Refactored photark-security module further and now security module declare AccessManager as a service.Added its JCR based implementation in photark-jcr module.
git-svn-id: https://svn.apache.org/repos/asf/incubator/photark/trunk@952680 13f79535-47bb-0310-9956-ffa450edef68
diff --git a/photark-jcr/src/main/java/org/apache/photark/jcr/security/authorization/JCRAccessManager.java b/photark-jcr/src/main/java/org/apache/photark/jcr/security/authorization/JCRAccessManager.java
new file mode 100644
index 0000000..020693a
--- /dev/null
+++ b/photark-jcr/src/main/java/org/apache/photark/jcr/security/authorization/JCRAccessManager.java
@@ -0,0 +1,47 @@
+/*
+ * Licensed to the Apache Software Foundation (ASF) under one
+ * or more contributor license agreements. See the NOTICE file
+ * distributed with this work for additional information
+ * regarding copyright ownership. The ASF licenses this file
+ * to you under the Apache License, Version 2.0 (the
+ * "License"); you may not use this file except in compliance
+ * with the License. You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing,
+ * software distributed under the License is distributed on an
+ * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ * KIND, either express or implied. See the License for the
+ * specific language governing permissions and limitations
+ * under the License.
+ */
+
+package org.apache.photark.jcr.security.authorization;
+
+import org.apache.photark.jcr.JCRRepositoryManager;
+import org.apache.photark.security.authorization.services.AccessManager;
+import org.oasisopen.sca.annotation.Reference;
+import org.oasisopen.sca.annotation.Remotable;
+import org.oasisopen.sca.annotation.Scope;
+
+@Remotable
+@Scope("COMPOSITE")
+public class JCRAccessManager implements AccessManager {
+ private static String accessList;
+ private JCRRepositoryManager repositoryManager;
+
+ public JCRAccessManager(){
+
+ }
+
+ @Reference(name="repositoryManager")
+ protected void setRepositoryManager(JCRRepositoryManager repositoryManager) {
+ this.repositoryManager = repositoryManager;
+ }
+
+ public synchronized String creatAccessList(String accessList) {
+ this.accessList = accessList;
+ return accessList;
+ }
+}
diff --git a/photark-security/src/main/java/org/apache/photark/security/authentication/AuthorizationFilter.java b/photark-security/src/main/java/org/apache/photark/security/authentication/AuthorizationFilter.java
index 3069a68..d8e9909 100644
--- a/photark-security/src/main/java/org/apache/photark/security/authentication/AuthorizationFilter.java
+++ b/photark-security/src/main/java/org/apache/photark/security/authentication/AuthorizationFilter.java
@@ -31,11 +31,6 @@
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
-import org.apache.photark.security.authorization.AccessManager;
-import org.oasisopen.sca.annotation.Property;
-import org.oasisopen.sca.annotation.Scope;
-import org.oasisopen.sca.annotation.Service;
-
/**
* Authorization Filter. This will only allow authenticated user
* to access to upload.html and redirect others to OpenID authentication
@@ -86,8 +81,6 @@
HttpServletRequest httpReq = (HttpServletRequest) request;
HttpServletResponse httpResp = (HttpServletResponse) response;
- AccessManager am = new AccessManager();
-
if ((String)httpReq.getSession().getAttribute("accessList") != null && !((String)httpReq.getSession().getAttribute("accessList")).equals("")) {
System.err.println( (String)httpReq.getSession().getAttribute("accessList") +" Accessing Admin page");
chain.doFilter(request, response);
diff --git a/photark-security/src/main/java/org/apache/photark/security/authentication/services/FormAuthenticationServiceImpl.java b/photark-security/src/main/java/org/apache/photark/security/authentication/services/FormAuthenticationServiceImpl.java
index f16672a..3fe4fe1 100644
--- a/photark-security/src/main/java/org/apache/photark/security/authentication/services/FormAuthenticationServiceImpl.java
+++ b/photark-security/src/main/java/org/apache/photark/security/authentication/services/FormAuthenticationServiceImpl.java
@@ -27,7 +27,8 @@
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
-import org.apache.photark.security.authorization.AccessManager;
+import org.apache.photark.security.authorization.services.AccessManager;
+import org.oasisopen.sca.annotation.Reference;
import org.oasisopen.sca.annotation.Scope;
import org.oasisopen.sca.annotation.Service;
@@ -40,8 +41,9 @@
*/
@Service(Servlet.class)
@Scope("COMPOSITE")
-public class FormAuthenticationServiceImpl extends HttpServlet {
+public class FormAuthenticationServiceImpl extends HttpServlet implements Servlet {
+ private AccessManager accessManager;
/**
*
*/
@@ -60,7 +62,7 @@
@Override
public void doPost(HttpServletRequest request, HttpServletResponse response)
throws IOException, ServletException {
- AccessManager am = new AccessManager();
+
//check whether the Super Admin is authenticated
if (request.getUserPrincipal() != null) {
@@ -69,7 +71,7 @@
RelyingParty.getInstance().invalidate(request, response);
//Creating the accessList
- String accesList=am.creatAccessList("SuperAdmin");
+ String accesList=accessManager.creatAccessList("SuperAdmin");
request.getSession().setAttribute("accessList", accesList);
System.err.println("Super Admin authenticated");
@@ -82,5 +84,10 @@
}
}
-
+
+
+ @Reference(name="accessmanager")
+ protected void setAccessService(AccessManager accessManager) {
+ this.accessManager = accessManager;
+ }
}
\ No newline at end of file
diff --git a/photark-security/src/main/java/org/apache/photark/security/authentication/services/LogoutServiceImpl.java b/photark-security/src/main/java/org/apache/photark/security/authentication/services/LogoutServiceImpl.java
index efa85bd..79eb47f 100644
--- a/photark-security/src/main/java/org/apache/photark/security/authentication/services/LogoutServiceImpl.java
+++ b/photark-security/src/main/java/org/apache/photark/security/authentication/services/LogoutServiceImpl.java
@@ -27,7 +27,6 @@
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
-import org.apache.photark.security.authorization.AccessManager;
import org.oasisopen.sca.annotation.Scope;
import org.oasisopen.sca.annotation.Service;
diff --git a/photark-security/src/main/java/org/apache/photark/security/authentication/services/OpenIDAuthenticationServiceImpl.java b/photark-security/src/main/java/org/apache/photark/security/authentication/services/OpenIDAuthenticationServiceImpl.java
index 99a7b29..80bb7c0 100644
--- a/photark-security/src/main/java/org/apache/photark/security/authentication/services/OpenIDAuthenticationServiceImpl.java
+++ b/photark-security/src/main/java/org/apache/photark/security/authentication/services/OpenIDAuthenticationServiceImpl.java
@@ -30,7 +30,8 @@
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
-import org.apache.photark.security.authorization.AccessManager;
+import org.apache.photark.security.authorization.services.AccessManager;
+import org.oasisopen.sca.annotation.Reference;
import org.oasisopen.sca.annotation.Scope;
import org.oasisopen.sca.annotation.Service;
@@ -49,10 +50,8 @@
*/
@Service(Servlet.class)
@Scope("COMPOSITE")
-public class OpenIDAuthenticationServiceImpl extends HttpServlet implements Servlet
-{
-
- private static final long serialVersionUID = -5304887357860915253L;
+public class OpenIDAuthenticationServiceImpl extends HttpServlet implements Servlet {
+ private static AccessManager accessManager;
static
{
@@ -82,14 +81,12 @@
public void onAuthenticate(OpenIdUser user, HttpServletRequest request)
{
System.err.println("newly authenticated user: " + user.getIdentity());
-
- AccessManager am= new AccessManager();
//Invalidating the Super Admin user
request.getSession().invalidate();
//Creating the accessList for the newly authenticated user
//Creating the accessList
- String accesList=am.creatAccessList(user.getIdentity());
+ String accesList=accessManager.creatAccessList(user.getIdentity());
request.getSession().setAttribute("accessList", accesList);
Map<String,String> sreg = SRegExtension.remove(user);
@@ -115,6 +112,11 @@
RelyingParty _relyingParty = RelyingParty.getInstance();
+ @Reference(name="accessmanager")
+ protected void setAccessService(AccessManager accessManager) {
+ this.accessManager = accessManager;
+ }
+
@Override
public void doGet(HttpServletRequest request, HttpServletResponse response)
throws IOException, ServletException
diff --git a/photark-security/src/main/java/org/apache/photark/security/authorization/AccessManager.java b/photark-security/src/main/java/org/apache/photark/security/authorization/services/AccessManager.java
similarity index 61%
rename from photark-security/src/main/java/org/apache/photark/security/authorization/AccessManager.java
rename to photark-security/src/main/java/org/apache/photark/security/authorization/services/AccessManager.java
index 5742416..a37b38d 100644
--- a/photark-security/src/main/java/org/apache/photark/security/authorization/AccessManager.java
+++ b/photark-security/src/main/java/org/apache/photark/security/authorization/services/AccessManager.java
@@ -17,24 +17,12 @@
* under the License.
*/
-package org.apache.photark.security.authorization;
+package org.apache.photark.security.authorization.services;
-import org.oasisopen.sca.annotation.Scope;
+import org.oasisopen.sca.annotation.Remotable;
-@Scope("COMPOSITE")
-public class AccessManager {
- private static String accessList;
-
- /*
- * public synchronized String getAccessList() { return accessList; }
- *
- *
- * public synchronized void setAccessList(String accessList) {
- * AccessManager.accessList = accessList; }
- */
-
- public synchronized String creatAccessList(String accessList) {
- AccessManager.accessList = accessList;
- return accessList;
- }
+@Remotable
+public interface AccessManager {
+
+ String creatAccessList(String accessList );
}
diff --git a/photark-webapp/src/main/webapp/WEB-INF/web.composite b/photark-webapp/src/main/webapp/WEB-INF/web.composite
index e5997c9..e7ba245 100644
--- a/photark-webapp/src/main/webapp/WEB-INF/web.composite
+++ b/photark-webapp/src/main/webapp/WEB-INF/web.composite
@@ -66,7 +66,10 @@
<implementation.java class="org.apache.photark.security.authentication.services.OpenIDAuthenticationServiceImpl"/>
<service name="Servlet">
<tuscany:binding.http uri="/home/authenticate"/>
- </service>
+ </service>
+ <reference name="accessmanager" target="AccessManager">
+ <binding.sca name="local"/>
+ </reference>
</component>
<!-- Component responsible for providing FORM Authentication for PhotArk -->
@@ -74,7 +77,10 @@
<implementation.java class="org.apache.photark.security.authentication.services.FormAuthenticationServiceImpl"/>
<service name="Servlet">
<tuscany:binding.http uri="/admin/authenticate"/>
- </service>
+ </service>
+ <reference name="accessmanager" target="AccessManager">
+ <binding.sca name="local"/>
+ </reference>
</component>
<!-- Component responsible for providing logging out from the active user-->
@@ -85,17 +91,13 @@
</service>
</component>
- <!-- Component responsible for providing filter support for uploading -->
- <!--<component name="UploadFilterAuthenticationServiceComponent">
- <implementation.java class="org.apache.photark.security.authentication.AuthorizationFilter"/>
- <service name="Filter">
- <tuscany:binding.http uri="/admin/upload"/>
- </service>
- <property name="redirectPage">/home/authenticate</property>
- </component> -->
-
<!-- Component responsible for providing Access Management for gallery/album -->
- <component name="AccessManager">
- <implementation.java class="org.apache.photark.security.authorization.AccessManager"/>
- </component>
+ <component name="AccessManager">
+ <implementation.java class="org.apache.photark.jcr.security.authorization.JCRAccessManager"/>
+ <service name="AccessManager">
+ <interface.java interface="org.apache.photark.security.authorization.services.AccessManager"/>
+ <binding.sca name="local"/>
+ </service>
+ <reference name="repositoryManager" target="RepositoryManager"/>
+ </component>
</composite>