Configuration using AuthenticationProvider/AuthorizationProvider
djg2002 Mar 29, 2012 1:29 PMThis is sort of a continuation of the previous thread I had on this but since I've figured out the issues I had with loading the JcrEngine I figured it warrants a new thread.
Everything works fine as anonymous, so I've removed JAAS config, and revoked anonymous access in the config below. I followed the outline in docs section 6.5.2
My CustomAuthenticationProvider
is instantiated by Spring and the SecurityContext
is injected into it, but the public ExecutionContext authenticate(...) method never gets called.
I put@PostConstruct
methods to confirm everything is getting configured so any idea why I don't get the providers CustomSecurityContext? Classes also below for reference
Config:
<mode:repositories>
<mode:repository jcr:name="tbuk_repository" mode:source="file_system_source">
<mode:options jcr:primaryType="mode:options">
<jaasLoginConfigName jcr:primaryType="mode:option" mode:value="" />
<anonymousUserRoles jcr:primaryType="mode:option" mode:value="" />
</mode:options>
<mode:authenticationProviders>
<mode:authenticationProvider jcr:name="customModeshapeAuthenticationProvider"
mode:classname="com.uk.tech.jcr.security.CustomAuthenticationProvider" />
</mode:authenticationProviders>
</mode:repository>
</mode:repositories>
<mode:sources jcr:primaryType="nt:unstructured">
<mode:source jcr:name="file_system_source" mode:classname="org.modeshape.connector.filesystem.FileSystemSource" ...
.../>
my AuthenticationProvider:
@Configurable (preConstruction = true)
public class CustomAuthenticationProvider implements AuthenticationProvider {
@Autowired
SecurityContext securityContext;
private static final Logger log = LogUtil.getLogger();
@PostConstruct
public void postC() {
// This is executed ok
if (securityContext != null) {
log.info("In @PostConstruct, SecurityContext class : " + securityContext.getClass().getName());
}
else {
log.warn("In @PostConstruct, SecurityContext is NULL");
}
}
@Override
public ExecutionContext authenticate(Credentials credentials, String repositoryName, String workspaceName, ExecutionContext repositoryContext, Map<String, Object> sessionAttributes) {
// Doesn't get executed
log.info("Enriching ExecutionContext with SecurityContext for user {}", securityContext.getUserName());
System.out.println("\n\n\n&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&\n\n\n"); // Make any execution stand out a mile
return repositoryContext.with(securityContext);
}
}
my SecurityContext:
@Component
public class CustomSecurityContextImpl implements SecurityContext, AuthorizationProvider {
@Autowired
CustomUserDetailsManager userDetailsManager;
@Autowired
WorkspaceRole workspaceRole;
private static final Logger log = LogUtil.getLogger();
@PostConstruct
public void postC() {
// Executes ok, but rest of the methods are never called
log.info("In @PostConstruct {}");
}
...
}