我正在尝试将Modeshape合并到Spring应用程序中,在连接到JCR存储库之前,在登录时已经进行了身份验证。 这是有效的,因为我可以使用
获得参考session = repository.login();
然而,这似乎绕过了我想要的工作区级别访问控制的自定义authenticationProvider(文档部分6.5)。 这是我的配置:
<configuration xmlns:...>
<mode:repositories>
<mode:repository jcr:name="my_repo" mode:source="my_source">
<mode:authenticationProviders>
<mode:authenticationProvider
jcr:name="customAuthProvider"
mode:classname="com.myapp.CustomSecurityContext" />
</mode:authenticationProviders>
</mode:repository>
</mode:repositories>
<mode:sources jcr:primaryType="nt:unstructured">
<mode:source jcr:name="my_source" ....
</mode:sources>
</configuration>
CustomSecurityContext永远不会被实例化(有弹簧注释但是(POJO)构造函数永远不会被调用。任何想法可能出错?
@Configurable (preConstruction = true)
public class CustomSecurityContext implements SecurityContext, AuthorizationProvider {
@Autowired
private ServletCredentials servletCredentials;
@Autowired
CustomUserDetailsManager userDetailsManager;
@Autowired
WorkspaceRole workspaceRole;
private static final Logger log = LogUtil.getLogger();
public CustomSecurityContext () {
System.out.println(" ******** THIS NEVER GETS CALLED ********");
}
@Override
public String getUserName() {
HttpServletRequest request = servletCredentials.getRequest();
if (request != null) {
return request.getUserPrincipal().getName();
}
log.warn("HttpServletRequest is null, defaulting to getUserName() = null");
return null;
}
@Override
public boolean hasRole(String roleName) {
int idUser = userDetailsManager.getIdUser();
if (idUser == userDetailsManager.getSystemUserID()) {
// The system itself can work with all workspaces
return true;
}
if (roleName == null) {
log.warn("roleName is null when calling hasRole, returning false");
return false;
}
return workspaceRole.hasRole(idUser, roleName);
}
@Override
public void logout() {
log.debug("Calling logout"); // Not applicable as the session credentials are managed by Spring.
}
@Override
public boolean hasPermission(ExecutionContext context, String repositoryName, String repositorySourceName, String workspaceName, Path path, String... actions) {
log.info("Checking hasPermission for repository '" + repositoryName + "', workspace '" + workspaceName + ", path: '" + path);
if (actions != null) {
for (String action : actions) {
log.info("Action : " + action);
}
}
return true; // TODO:...
}
}
答案 0 :(得分:1)
我使用你的配置运行(或者至少在我们的测试用例中使用<mode:authenticationProviders>
片段),并调试代码(版本2.8.0.Final)并看到ModeShape尝试实例化类。如果实例化因任何原因失败(代码确实试图捕获所有Throwables),那么ModeShape会将错误消息写入日志:
Unable to initialize authentication provider "com.myapp.CustomSecurityContext" for repository "my_repo": <whatever the reason is>
你没有看到这个吗?如果没有,请检查日志是否正确写入。另外,请随时在我们的论坛中与我们联系以获得帮助。