TestSecurityProvider.newTestSecurityProvider(getConfigurationParameters(), new ExternalPrincipalConfiguration()); QueryEngineSettings queryEngineSettings = new QueryEngineSettings(); queryEngineSettings.setFailTraversal(true); @@ -91,14 +88,8 @@ public class ExternalIdentityImporterTes @After public void after() throws Exception { -try { -if (session != null) { -session.logout(); -} -} finally { -if (repo instanceof JackrabbitRepository) { -((JackrabbitRepository) repo).shutdown(); -} +if (repo instanceof JackrabbitRepository) { +((JackrabbitRepository) repo).shutdown(); } } @@ -107,18 +98,17 @@ public class ExternalIdentityImporterTes return ConfigurationParameters.EMPTY; } -JackrabbitSession createSession(boolean isSystem) throws Exception { +Session createSession(boolean isSystem) throws Exception { if (isSystem) { -session = (JackrabbitSession) Subject.doAs(SystemSubject.INSTANCE, new PrivilegedExceptionAction() { +return Subject.doAs(SystemSubject.INSTANCE, new PrivilegedExceptionAction() { @Override public Session run() throws RepositoryException { return repo.login(null, null); } }); } else { -session = (JackrabbitSession) repo.login(new SimpleCredentials(UserConstants.DEFAULT_ADMIN_ID, UserConstants.DEFAULT_ADMIN_ID.toCharArray())); +return repo.login(new SimpleCredentials(UserConstants.DEFAULT_ADMIN_ID, UserConstants.DEFAULT_ADMIN_ID.toCharArray())); } -return session; } Node doImport(Session importSession, String parentPath, String xml) throws Exception { @@ -150,28 +140,66 @@ public class ExternalIdentityImporterTes @Test public void importExternalUser() throws Exception { -Node parent = doImport(createSession(false), UserConstants.DEFAULT_USER_PATH, XML_EXTERNAL_USER); -assertHasProperties(parent.getNode("t"), ExternalIdentityConstants.REP_EXTERNAL_ID, ExternalIdentityConstants.REP_LAST_SYNCED); -assertNotHasProperties(parent.getNode("t"), ExternalIdentityConstants.REP_EXTERNAL_PRINCIPAL_NAMES); +Session s = null; +try { +s = createSession(false); +Node parent = doImport(s, UserConstants.DEFAULT_USER_PATH, XML_EXTERNAL_USER); +assertHasProperties(parent.getNode("t"), ExternalIdentityConstants.REP_EXTERNAL_ID, +ExternalIdentityConstants.REP_LAST_SYNCED); +assertNotHasProperties(parent.getNode("t"), ExternalIdentityConstants.REP_EXTERNAL_PRINCIPAL_NAMES); +} finally { +
svn commit: r1826984 - in /jackrabbit/oak/trunk: oak-auth-external/src/test/java/org/apache/jackrabbit/oak/spi/security/authentication/external/ oak-authorization-cug/src/test/java/org/apache/jackrabb
Author: stillalex Date: Fri Mar 16 13:05:46 2018 New Revision: 1826984 URL: http://svn.apache.org/viewvc?rev=1826984=rev Log: OAK-7340 Remove SecurityProviderImpl usage from tests Added: jackrabbit/oak/trunk/oak-core/src/main/java/org/apache/jackrabbit/oak/security/internal/SecurityProviderBuilder.java (with props) jackrabbit/oak/trunk/oak-core/src/test/java/org/apache/jackrabbit/oak/security/internal/SecurityProviderHelper.java (with props) Removed: jackrabbit/oak/trunk/oak-core/src/test/java/org/apache/jackrabbit/oak/security/internal/SecurityProviderBuilder.java Modified: jackrabbit/oak/trunk/oak-auth-external/src/test/java/org/apache/jackrabbit/oak/spi/security/authentication/external/TestSecurityProvider.java jackrabbit/oak/trunk/oak-authorization-cug/src/test/java/org/apache/jackrabbit/oak/spi/security/authorization/cug/impl/CugSecurityProvider.java jackrabbit/oak/trunk/oak-benchmarks/src/main/java/org/apache/jackrabbit/oak/benchmark/AbstractLoginTest.java jackrabbit/oak/trunk/oak-benchmarks/src/main/java/org/apache/jackrabbit/oak/benchmark/AddMembersTest.java jackrabbit/oak/trunk/oak-benchmarks/src/main/java/org/apache/jackrabbit/oak/benchmark/CompositeAuthorizationTest.java jackrabbit/oak/trunk/oak-benchmarks/src/main/java/org/apache/jackrabbit/oak/benchmark/CugTest.java jackrabbit/oak/trunk/oak-benchmarks/src/main/java/org/apache/jackrabbit/oak/benchmark/IsMemberTest.java jackrabbit/oak/trunk/oak-benchmarks/src/main/java/org/apache/jackrabbit/oak/benchmark/MemberBaseTest.java jackrabbit/oak/trunk/oak-benchmarks/src/main/java/org/apache/jackrabbit/oak/benchmark/ReadWithMembershipTest.java jackrabbit/oak/trunk/oak-benchmarks/src/main/java/org/apache/jackrabbit/oak/benchmark/RemoveMembersTest.java jackrabbit/oak/trunk/oak-benchmarks/src/main/java/org/apache/jackrabbit/oak/benchmark/authentication/external/AbstractExternalTest.java jackrabbit/oak/trunk/oak-core/src/main/java/org/apache/jackrabbit/oak/Oak.java jackrabbit/oak/trunk/oak-core/src/main/java/org/apache/jackrabbit/oak/security/internal/SecurityProviderRegistration.java jackrabbit/oak/trunk/oak-core/src/test/java/org/apache/jackrabbit/oak/AbstractSecurityTest.java jackrabbit/oak/trunk/oak-core/src/test/java/org/apache/jackrabbit/oak/plugins/observation/ChangeCollectorProviderTest.java jackrabbit/oak/trunk/oak-core/src/test/java/org/apache/jackrabbit/oak/security/authentication/AuthenticationConfigurationImplTest.java jackrabbit/oak/trunk/oak-core/src/test/java/org/apache/jackrabbit/oak/security/authentication/user/LoginModuleImplTest.java jackrabbit/oak/trunk/oak-core/src/test/java/org/apache/jackrabbit/oak/security/authorization/permission/MountPermissionProviderRandomTestIT.java jackrabbit/oak/trunk/oak-core/src/test/java/org/apache/jackrabbit/oak/security/internal/SecurityProviderRegistrationTest.java jackrabbit/oak/trunk/oak-core/src/test/java/org/apache/jackrabbit/oak/security/user/UserInitializerTest.java jackrabbit/oak/trunk/oak-it/src/test/java/org/apache/jackrabbit/oak/security/authorization/permission/ClusterPermissionsTest.java jackrabbit/oak/trunk/oak-jcr/src/test/java/org/apache/jackrabbit/oak/jcr/security/authorization/ImportIgnoreTest.java jackrabbit/oak/trunk/oak-jcr/src/test/java/org/apache/jackrabbit/oak/jcr/security/user/AbstractImportTest.java jackrabbit/oak/trunk/oak-segment-tar/src/test/java/org/apache/jackrabbit/oak/segment/InitializerTest.java jackrabbit/oak/trunk/oak-store-document/src/test/java/org/apache/jackrabbit/oak/plugins/document/InitializerTest.java Modified: jackrabbit/oak/trunk/oak-auth-external/src/test/java/org/apache/jackrabbit/oak/spi/security/authentication/external/TestSecurityProvider.java URL: http://svn.apache.org/viewvc/jackrabbit/oak/trunk/oak-auth-external/src/test/java/org/apache/jackrabbit/oak/spi/security/authentication/external/TestSecurityProvider.java?rev=1826984=1826983=1826984=diff == --- jackrabbit/oak/trunk/oak-auth-external/src/test/java/org/apache/jackrabbit/oak/spi/security/authentication/external/TestSecurityProvider.java (original) +++ jackrabbit/oak/trunk/oak-auth-external/src/test/java/org/apache/jackrabbit/oak/spi/security/authentication/external/TestSecurityProvider.java Fri Mar 16 13:05:46 2018 @@ -19,6 +19,7 @@ package org.apache.jackrabbit.oak.spi.se import javax.annotation.Nonnull; import org.apache.jackrabbit.oak.security.internal.SecurityProviderBuilder; +import org.apache.jackrabbit.oak.security.internal.SecurityProviderHelper; import org.apache.jackrabbit.oak.spi.security.ConfigurationParameters; import org.apache.jackrabbit.oak.spi.security.SecurityProvider; import org.apache.jackrabbit.oak.spi.security.authentication.external.impl.principal.ExternalPrincipalConfiguration; @@ -30,6 +31,8 @@ public final class TestSecurityProvider
svn commit: r1822821 - /jackrabbit/oak/trunk/oak-core/src/main/java/org/apache/jackrabbit/oak/security/authorization/permission/MountPermissionProvider.java
Author: stillalex Date: Wed Jan 31 19:11:08 2018 New Revision: 1822821 URL: http://svn.apache.org/viewvc?rev=1822821=rev Log: OAK-7227 MountPermissionProvider getNumEntries prone to overflow Modified: jackrabbit/oak/trunk/oak-core/src/main/java/org/apache/jackrabbit/oak/security/authorization/permission/MountPermissionProvider.java Modified: jackrabbit/oak/trunk/oak-core/src/main/java/org/apache/jackrabbit/oak/security/authorization/permission/MountPermissionProvider.java URL: http://svn.apache.org/viewvc/jackrabbit/oak/trunk/oak-core/src/main/java/org/apache/jackrabbit/oak/security/authorization/permission/MountPermissionProvider.java?rev=1822821=1822820=1822821=diff == --- jackrabbit/oak/trunk/oak-core/src/main/java/org/apache/jackrabbit/oak/security/authorization/permission/MountPermissionProvider.java (original) +++ jackrabbit/oak/trunk/oak-core/src/main/java/org/apache/jackrabbit/oak/security/authorization/permission/MountPermissionProvider.java Wed Jan 31 19:11:08 2018 @@ -26,6 +26,7 @@ import java.util.Set; import javax.annotation.Nonnull; import org.apache.jackrabbit.oak.api.Root; +import org.apache.jackrabbit.oak.commons.LongUtils; import org.apache.jackrabbit.oak.plugins.tree.RootProvider; import org.apache.jackrabbit.oak.spi.mount.Mount; import org.apache.jackrabbit.oak.spi.mount.MountInfoProvider; @@ -104,7 +105,7 @@ public class MountPermissionProvider ext public long getNumEntries(String principalName, long max) { long num = 0; for (PermissionStoreImpl store : stores) { -num += store.getNumEntries(principalName, max); +num = LongUtils.safeAdd(num, store.getNumEntries(principalName, max)); if (num >= max) { break; }
svn commit: r1817897 - in /jackrabbit/oak/trunk/oak-auth-external: pom.xml src/main/java/org/apache/jackrabbit/oak/spi/security/authentication/external/impl/principal/ExternalIdentityRepositoryInitial
Author: stillalex Date: Tue Dec 12 09:33:22 2017 New Revision: 1817897 URL: http://svn.apache.org/viewvc?rev=1817897=rev Log: OAK-7013 Replace usage in oak-auth-external Modified: jackrabbit/oak/trunk/oak-auth-external/pom.xml jackrabbit/oak/trunk/oak-auth-external/src/main/java/org/apache/jackrabbit/oak/spi/security/authentication/external/impl/principal/ExternalIdentityRepositoryInitializer.java Modified: jackrabbit/oak/trunk/oak-auth-external/pom.xml URL: http://svn.apache.org/viewvc/jackrabbit/oak/trunk/oak-auth-external/pom.xml?rev=1817897=1817896=1817897=diff == --- jackrabbit/oak/trunk/oak-auth-external/pom.xml (original) +++ jackrabbit/oak/trunk/oak-auth-external/pom.xml Tue Dec 12 09:33:22 2017 @@ -171,12 +171,6 @@ test -com.h2database -h2 -${h2.version} -test - - org.slf4j jul-to-slf4j test Modified: jackrabbit/oak/trunk/oak-auth-external/src/main/java/org/apache/jackrabbit/oak/spi/security/authentication/external/impl/principal/ExternalIdentityRepositoryInitializer.java URL: http://svn.apache.org/viewvc/jackrabbit/oak/trunk/oak-auth-external/src/main/java/org/apache/jackrabbit/oak/spi/security/authentication/external/impl/principal/ExternalIdentityRepositoryInitializer.java?rev=1817897=1817896=1817897=diff == --- jackrabbit/oak/trunk/oak-auth-external/src/main/java/org/apache/jackrabbit/oak/spi/security/authentication/external/impl/principal/ExternalIdentityRepositoryInitializer.java (original) +++ jackrabbit/oak/trunk/oak-auth-external/src/main/java/org/apache/jackrabbit/oak/spi/security/authentication/external/impl/principal/ExternalIdentityRepositoryInitializer.java Tue Dec 12 09:33:22 2017 @@ -17,32 +17,13 @@ package org.apache.jackrabbit.oak.spi.security.authentication.external.impl.principal; import javax.annotation.Nonnull; -import javax.jcr.RepositoryException; -import org.apache.jackrabbit.JcrConstants; -import org.apache.jackrabbit.oak.api.CommitFailedException; -import org.apache.jackrabbit.oak.api.Root; -import org.apache.jackrabbit.oak.api.Tree; -import org.apache.jackrabbit.oak.commons.PathUtils; -import org.apache.jackrabbit.oak.plugins.index.IndexConstants; import org.apache.jackrabbit.oak.plugins.index.IndexUtils; -import org.apache.jackrabbit.oak.plugins.memory.MemoryNodeStore; -import org.apache.jackrabbit.oak.plugins.name.NamespaceEditorProvider; -import org.apache.jackrabbit.oak.plugins.nodetype.TypeEditorProvider; -import org.apache.jackrabbit.oak.plugins.tree.factories.RootFactory; -import org.apache.jackrabbit.oak.spi.commit.CompositeEditorProvider; -import org.apache.jackrabbit.oak.spi.commit.EditorHook; import org.apache.jackrabbit.oak.spi.lifecycle.RepositoryInitializer; import org.apache.jackrabbit.oak.spi.security.authentication.external.impl.ExternalIdentityConstants; -import org.apache.jackrabbit.oak.spi.state.ApplyDiff; import org.apache.jackrabbit.oak.spi.state.NodeBuilder; -import org.apache.jackrabbit.oak.spi.state.NodeState; -import org.apache.jackrabbit.oak.spi.state.NodeStore; -import org.apache.jackrabbit.oak.plugins.tree.TreeUtil; -import org.slf4j.Logger; -import org.slf4j.LoggerFactory; -import static com.google.common.base.Preconditions.checkState; +import com.google.common.collect.ImmutableList; /** * Implementation of the {@code RepositoryInitializer} interface responsible for @@ -60,8 +41,6 @@ import static com.google.common.base.Pre */ class ExternalIdentityRepositoryInitializer implements RepositoryInitializer { -private static final Logger log = LoggerFactory.getLogger(ExternalIdentityRepositoryInitializer.class); - private final boolean enforceUniqueIds; ExternalIdentityRepositoryInitializer(boolean enforceUniqueIds) { @@ -70,42 +49,20 @@ class ExternalIdentityRepositoryInitiali @Override public void initialize(@Nonnull NodeBuilder builder) { -NodeState base = builder.getNodeState(); -NodeStore store = new MemoryNodeStore(base); - -String errorMsg = "Failed to initialize external identity content."; -try { -Root root = RootFactory.createSystemRoot(store, -new EditorHook(new CompositeEditorProvider(new NamespaceEditorProvider(), new TypeEditorProvider())), -null, null, null); - -// create index definition for "rep:externalId" and "rep:externalPrincipalNames" -Tree rootTree = root.getTree(PathUtils.ROOT_PATH); -checkState(rootTree.exists()); -Tree index = TreeUtil.getOrAddChild(rootTree, IndexConstants.INDEX_DEFINITIONS_NAME, JcrConstants.NT_UNSTRUCTURED); - -if (enforceUniqueIds && !index.hasChild(
svn commit: r1817893 - in /jackrabbit/oak/trunk/oak-core/src/test/java/org/apache/jackrabbit/oak: AbstractSecurityTest.java security/privilege/PrivilegeContextTest.java security/user/UserContextTest.j
Author: stillalex Date: Tue Dec 12 09:05:05 2017 New Revision: 1817893 URL: http://svn.apache.org/viewvc?rev=1817893=rev Log: OAK-7022 Prepare for usage of Root/TreeProvider in security tests - switched to the interfaces Modified: jackrabbit/oak/trunk/oak-core/src/test/java/org/apache/jackrabbit/oak/AbstractSecurityTest.java jackrabbit/oak/trunk/oak-core/src/test/java/org/apache/jackrabbit/oak/security/privilege/PrivilegeContextTest.java jackrabbit/oak/trunk/oak-core/src/test/java/org/apache/jackrabbit/oak/security/user/UserContextTest.java Modified: jackrabbit/oak/trunk/oak-core/src/test/java/org/apache/jackrabbit/oak/AbstractSecurityTest.java URL: http://svn.apache.org/viewvc/jackrabbit/oak/trunk/oak-core/src/test/java/org/apache/jackrabbit/oak/AbstractSecurityTest.java?rev=1817893=1817892=1817893=diff == --- jackrabbit/oak/trunk/oak-core/src/test/java/org/apache/jackrabbit/oak/AbstractSecurityTest.java (original) +++ jackrabbit/oak/trunk/oak-core/src/test/java/org/apache/jackrabbit/oak/AbstractSecurityTest.java Tue Dec 12 09:05:05 2017 @@ -51,6 +51,8 @@ import org.apache.jackrabbit.oak.plugins import org.apache.jackrabbit.oak.plugins.index.reference.ReferenceIndexProvider; import org.apache.jackrabbit.oak.plugins.name.NamespaceEditorProvider; import org.apache.jackrabbit.oak.plugins.nodetype.TypeEditorProvider; +import org.apache.jackrabbit.oak.plugins.tree.RootProvider; +import org.apache.jackrabbit.oak.plugins.tree.TreeProvider; import org.apache.jackrabbit.oak.plugins.tree.impl.RootProviderService; import org.apache.jackrabbit.oak.plugins.tree.impl.TreeProviderService; import org.apache.jackrabbit.oak.plugins.value.jcr.ValueFactoryImpl; @@ -83,8 +85,8 @@ public abstract class AbstractSecurityTe protected Root root; protected QueryEngineSettings querySettings; -private final RootProviderService rootProvider = new RootProviderService(); -private final TreeProviderService treeProvider = new TreeProviderService(); +private final RootProvider rootProvider = new RootProviderService(); +private final TreeProvider treeProvider = new TreeProviderService(); @Before public void before() throws Exception { @@ -252,11 +254,11 @@ public abstract class AbstractSecurityTe return getSecurityProvider().getConfiguration(configClass); } -public RootProviderService getRootProvider() { +public RootProvider getRootProvider() { return rootProvider; } -public TreeProviderService getTreeProvider() { +public TreeProvider getTreeProvider() { return treeProvider; } } Modified: jackrabbit/oak/trunk/oak-core/src/test/java/org/apache/jackrabbit/oak/security/privilege/PrivilegeContextTest.java URL: http://svn.apache.org/viewvc/jackrabbit/oak/trunk/oak-core/src/test/java/org/apache/jackrabbit/oak/security/privilege/PrivilegeContextTest.java?rev=1817893=1817892=1817893=diff == --- jackrabbit/oak/trunk/oak-core/src/test/java/org/apache/jackrabbit/oak/security/privilege/PrivilegeContextTest.java (original) +++ jackrabbit/oak/trunk/oak-core/src/test/java/org/apache/jackrabbit/oak/security/privilege/PrivilegeContextTest.java Tue Dec 12 09:05:05 2017 @@ -29,6 +29,7 @@ import org.apache.jackrabbit.oak.plugins import org.apache.jackrabbit.oak.plugins.memory.PropertyStates; import org.apache.jackrabbit.oak.spi.nodetype.NodeTypeConstants; import org.apache.jackrabbit.oak.plugins.tree.TreeLocation; +import org.apache.jackrabbit.oak.plugins.tree.TreeProvider; import org.apache.jackrabbit.oak.plugins.tree.impl.TreeProviderService; import org.apache.jackrabbit.oak.spi.security.Context; import org.apache.jackrabbit.oak.spi.security.privilege.PrivilegeConstants; @@ -110,7 +111,7 @@ public class PrivilegeContextTest { @Test public void testEmptyNotDefinesTree() { -TreeProviderService treeProvider = new TreeProviderService(); +TreeProvider treeProvider = new TreeProviderService(); assertFalse(ctx.definesTree(treeProvider.createReadOnlyTree(EmptyNodeState.EMPTY_NODE))); } Modified: jackrabbit/oak/trunk/oak-core/src/test/java/org/apache/jackrabbit/oak/security/user/UserContextTest.java URL: http://svn.apache.org/viewvc/jackrabbit/oak/trunk/oak-core/src/test/java/org/apache/jackrabbit/oak/security/user/UserContextTest.java?rev=1817893=1817892=1817893=diff == --- jackrabbit/oak/trunk/oak-core/src/test/java/org/apache/jackrabbit/oak/security/user/UserContextTest.java (original) +++ jackrabbit/oak/trunk/oak-core/src/test/java/org/apache/jackrabbit/oak/security/user/UserContextTest.java Tue Dec 12 09:05:05 2017 @@ -36,6 +36,7 @@ import org.apache.jackrabbit.oak.plugins import org.apache.jackrabbit.oak.spi.nodetype.NodeTypeConstants
svn commit: r1816629 - in /jackrabbit/oak/trunk: oak-auth-external/src/test/java/org/apache/jackrabbit/oak/spi/security/authentication/external/ oak-auth-external/src/test/java/org/apache/jackrabbit/o
Author: stillalex Date: Wed Nov 29 14:02:43 2017 New Revision: 1816629 URL: http://svn.apache.org/viewvc?rev=1816629=rev Log: OAK-6221 Deprecate SecurityProviderImpl Added: jackrabbit/oak/trunk/oak-core/src/test/java/org/apache/jackrabbit/oak/security/internal/SecurityProviderBuilder.java (with props) Modified: jackrabbit/oak/trunk/oak-auth-external/src/test/java/org/apache/jackrabbit/oak/spi/security/authentication/external/AbstractExternalAuthTest.java jackrabbit/oak/trunk/oak-auth-external/src/test/java/org/apache/jackrabbit/oak/spi/security/authentication/external/TestSecurityProvider.java jackrabbit/oak/trunk/oak-auth-external/src/test/java/org/apache/jackrabbit/oak/spi/security/authentication/external/impl/principal/ExternalIdentityImporterTest.java jackrabbit/oak/trunk/oak-authorization-cug/src/test/java/org/apache/jackrabbit/oak/spi/security/authorization/cug/impl/AbstractCugTest.java jackrabbit/oak/trunk/oak-authorization-cug/src/test/java/org/apache/jackrabbit/oak/spi/security/authorization/cug/impl/CugAccessControlManagerTest.java jackrabbit/oak/trunk/oak-authorization-cug/src/test/java/org/apache/jackrabbit/oak/spi/security/authorization/cug/impl/CugConfigurationTest.java jackrabbit/oak/trunk/oak-authorization-cug/src/test/java/org/apache/jackrabbit/oak/spi/security/authorization/cug/impl/CugImportBaseTest.java jackrabbit/oak/trunk/oak-authorization-cug/src/test/java/org/apache/jackrabbit/oak/spi/security/authorization/cug/impl/CugSecurityProvider.java jackrabbit/oak/trunk/oak-benchmarks/pom.xml jackrabbit/oak/trunk/oak-benchmarks/src/main/java/org/apache/jackrabbit/oak/benchmark/AbstractLoginTest.java jackrabbit/oak/trunk/oak-benchmarks/src/main/java/org/apache/jackrabbit/oak/benchmark/AddMembersTest.java jackrabbit/oak/trunk/oak-benchmarks/src/main/java/org/apache/jackrabbit/oak/benchmark/CompositeAuthorizationTest.java jackrabbit/oak/trunk/oak-benchmarks/src/main/java/org/apache/jackrabbit/oak/benchmark/CugTest.java jackrabbit/oak/trunk/oak-benchmarks/src/main/java/org/apache/jackrabbit/oak/benchmark/IsMemberTest.java jackrabbit/oak/trunk/oak-benchmarks/src/main/java/org/apache/jackrabbit/oak/benchmark/MemberBaseTest.java jackrabbit/oak/trunk/oak-benchmarks/src/main/java/org/apache/jackrabbit/oak/benchmark/RemoveMembersTest.java jackrabbit/oak/trunk/oak-benchmarks/src/main/java/org/apache/jackrabbit/oak/benchmark/authentication/external/AbstractExternalTest.java jackrabbit/oak/trunk/oak-core/src/main/java/org/apache/jackrabbit/oak/security/SecurityProviderImpl.java jackrabbit/oak/trunk/oak-core/src/test/java/org/apache/jackrabbit/oak/AbstractSecurityTest.java jackrabbit/oak/trunk/oak-core/src/test/java/org/apache/jackrabbit/oak/plugins/observation/ChangeCollectorProviderTest.java jackrabbit/oak/trunk/oak-core/src/test/java/org/apache/jackrabbit/oak/security/authentication/AuthenticationConfigurationImplTest.java jackrabbit/oak/trunk/oak-core/src/test/java/org/apache/jackrabbit/oak/security/authentication/user/LoginModuleImplTest.java jackrabbit/oak/trunk/oak-core/src/test/java/org/apache/jackrabbit/oak/security/authorization/permission/MountPermissionProviderRandomTestIT.java jackrabbit/oak/trunk/oak-core/src/test/java/org/apache/jackrabbit/oak/security/user/UserInitializerTest.java jackrabbit/oak/trunk/oak-it/src/test/java/org/apache/jackrabbit/oak/security/authorization/permission/ClusterPermissionsTest.java jackrabbit/oak/trunk/oak-jcr/src/test/java/org/apache/jackrabbit/oak/jcr/security/authorization/ImportIgnoreTest.java jackrabbit/oak/trunk/oak-jcr/src/test/java/org/apache/jackrabbit/oak/jcr/security/user/AbstractImportTest.java jackrabbit/oak/trunk/oak-segment-tar/pom.xml jackrabbit/oak/trunk/oak-segment-tar/src/test/java/org/apache/jackrabbit/oak/segment/InitializerTest.java jackrabbit/oak/trunk/oak-store-document/pom.xml jackrabbit/oak/trunk/oak-store-document/src/test/java/org/apache/jackrabbit/oak/plugins/document/InitializerTest.java Modified: jackrabbit/oak/trunk/oak-auth-external/src/test/java/org/apache/jackrabbit/oak/spi/security/authentication/external/AbstractExternalAuthTest.java URL: http://svn.apache.org/viewvc/jackrabbit/oak/trunk/oak-auth-external/src/test/java/org/apache/jackrabbit/oak/spi/security/authentication/external/AbstractExternalAuthTest.java?rev=1816629=1816628=1816629=diff == --- jackrabbit/oak/trunk/oak-auth-external/src/test/java/org/apache/jackrabbit/oak/spi/security/authentication/external/AbstractExternalAuthTest.java (original) +++ jackrabbit/oak/trunk/oak-auth-external/src/test/java/org/apache/jackrabbit/oak/spi/security/authentication/external/AbstractExternalAuthTest.java Wed Nov 29 14:02:43 2017 @@ -136,7 +136,7 @@ public abstract class AbstractExternalAu @Override protected SecurityProvider
svn commit: r1816536 - /jackrabbit/oak/trunk/oak-authorization-cug/src/main/java/org/apache/jackrabbit/oak/spi/security/authorization/cug/impl/CugConfiguration.java
Author: stillalex Date: Tue Nov 28 10:03:42 2017 New Revision: 1816536 URL: http://svn.apache.org/viewvc?rev=1816536=rev Log: OAK-6979 CugConfiguration.unbindMountInfoProvider doesn't restore the default - clarified livecycle expectations Modified: jackrabbit/oak/trunk/oak-authorization-cug/src/main/java/org/apache/jackrabbit/oak/spi/security/authorization/cug/impl/CugConfiguration.java Modified: jackrabbit/oak/trunk/oak-authorization-cug/src/main/java/org/apache/jackrabbit/oak/spi/security/authorization/cug/impl/CugConfiguration.java URL: http://svn.apache.org/viewvc/jackrabbit/oak/trunk/oak-authorization-cug/src/main/java/org/apache/jackrabbit/oak/spi/security/authorization/cug/impl/CugConfiguration.java?rev=1816536=1816535=1816536=diff == --- jackrabbit/oak/trunk/oak-authorization-cug/src/main/java/org/apache/jackrabbit/oak/spi/security/authorization/cug/impl/CugConfiguration.java (original) +++ jackrabbit/oak/trunk/oak-authorization-cug/src/main/java/org/apache/jackrabbit/oak/spi/security/authorization/cug/impl/CugConfiguration.java Tue Nov 28 10:03:42 2017 @@ -214,6 +214,8 @@ public class CugConfiguration extends Co } public void unbindMountInfoProvider(MountInfoProvider mountInfoProvider) { +// set to null (and not default) to comply with OSGi lifecycle, +// if the reference is unset it means the service is being deactivated this.mountInfoProvider = null; }
svn commit: r1816064 - in /jackrabbit/oak/trunk: oak-benchmarks/src/main/java/org/apache/jackrabbit/oak/benchmark/ oak-core/src/main/java/org/apache/jackrabbit/oak/security/authentication/token/ oak-c
Author: stillalex Date: Wed Nov 22 16:00:40 2017 New Revision: 1816064 URL: http://svn.apache.org/viewvc?rev=1816064=rev Log: OAK-6818 TokenAuthentication/TokenProviderImpl: cleanup expired tokens Added: jackrabbit/oak/trunk/oak-benchmarks/src/main/java/org/apache/jackrabbit/oak/benchmark/LoginWithTokensTest.java (with props) jackrabbit/oak/trunk/oak-core/src/test/java/org/apache/jackrabbit/oak/security/authentication/token/TokenCleanupTest.java (with props) Modified: jackrabbit/oak/trunk/oak-benchmarks/src/main/java/org/apache/jackrabbit/oak/benchmark/AbstractLoginTest.java jackrabbit/oak/trunk/oak-benchmarks/src/main/java/org/apache/jackrabbit/oak/benchmark/BenchmarkRunner.java jackrabbit/oak/trunk/oak-core/src/main/java/org/apache/jackrabbit/oak/security/authentication/token/TokenConfigurationImpl.java jackrabbit/oak/trunk/oak-core/src/main/java/org/apache/jackrabbit/oak/security/authentication/token/TokenProviderImpl.java jackrabbit/oak/trunk/oak-doc/src/site/markdown/security/authentication/token/default.md Modified: jackrabbit/oak/trunk/oak-benchmarks/src/main/java/org/apache/jackrabbit/oak/benchmark/AbstractLoginTest.java URL: http://svn.apache.org/viewvc/jackrabbit/oak/trunk/oak-benchmarks/src/main/java/org/apache/jackrabbit/oak/benchmark/AbstractLoginTest.java?rev=1816064=1816063=1816064=diff == --- jackrabbit/oak/trunk/oak-benchmarks/src/main/java/org/apache/jackrabbit/oak/benchmark/AbstractLoginTest.java (original) +++ jackrabbit/oak/trunk/oak-benchmarks/src/main/java/org/apache/jackrabbit/oak/benchmark/AbstractLoginTest.java Wed Nov 22 16:00:40 2017 @@ -108,16 +108,32 @@ abstract class AbstractLoginTest extends } } +protected boolean customConfigurationParameters() { +return noIterations != -1 || expiration > 0; +} + +protected ConfigurationParameters prepare(ConfigurationParameters conf) { +return conf; +} + @Override protected Repository[] createRepository(RepositoryFixture fixture) throws Exception { -if (noIterations != -1 || expiration > 0) { +if (customConfigurationParameters()) { if (fixture instanceof OakRepositoryFixture) { return ((OakRepositoryFixture) fixture).setUpCluster(1, new JcrCreator() { @Override public Jcr customize(Oak oak) { ConfigurationParameters conf; -ConfigurationParameters iterations = ConfigurationParameters.of(UserConstants.PARAM_PASSWORD_HASH_ITERATIONS, noIterations); -ConfigurationParameters cache = ConfigurationParameters.of("cacheExpiration", expiration); +ConfigurationParameters iterations = ConfigurationParameters.EMPTY; +if (noIterations != DEFAULT_ITERATIONS) { +iterations = ConfigurationParameters.of(UserConstants.PARAM_PASSWORD_HASH_ITERATIONS, +noIterations); +} +ConfigurationParameters cache = ConfigurationParameters.EMPTY; +if (expiration > 0) { +cache = ConfigurationParameters.of("cacheExpiration", expiration); +} + if (runWithToken) { conf = ConfigurationParameters.of( TokenConfiguration.NAME, iterations, @@ -126,6 +142,7 @@ abstract class AbstractLoginTest extends conf = ConfigurationParameters.of( UserConfiguration.NAME, ConfigurationParameters.of(iterations, cache)); } +conf = prepare(conf); SecurityProvider sp = new SecurityProviderImpl(conf); return new Jcr(oak).with(sp); } Modified: jackrabbit/oak/trunk/oak-benchmarks/src/main/java/org/apache/jackrabbit/oak/benchmark/BenchmarkRunner.java URL: http://svn.apache.org/viewvc/jackrabbit/oak/trunk/oak-benchmarks/src/main/java/org/apache/jackrabbit/oak/benchmark/BenchmarkRunner.java?rev=1816064=1816063=1816064=diff == --- jackrabbit/oak/trunk/oak-benchmarks/src/main/java/org/apache/jackrabbit/oak/benchmark/BenchmarkRunner.java (original) +++ jackrabbit/oak/trunk/oak-benchmarks/src/main/java/org/apache/jackrabbit/oak/benchmark/BenchmarkRunner.java Wed Nov 22 16:00:40 2017 @@ -250,6 +250,7 @@ public class BenchmarkRunner { runAsUser.value(options), runWithToken.value(options), noIterations.value(options)), +new LoginWithTokensTest(numberOfUsers.value(options)),
svn commit: r1815818 - in /jackrabbit/oak/trunk/oak-core/src: main/java/org/apache/jackrabbit/oak/security/authentication/token/TokenProviderImpl.java test/java/org/apache/jackrabbit/oak/security/auth
Author: stillalex Date: Mon Nov 20 15:11:27 2017 New Revision: 1815818 URL: http://svn.apache.org/viewvc?rev=1815818=rev Log: OAK-6940 Login token name generation is prone to race conditions Modified: jackrabbit/oak/trunk/oak-core/src/main/java/org/apache/jackrabbit/oak/security/authentication/token/TokenProviderImpl.java jackrabbit/oak/trunk/oak-core/src/test/java/org/apache/jackrabbit/oak/security/authentication/token/TokenProviderImplTest.java Modified: jackrabbit/oak/trunk/oak-core/src/main/java/org/apache/jackrabbit/oak/security/authentication/token/TokenProviderImpl.java URL: http://svn.apache.org/viewvc/jackrabbit/oak/trunk/oak-core/src/main/java/org/apache/jackrabbit/oak/security/authentication/token/TokenProviderImpl.java?rev=1815818=1815817=1815818=diff == --- jackrabbit/oak/trunk/oak-core/src/main/java/org/apache/jackrabbit/oak/security/authentication/token/TokenProviderImpl.java (original) +++ jackrabbit/oak/trunk/oak-core/src/main/java/org/apache/jackrabbit/oak/security/authentication/token/TokenProviderImpl.java Mon Nov 20 15:11:27 2017 @@ -24,8 +24,6 @@ import java.util.Arrays; import java.util.Calendar; import java.util.Collection; import java.util.Collections; -import java.util.Date; -import java.util.GregorianCalendar; import java.util.HashMap; import java.util.Map; import java.util.UUID; @@ -204,7 +202,7 @@ class TokenProviderImpl implements Token if (tokenParent != null) { try { String id = user.getID(); -long creationTime = new Date().getTime(); +long creationTime = System.currentTimeMillis(); long exp; if (attributes.containsKey(PARAM_TOKEN_EXPIRATION)) { exp = Long.parseLong(attributes.get(PARAM_TOKEN_EXPIRATION).toString()); @@ -216,7 +214,7 @@ class TokenProviderImpl implements Token TokenInfo tokenInfo; try { -String tokenName = generateTokenName(creationTime); +String tokenName = uuid; tokenInfo = createTokenNode(tokenParent, tokenName, expTime, uuid, id, attributes); root.commit(CommitMarker.asCommitAttributes()); } catch (CommitFailedException e) { @@ -327,13 +325,6 @@ class TokenProviderImpl implements Token } @Nonnull -private static String generateTokenName(long creationTime) { -Calendar creation = GregorianCalendar.getInstance(); -creation.setTimeInMillis(creationTime); -return Text.replace(ISO8601.format(creation), ":", "."); -} - -@Nonnull private Tree getTokenTree(@Nonnull TokenInfoImpl tokenInfo) { return root.getTree(tokenInfo.tokenPath); } Modified: jackrabbit/oak/trunk/oak-core/src/test/java/org/apache/jackrabbit/oak/security/authentication/token/TokenProviderImplTest.java URL: http://svn.apache.org/viewvc/jackrabbit/oak/trunk/oak-core/src/test/java/org/apache/jackrabbit/oak/security/authentication/token/TokenProviderImplTest.java?rev=1815818=1815817=1815818=diff == --- jackrabbit/oak/trunk/oak-core/src/test/java/org/apache/jackrabbit/oak/security/authentication/token/TokenProviderImplTest.java (original) +++ jackrabbit/oak/trunk/oak-core/src/test/java/org/apache/jackrabbit/oak/security/authentication/token/TokenProviderImplTest.java Mon Nov 20 15:11:27 2017 @@ -411,21 +411,6 @@ public class TokenProviderImplTest exten assertEquals(userId, info.getUserId()); } -@Test -public void testTokenNodeName() throws Exception { -TokenInfo info = tokenProvider.createToken(userId, Collections.<String, Object>emptyMap()); -Tree tokenTree = getTokenTree(info); - -// name must not be a uuid which is only used in case of conflict during -// creation which is not expected here. -try { -UUID.fromString(tokenTree.getName()); -fail("UUID-name should only be used in case of conflict"); -} catch (IllegalArgumentException e) { -// success -} -} - //-- private static void assertTokenInfo(TokenInfo info, String userId) { assertNotNull(info);
svn commit: r1815553 - /jackrabbit/oak/trunk/oak-auth-ldap/pom.xml
Author: stillalex Date: Fri Nov 17 07:47:28 2017 New Revision: 1815553 URL: http://svn.apache.org/viewvc?rev=1815553=rev Log: OAK-1588 Create more tests/validation to LDAP integration - reducing min coverage to .85 to see it if gets the builds passing again Modified: jackrabbit/oak/trunk/oak-auth-ldap/pom.xml Modified: jackrabbit/oak/trunk/oak-auth-ldap/pom.xml URL: http://svn.apache.org/viewvc/jackrabbit/oak/trunk/oak-auth-ldap/pom.xml?rev=1815553=1815552=1815553=diff == --- jackrabbit/oak/trunk/oak-auth-ldap/pom.xml (original) +++ jackrabbit/oak/trunk/oak-auth-ldap/pom.xml Fri Nov 17 07:47:28 2017 @@ -35,7 +35,7 @@ 2.0.0-M24 false -0.86 +0.85
svn commit: r1815457 - in /jackrabbit/oak/trunk: oak-core/src/main/java/org/apache/jackrabbit/oak/Oak.java oak-jcr/src/main/java/org/apache/jackrabbit/oak/jcr/Jcr.java
Author: stillalex Date: Thu Nov 16 14:18:16 2017 New Revision: 1815457 URL: http://svn.apache.org/viewvc?rev=1815457=rev Log: OAK-6826 Refactor Jcr class to remove dependency on o.a.j.oak.plugins.index Modified: jackrabbit/oak/trunk/oak-core/src/main/java/org/apache/jackrabbit/oak/Oak.java jackrabbit/oak/trunk/oak-jcr/src/main/java/org/apache/jackrabbit/oak/jcr/Jcr.java Modified: jackrabbit/oak/trunk/oak-core/src/main/java/org/apache/jackrabbit/oak/Oak.java URL: http://svn.apache.org/viewvc/jackrabbit/oak/trunk/oak-core/src/main/java/org/apache/jackrabbit/oak/Oak.java?rev=1815457=1815456=1815457=diff == --- jackrabbit/oak/trunk/oak-core/src/main/java/org/apache/jackrabbit/oak/Oak.java (original) +++ jackrabbit/oak/trunk/oak-core/src/main/java/org/apache/jackrabbit/oak/Oak.java Thu Nov 16 14:18:16 2017 @@ -51,6 +51,7 @@ import javax.security.auth.login.LoginEx import com.google.common.base.Function; import com.google.common.base.Supplier; +import com.google.common.collect.ImmutableList; import com.google.common.collect.Iterables; import com.google.common.collect.Lists; import com.google.common.io.Closer; @@ -68,20 +69,35 @@ import org.apache.jackrabbit.oak.core.Co import org.apache.jackrabbit.oak.management.RepositoryManager; import org.apache.jackrabbit.oak.plugins.atomic.AtomicCounterEditorProvider; import org.apache.jackrabbit.oak.plugins.commit.ConflictHook; +import org.apache.jackrabbit.oak.plugins.commit.ConflictValidatorProvider; import org.apache.jackrabbit.oak.plugins.index.AsyncIndexUpdate; import org.apache.jackrabbit.oak.plugins.index.CompositeIndexEditorProvider; import org.apache.jackrabbit.oak.plugins.index.IndexConstants; import org.apache.jackrabbit.oak.plugins.index.IndexEditorProvider; import org.apache.jackrabbit.oak.plugins.index.IndexMBeanRegistration; import org.apache.jackrabbit.oak.plugins.index.IndexUpdateProvider; +import org.apache.jackrabbit.oak.plugins.index.counter.NodeCounterEditorProvider; import org.apache.jackrabbit.oak.plugins.index.counter.jmx.NodeCounter; import org.apache.jackrabbit.oak.plugins.index.counter.jmx.NodeCounterMBean; import org.apache.jackrabbit.oak.plugins.index.counter.jmx.NodeCounterOld; +import org.apache.jackrabbit.oak.plugins.index.nodetype.NodeTypeIndexProvider; +import org.apache.jackrabbit.oak.plugins.index.property.OrderedPropertyIndexEditorProvider; +import org.apache.jackrabbit.oak.plugins.index.property.PropertyIndexEditorProvider; +import org.apache.jackrabbit.oak.plugins.index.property.PropertyIndexProvider; import org.apache.jackrabbit.oak.plugins.index.property.jmx.PropertyIndexAsyncReindex; import org.apache.jackrabbit.oak.plugins.index.property.jmx.PropertyIndexAsyncReindexMBean; +import org.apache.jackrabbit.oak.plugins.index.reference.ReferenceEditorProvider; +import org.apache.jackrabbit.oak.plugins.index.reference.ReferenceIndexProvider; +import org.apache.jackrabbit.oak.plugins.itemsave.ItemSaveValidatorProvider; import org.apache.jackrabbit.oak.plugins.memory.MemoryNodeStore; +import org.apache.jackrabbit.oak.plugins.name.NameValidatorProvider; +import org.apache.jackrabbit.oak.plugins.name.NamespaceEditorProvider; +import org.apache.jackrabbit.oak.plugins.nodetype.TypeEditorProvider; +import org.apache.jackrabbit.oak.plugins.observation.ChangeCollectorProvider; +import org.apache.jackrabbit.oak.plugins.version.VersionHook; import org.apache.jackrabbit.oak.query.QueryEngineSettings; import org.apache.jackrabbit.oak.query.stats.QueryStatsMBean; +import org.apache.jackrabbit.oak.security.SecurityProviderImpl; import org.apache.jackrabbit.oak.spi.commit.CompositeConflictHandler; import org.apache.jackrabbit.oak.spi.commit.CommitHook; import org.apache.jackrabbit.oak.spi.commit.CommitInfo; @@ -915,4 +931,55 @@ public class Oak { return settings.toString(); } } + +public static class OakDefaultComponents { + +public static final OakDefaultComponents INSTANCE = new OakDefaultComponents(); + +private final Iterable commitHooks = ImmutableList.of(new VersionHook()); + +private final Iterable repositoryInitializers = ImmutableList +.of(new InitialContent()); + +private final Iterable editorProviders = ImmutableList.of( +new ItemSaveValidatorProvider(), new NameValidatorProvider(), new NamespaceEditorProvider(), +new TypeEditorProvider(), new ConflictValidatorProvider(), new ChangeCollectorProvider()); + +private final Iterable indexEditorProviders = ImmutableList.of( +new ReferenceEditorProvider(), new PropertyIndexEditorProvider(), new NodeCounterEditorProvider(), +new OrderedPropertyIndexEditorProvider()); + +private final Iterable queryIndexProviders = ImmutableList +.of(new ReferenceIndexProvider(), new
svn commit: r1812639 - /jackrabbit/oak/trunk/oak-core/src/main/java/org/apache/jackrabbit/oak/plugins/nodetype/TypeEditor.java
Author: stillalex Date: Thu Oct 19 13:07:44 2017 New Revision: 1812639 URL: http://svn.apache.org/viewvc?rev=1812639=rev Log: OAK-6834 Make TypeEditor publically accessible and allow pluggable constraint violation handling - fixed javadocs Modified: jackrabbit/oak/trunk/oak-core/src/main/java/org/apache/jackrabbit/oak/plugins/nodetype/TypeEditor.java Modified: jackrabbit/oak/trunk/oak-core/src/main/java/org/apache/jackrabbit/oak/plugins/nodetype/TypeEditor.java URL: http://svn.apache.org/viewvc/jackrabbit/oak/trunk/oak-core/src/main/java/org/apache/jackrabbit/oak/plugins/nodetype/TypeEditor.java?rev=1812639=1812638=1812639=diff == --- jackrabbit/oak/trunk/oak-core/src/main/java/org/apache/jackrabbit/oak/plugins/nodetype/TypeEditor.java (original) +++ jackrabbit/oak/trunk/oak-core/src/main/java/org/apache/jackrabbit/oak/plugins/nodetype/TypeEditor.java Thu Oct 19 13:07:44 2017 @@ -82,7 +82,7 @@ public class TypeEditor extends DefaultE /** * Invoked whenever a constraint violation is detected. * - * Implementors may choose to throw a {@link #CommitFailedException} or to handle the error + * Implementors may choose to throw a {@link org.apache.jackrabbit.oak.api.CommitFailedException} or to handle the error * internally, for instance by logging. * * Implementors may not throw other exception types from this method. @@ -90,8 +90,8 @@ public class TypeEditor extends DefaultE * @param path the path where the constraint violation was detected * @param nodeTypeNames the node type names of the node * @param code the error code - * @param message the descriptive error mesage - * @throws CommitFailedException thrown when the implementation decides to stop futher processing + * @param message the descriptive error message + * @throws CommitFailedException thrown when the implementation decides to stop further processing * * @see TypeEditor#THROW_ON_CONSTRAINT_VIOLATION * @see TypeEditor#WARN_ON_CONSTRAINT_VIOLATION @@ -123,13 +123,13 @@ public class TypeEditor extends DefaultE }; /** - * Creates a new TypeEditor + * Creates a new TypeEditor instance * * @param callback the callback to use when a constraint violation is found. The client must * check the results of the callback invocations if the specified callback does not * immediately propagate constraint violations as checked exceptions. * @param typesToCheck the types to check for. If null, this node is checked. Otherwise - * it is checked if its primary type or one of it's mixin types is containd in this parameters + * it is checked if its primary type or one of it's mixin types is contained in this parameters * @param types the /jcr:system/jcr:nodeTypes node * @param primary the node's primary type * @param mixins the node's mixins
svn commit: r1812291 - /jackrabbit/oak/trunk/oak-lucene/pom.xml
Author: stillalex Date: Mon Oct 16 12:55:56 2017 New Revision: 1812291 URL: http://svn.apache.org/viewvc?rev=1812291=rev Log: OAK-6780 Duplicated _exportcontents directive in oak-lucene's pom.xml Modified: jackrabbit/oak/trunk/oak-lucene/pom.xml Modified: jackrabbit/oak/trunk/oak-lucene/pom.xml URL: http://svn.apache.org/viewvc/jackrabbit/oak/trunk/oak-lucene/pom.xml?rev=1812291=1812290=1812291=diff == --- jackrabbit/oak/trunk/oak-lucene/pom.xml (original) +++ jackrabbit/oak/trunk/oak-lucene/pom.xml Mon Oct 16 12:55:56 2017 @@ -113,9 +113,6 @@ org.apache.jackrabbit.oak.plugins.index.lucene.score, org.apache.jackrabbit.oak.plugins.index.lucene.spi, -<_exportcontents> -org.apache.lucene.*;version=${lucene.version} - org.apache.lucene.sandbox.*;resolution:=optional, !org.apache.lucene.*,