配置Modeshape AuthenticationProvider

时间:2012-03-26 13:07:35

标签: modeshape

我正在尝试将Modeshape合并到Spring应用程序中,在连接到JCR存储库之前,在登录时已经进行了身份验证。 这是有效的,因为我可以使用

获得参考
session = repository.login();

然而,这似乎绕过了我想要的工作区级别访问控制的自定义authenticationProvider(文档部分6.5)。 这是我的配置:

<configuration xmlns:...>

<mode:repositories>
    <mode:repository jcr:name="my_repo" mode:source="my_source">

       <mode:authenticationProviders>
           <mode:authenticationProvider
                       jcr:name="customAuthProvider" 
                 mode:classname="com.myapp.CustomSecurityContext" /> 
       </mode:authenticationProviders>

   </mode:repository>
</mode:repositories>

<mode:sources jcr:primaryType="nt:unstructured">
     <mode:source jcr:name="my_source" ....
     </mode:sources>
</configuration>

CustomSecurityContext永远不会被实例化(有弹簧注释但是(POJO)构造函数永远不会被调用。任何想法可能出错?

@Configurable (preConstruction = true)
public class CustomSecurityContext implements SecurityContext, AuthorizationProvider {

    @Autowired
    private ServletCredentials servletCredentials;

    @Autowired
    CustomUserDetailsManager userDetailsManager;

    @Autowired
    WorkspaceRole workspaceRole;

    private static final Logger log = LogUtil.getLogger();

    public CustomSecurityContext () {
        System.out.println(" ******** THIS NEVER GETS CALLED ********");
    }

    @Override
    public String getUserName() {
        HttpServletRequest request = servletCredentials.getRequest();

        if (request != null) {
            return request.getUserPrincipal().getName();
        }

        log.warn("HttpServletRequest is null, defaulting to getUserName() = null");
        return null;
    }

    @Override
    public boolean hasRole(String roleName) {

        int idUser = userDetailsManager.getIdUser();

        if (idUser == userDetailsManager.getSystemUserID()) {
            // The system itself can work with all workspaces
            return true;
        }

        if (roleName == null) {
            log.warn("roleName is null when calling hasRole, returning false");
            return false;
        }

        return workspaceRole.hasRole(idUser, roleName);
    }

    @Override
    public void logout() {
        log.debug("Calling logout"); // Not applicable as the session credentials are managed by Spring.

    }

    @Override
    public boolean hasPermission(ExecutionContext context, String repositoryName, String repositorySourceName, String workspaceName, Path path, String... actions) {

        log.info("Checking hasPermission for repository '" + repositoryName + "', workspace '" + workspaceName + ", path: '" + path);

        if (actions != null) {
            for (String action : actions) {
                log.info("Action : " + action);
            }
        }
        return true;  // TODO:...
    }
}

1 个答案:

答案 0 :(得分:1)

我使用你的配置运行(或者至少在我们的测试用例中使用<mode:authenticationProviders>片段),并调试代码(版本2.8.0.Final)并看到ModeShape尝试实例化类。如果实例化因任何原因失败(代码确实试图捕获所有Throwables),那么ModeShape会将错误消息写入日志:

Unable to initialize authentication provider "com.myapp.CustomSecurityContext" for repository "my_repo": <whatever the reason is>

你没有看到这个吗?如果没有,请检查日志是否正确写入。另外,请随时在我们的论坛中与我们联系以获得帮助。