javax.jcr.SimpleCredentials Java Examples

@Override
public void setApplicationContext(ApplicationContext applicationContext) throws BeansException {
	try {
		repository = repositoryBuilder.getRepository();
		SimpleCredentials cred = new SimpleCredentials("admin", "admin".toCharArray());
		cred.setAttribute("AutoRefresh", true);
		session = repository.login(cred, null);
		versionManager = session.getWorkspace().getVersionManager();
		lockManager=session.getWorkspace().getLockManager();
		Collection<RepositoryInteceptor> repositoryInteceptors=applicationContext.getBeansOfType(RepositoryInteceptor.class).values();
		if(repositoryInteceptors.size()==0){
			repositoryInteceptor=new DefaultRepositoryInteceptor();
		}else{
			repositoryInteceptor=repositoryInteceptors.iterator().next();
		}
	} catch (Exception ex) {
		throw new RuleException(ex);
	}
}
 

/**
 * Method to authenticate a {@code Subject} (phase 1).
 *
 * <p> The implementation of this method authenticates
 * a {@code Subject}.  For example, it may prompt for
 * {@code Subject} information such
 * as a username and password and then attempt to verify the password.
 * This method saves the result of the authentication attempt
 * as private state within the LoginModule.
 *
 * <p>
 *
 * @return true if the authentication succeeded, or false if this
 * {@code LoginModule} should be ignored.
 * @throws LoginException if the authentication fails
 */
@Override
public boolean login() throws LoginException {
    Credentials credentials = getCredentials();
    if (credentials instanceof Saml2Credentials) {
        final String userId = ((Saml2Credentials) credentials).getUserId();
        if (userId == null) {
            logger.warn("Could not extract userId from credentials");
        } else {
            sharedState.put(SHARED_KEY_PRE_AUTH_LOGIN, new PreAuthenticatedLogin(userId));
            sharedState.put(SHARED_KEY_CREDENTIALS, new SimpleCredentials(userId, new char[0]));
            sharedState.put(SHARED_KEY_LOGIN_NAME, userId);
            logger.debug("Adding pre-authenticated login user '{}' to shared state.", userId);
        }
    }
    return false;
}
 

@Override
public boolean start(Session session) throws RepositoryException {
    if (result.getState() != Result.State.NEW) {
        throw new IllegalStateException("Unable to start task " + id + ". wrong state = " + result.getState());
    }
    // clone session
    dstSession = session.impersonate(new SimpleCredentials(session.getUserID(), new char[0]));
    ClassLoader dynLoader = mgr.getDynamicClassLoader();
    ClassLoader oldLoader = Thread.currentThread().getContextClassLoader();
    Thread.currentThread().setContextClassLoader(dynLoader);
    try {
        srcSession = getSourceSession(src);
    } finally {
        Thread.currentThread().setContextClassLoader(oldLoader);
    }

    thread  = new Thread(this, "Vault RCP Task - " + id);
    thread.setContextClassLoader(dynLoader);
    thread.start();
    return true;
}
 

/**
 * Returns JCR credentials from the URI or {@code null} if no user info
 * is specified.
 * @return the creds
 */
@Nullable
public Credentials getCredentials() {
    String userinfo = uri.getUserInfo();
    if (userinfo == null) {
        return null;
    } else {
        int idx = userinfo.indexOf(':');
        if (idx < 0) {
            return new SimpleCredentials(userinfo, new char[0]);
        } else {
            return new SimpleCredentials(
                    userinfo.substring(0, idx),
                    userinfo.substring(idx+1).toCharArray());
        }
    }

}
 

@Test
public void testAdditionalAdminGroup() throws Exception {
    JackrabbitSession jackrabbitSession = (JackrabbitSession) admin;
    Authorizable admins = jackrabbitSession.getUserManager().getAuthorizable("myadmins");
    if (admins == null) {
        admins = jackrabbitSession.getUserManager().createGroup("myadmins");
    }
    Group adminsGroup = (Group) admins;
    User testUser = (User) jackrabbitSession.getUserManager().getAuthorizable(TEST_USER);
    if (testUser == null) {
        testUser = jackrabbitSession.getUserManager().createUser(TEST_USER, TEST_USER);
    }
    adminsGroup.addMember(testUser);
    admin.save();
    Session session = repository.login(new SimpleCredentials(TEST_USER, TEST_USER.toCharArray()));
    try {
        assertTrue(
                "user \"" + TEST_USER + "\" has been added to additional administrators group thus should have admin permissions",
                AdminPermissionChecker.hasAdministrativePermissions(session, "myadmins"));
    } finally {
        session.logout();
    }
}
 

@Test
public void testAdditionalAdminUser() throws AccessDeniedException, UnsupportedRepositoryOperationException, RepositoryException {
    JackrabbitSession jackrabbitSession = (JackrabbitSession) admin;
    Authorizable vip = jackrabbitSession.getUserManager().getAuthorizable(TEST_USER);
    assertNull("test user must not exist", vip);

    jackrabbitSession.getUserManager().createUser(TEST_USER, TEST_USER);
    admin.save();

    Session session = repository.login(new SimpleCredentials(TEST_USER, TEST_USER.toCharArray()));
    try {
        assertTrue(
                "\"" + TEST_USER + "\" is additional admin/system thus should have admin permissions",
                AdminPermissionChecker.hasAdministrativePermissions(session, TEST_USER));
    } finally {
        session.logout();
    }
}
 

@Test
public void testAdminGroup() throws Exception {
    JackrabbitSession jackrabbitSession = (JackrabbitSession) admin;
    Authorizable admins = jackrabbitSession.getUserManager().getAuthorizable("administrators");
    if (admins == null) {
        admins = jackrabbitSession.getUserManager().createGroup("administrators");
    }
    Group adminsGroup = (Group) admins;
    User testUser = (User) jackrabbitSession.getUserManager().getAuthorizable(TEST_USER);
    if (testUser == null) {
        testUser = jackrabbitSession.getUserManager().createUser(TEST_USER, TEST_USER);
    }
    adminsGroup.addMember(testUser);
    admin.save();
    Session session = repository.login(new SimpleCredentials(TEST_USER, TEST_USER.toCharArray()));
    try {
        assertTrue(
                "user \"" + TEST_USER + "\" has been added to administrators group thus should have admin permissions",
                AdminPermissionChecker.hasAdministrativePermissions(session));
    } finally {
        session.logout();
    }
}
 

@Before
public void setUp() throws Exception {
    admin = repository.login(new SimpleCredentials("admin", "admin".toCharArray()));

    // ensure not packages or tmp
    clean("/etc");
    clean("/var");
    clean("/tmp");
    clean("/testroot");

    packMgr = new JcrPackageManagerImpl(admin, new String[0]);

    PackageEventDispatcherImpl dispatcher = new PackageEventDispatcherImpl();
    dispatcher.bindPackageEventListener(new ActivityLog(), Collections.singletonMap("component.id", (Object) "1234"));
    packMgr.setDispatcher(dispatcher);

    preTestAuthorizables = getAllAuthorizableIds();
}
 

@Test
public void testNotAdminUser() throws Exception {
    JackrabbitSession jackrabbitSession = (JackrabbitSession) admin;
    Authorizable vip = jackrabbitSession.getUserManager().getAuthorizable(TEST_USER);
    assertNull("test user must not exist", vip);

    jackrabbitSession.getUserManager().createUser(TEST_USER, TEST_USER);
    admin.save();

    Session session = repository.login(new SimpleCredentials(TEST_USER, TEST_USER.toCharArray()));
    try {
        assertFalse(
                "\"" + TEST_USER + "\" is not admin/system and doesn't belong to administrators thus shouldn't have admin permissions",
                AdminPermissionChecker.hasAdministrativePermissions(session));
    } finally {
        session.logout();
    }
}
 

@Bean
public ContentSessionFactory jcrSessionFactory() throws Exception {
    ContentSessionFactory bean = new ContentSessionFactory();
    bean.setRepository(repository().getObject());
    bean.setCredentials(new SimpleCredentials("hainguyen", "esofthead321"
            .toCharArray()));
    return bean;
}
 

@Bean
public PageSessionFactory pageJcrSessionFactory() throws Exception {
    PageSessionFactory bean = new PageSessionFactory();
    bean.setRepository(pageRepository().getObject());
    bean.setCredentials(new SimpleCredentials("hainguyen", "esofthead321"
            .toCharArray()));
    return bean;
}
 

public void storeCredentials(RepositoryAddress mountpoint, Credentials creds) {
    if (!(creds instanceof SimpleCredentials)) {
        if (creds != null) {
            log.error("Unable to store non-simple credentials of type " + creds.getClass().getName());
        }
        return;
    }
    Credentials currentCreds = fetchCredentials(mountpoint);
    if (creds.equals(currentCreds)) {
        // don't update if already stored
        return;
    }

    SimpleCredentials simpleCredentials = (SimpleCredentials) creds;
    if (storeEnabled ||
            "admin".equals(simpleCredentials.getUserID()) && "admin".equals(new String(simpleCredentials.getPassword()))) {
        VaultAuthConfig.RepositoryConfig cfg  = new VaultAuthConfig.RepositoryConfig(getLookupId(mountpoint));
        cfg.addCredsConfig(new SimpleCredentialsConfig(simpleCredentials));
        config.addRepositoryConfig(cfg);
        try {
            config.save();
            log.warn("Credentials for {} updated in {}.", mountpoint, config.getConfigFile().getPath());
        } catch (IOException e) {
            log.error("Error while saving auth configuration: {} ", e.toString());
        }
    }
}
 

private static Credentials fromUserPass(String userPass) {
    if (userPass != null) {
        int idx = userPass.indexOf(':');
        if (idx > 0) {
            return new SimpleCredentials(userPass.substring(0, idx), userPass.substring(idx + 1).toCharArray());
        } else {
            return new SimpleCredentials(userPass, new char[0]);
        }
    }
    return null;
}
 

/**
 * Test if package extraction works w/o RW access to / and /tmp.
 */
@Test
public void testExtractWithoutRootAndTmpAccess() throws IOException, RepositoryException, ConfigurationException, PackageException {
    Assume.assumeTrue(!isOak());

    JcrPackage pack = packMgr.upload(getStream("/test-packages/tmp_foo.zip"), true, true);
    assertNotNull(pack);
    assertTrue(pack.isValid());
    PackageId id = pack.getPackage().getId();
    pack.close();

    // Create test user
    UserManager userManager = ((JackrabbitSession)admin).getUserManager();
    String userId = "user1";
    String userPwd = "pwd1";
    User user1 = userManager.createUser(userId, userPwd);
    Principal principal1 = user1.getPrincipal();

    // Create /tmp folder
    admin.getRootNode().addNode("tmp").addNode("foo");
    admin.save();

    // Setup test user ACLs such that the
    // root node is not accessible
    AccessControlUtils.addAccessControlEntry(admin, null, principal1, new String[]{"jcr:namespaceManagement","jcr:nodeTypeDefinitionManagement"}, true);
    AccessControlUtils.addAccessControlEntry(admin, "/", principal1, new String[]{"jcr:all"}, false);
    AccessControlUtils.addAccessControlEntry(admin, ((JcrPackageRegistry)packMgr.getRegistry()).getPackRootPaths()[0], principal1, new String[]{"jcr:all"}, true);
    AccessControlUtils.addAccessControlEntry(admin, "/tmp/foo", principal1, new String[]{"jcr:all"}, true);
    admin.save();

    Session session = repository.login(new SimpleCredentials(userId, userPwd.toCharArray()));
    JcrPackageManagerImpl userPackMgr = new JcrPackageManagerImpl(session, new String[0], null, null);
    pack = userPackMgr.open(id);
    ImportOptions opts = getDefaultOptions();
    pack.extract(opts);
    pack.close();
    session.logout();

    assertNodeExists("/tmp/foo/bar/tobi");
}
 

/**
 * Tests if package installation works w/o RW access to / and /tmp.
 * this currently fails, due to the creation of the snapshot.
 * also see {@link TestNoRootAccessExport#exportNoRootAccess()}
 */
@Test
@Ignore("JCRVLT-100")
public void testInstallWithoutRootAndTmpAccess() throws IOException, RepositoryException, ConfigurationException, PackageException {
    JcrPackage pack = packMgr.upload(getStream("/test-packages/tmp_foo.zip"), true, true);
    assertNotNull(pack);
    assertTrue(pack.isValid());
    PackageId id = pack.getPackage().getId();
    pack.close();

    // Create test user
    UserManager userManager = ((JackrabbitSession)admin).getUserManager();
    String userId = "user1";
    String userPwd = "pwd1";
    User user1 = userManager.createUser(userId, userPwd);
    Principal principal1 = user1.getPrincipal();

    // Create /tmp folder
    admin.getRootNode().addNode("tmp").addNode("foo");
    admin.save();

    // Setup test user ACLs such that the
    // root node is not accessible
    AccessControlUtils.addAccessControlEntry(admin, null, principal1, new String[]{"jcr:namespaceManagement","jcr:nodeTypeDefinitionManagement"}, true);
    AccessControlUtils.addAccessControlEntry(admin, "/", principal1, new String[]{"jcr:all"}, false);
    AccessControlUtils.addAccessControlEntry(admin, ((JcrPackageRegistry)packMgr.getRegistry()).getPackRootPaths()[0], principal1, new String[]{"jcr:all"}, true);
    AccessControlUtils.addAccessControlEntry(admin, "/tmp/foo", principal1, new String[]{"jcr:all"}, true);
    admin.save();

    Session session = repository.login(new SimpleCredentials(userId, userPwd.toCharArray()));
    JcrPackageManagerImpl userPackMgr = new JcrPackageManagerImpl(session, new String[0], null, null);
    pack = userPackMgr.open(id);
    ImportOptions opts = getDefaultOptions();
    pack.install(opts);
    pack.close();
    session.logout();

    assertNodeExists("/tmp/foo/bar/tobi");
}
 

/**
 * Installs a package with an install hook and an explicitly allowed user
 */
@Test
public void testHookWithAllowedNonAdminUser() throws RepositoryException, IOException, PackageException {
    if (admin.nodeExists("/testroot")) {
        admin.getNode("/testroot").remove();
    }
    admin.getRootNode().addNode("testroot", "nt:unstructured").addNode("testnode", "nt:unstructured");
    admin.save();
    
    // Create test user
    UserManager userManager = ((JackrabbitSession)admin).getUserManager();
    String userId = "user1";
    String userPwd = "pwd1";
    User user1 = userManager.createUser(userId, userPwd);
    Principal principal1 = user1.getPrincipal();
    
    // Setup test user ACLs that there are no restrictions
    AccessControlUtils.addAccessControlEntry(admin, null, principal1, new String[]{"jcr:namespaceManagement","jcr:nodeTypeDefinitionManagement"}, true);
    AccessControlUtils.addAccessControlEntry(admin, "/", principal1, new String[]{"jcr:all"}, true);
    admin.save();
    
    Session userSession = repository.login(new SimpleCredentials(userId, userPwd.toCharArray()));
    try {
        packMgr = new JcrPackageManagerImpl(userSession, new String[0], new String[] {"user1"}, null);

        PackageEventDispatcherImpl dispatcher = new PackageEventDispatcherImpl();
        dispatcher.bindPackageEventListener(new ActivityLog(), Collections.singletonMap("component.id", (Object) "1234"));
        packMgr.setDispatcher(dispatcher);
        
        JcrPackage pack = packMgr.upload(getStream("/test-packages/test_hook.zip"), false);
        assertNotNull(pack);
        packMgr.getInternalRegistry().installPackage(userSession, new JcrRegisteredPackage(pack), getDefaultOptions(), true);
        assertTrue(admin.propertyExists("/testroot/hook-example"));
        
    } finally {
        userSession.logout();
    }
}
 

/**
 * Installs a package with an install hook and a not allowed user
 */
@Test
public void testHookWithNotAllowedNonAdminUser() throws RepositoryException, IOException, PackageException {
    if (admin.nodeExists("/testroot")) {
        admin.getNode("/testroot").remove();
    }
    admin.getRootNode().addNode("testroot", "nt:unstructured").addNode("testnode", "nt:unstructured");
    admin.save();
    
    // Create test user
    UserManager userManager = ((JackrabbitSession)admin).getUserManager();
    String userId = "user1";
    String userPwd = "pwd1";
    User user1 = userManager.createUser(userId, userPwd);
    Principal principal1 = user1.getPrincipal();
    
    // Setup test user ACLs that there are no restrictions
    AccessControlUtils.addAccessControlEntry(admin, null, principal1, new String[]{"jcr:namespaceManagement","jcr:nodeTypeDefinitionManagement"}, true);
    AccessControlUtils.addAccessControlEntry(admin, "/", principal1, new String[]{"jcr:all"}, true);
    admin.save();
    
    Session userSession = repository.login(new SimpleCredentials(userId, userPwd.toCharArray()));
    try {
        packMgr = new JcrPackageManagerImpl(userSession, new String[0], null, null);

        PackageEventDispatcherImpl dispatcher = new PackageEventDispatcherImpl();
        dispatcher.bindPackageEventListener(new ActivityLog(), Collections.singletonMap("component.id", (Object) "1234"));
        packMgr.setDispatcher(dispatcher);
        
        JcrPackage pack = packMgr.upload(getStream("/test-packages/test_hook.zip"), false);
        assertNotNull(pack);
        thrown.expect(PackageException.class);
        thrown.expectMessage("Package extraction requires admin session as it has a hook");
        packMgr.getInternalRegistry().installPackage(userSession, new JcrRegisteredPackage(pack), getDefaultOptions(), true);
        
    
    } finally {
        userSession.logout();
    }
}
 

@Test
public void testImportWithoutRootAndTmpAccess() throws IOException, RepositoryException, ConfigurationException {
    Assume.assumeTrue(!isOak());

    // Create test user
    UserManager userManager = ((JackrabbitSession)admin).getUserManager();
    String userId = "user1";
    String userPwd = "pwd1";
    User user1 = userManager.createUser(userId, userPwd);
    Principal principal1 = user1.getPrincipal();

    // Create /tmp folder
    admin.getRootNode().addNode("tmp").addNode("foo");
    admin.save();

    // Setup test user ACLs such that the
    // root node is not accessible
    AccessControlUtils.addAccessControlEntry(admin, null, principal1, new String[]{"jcr:namespaceManagement","jcr:nodeTypeDefinitionManagement"}, true);
    AccessControlUtils.addAccessControlEntry(admin, "/", principal1, new String[]{"jcr:all"}, false);
    AccessControlUtils.addAccessControlEntry(admin, "/tmp/foo", principal1, new String[]{"jcr:all"}, true);
    admin.save();

    // Import with a session associated to the test user
    Session session = repository.login(new SimpleCredentials(userId, userPwd.toCharArray()));
    ZipArchive archive = new ZipArchive(getTempFile("/test-packages/tmp_foo.zip"));
    archive.open(true);
    ImportOptions opts = getDefaultOptions();
    Importer importer = new Importer(opts);
    importer.run(archive, session, "/");
    session.logout();

    assertNodeExists("/tmp/foo/bar/tobi");
}
 

@Test
public void testImportWithoutRootAccess() throws IOException, RepositoryException, ConfigurationException {
    Assume.assumeTrue(!isOak());

    // Create test user
    UserManager userManager = ((JackrabbitSession)admin).getUserManager();
    String userId = "user1";
    String userPwd = "pwd1";
    User user1 = userManager.createUser(userId, userPwd);
    Principal principal1 = user1.getPrincipal();

    // Create /tmp folder
    admin.getRootNode().addNode("tmp");
    admin.save();

    // Setup test user ACLs such that the
    // root node is not accessible
    AccessControlUtils.addAccessControlEntry(admin, null, principal1, new String[]{"jcr:namespaceManagement","jcr:nodeTypeDefinitionManagement"}, true);
    AccessControlUtils.addAccessControlEntry(admin, "/", principal1, new String[]{"jcr:all"}, false);
    AccessControlUtils.addAccessControlEntry(admin, "/tmp", principal1, new String[]{"jcr:all"}, true);
    admin.save();

    // Import with a session associated to the test user
    Session session = repository.login(new SimpleCredentials(userId, userPwd.toCharArray()));
    ZipArchive archive = new ZipArchive(getTempFile("/test-packages/tmp.zip"));
    archive.open(true);
    ImportOptions opts = getDefaultOptions();
    Importer importer = new Importer(opts);
    importer.run(archive, session, "/");
    session.logout();

    assertNodeExists("/tmp/foo/bar/tobi");
}
 

private void install_moved_user_with_rep_cache(ImportMode mode) throws RepositoryException, IOException, PackageException {
    UserManager mgr = ((JackrabbitSession) admin).getUserManager();
    User u = mgr.createUser(ID_TEST_USER_A, ID_TEST_PASSWORD);
    String newPath = u.getPath() + "_moved";
    admin.move(u.getPath(), newPath);
    admin.save();

    Group g = mgr.createGroup(ID_TEST_GROUP_A);
    g.addMember(u);
    admin.save();

    // login to the repository to generate some rep:cache nodes
    repository.login(new SimpleCredentials(ID_TEST_USER_A, ID_TEST_PASSWORD.toCharArray())).logout();
    admin.refresh(false);

    // ensure that there is a rep:cache node
    assertNodeExists(newPath + "/rep:cache");

    // install user package
    JcrPackage pack = packMgr.upload(getStream("/test-packages/test_user_a.zip"), false);
    assertNotNull(pack);
    ImportOptions opts = getDefaultOptions();
    opts.setImportMode(mode);
    pack.install(opts);

    // check if user exists
    User userA = (User) mgr.getAuthorizable(ID_TEST_USER_A);
    assertNotNull("test-user-a must exist", userA);
}
 

@Before
public void setUp() throws Exception {
    repository = createRepository();
    adminSession = repository.login(new SimpleCredentials(UserConstants.DEFAULT_ADMIN_ID, UserConstants.DEFAULT_ADMIN_ID.toCharArray()));
    createUsers(adminSession);
    adminSession.save();
}
 

public void testGetCredentials() throws Exception {
    String user = "my-user";
    String password = "p!@#$%^&*ass";
    String creds = Text.escape(user + ":" + password);
    RepositoryAddress ra = new RepositoryAddress("http://" + creds + "@localhost:8080/-/jcr:root");

    SimpleCredentials sc = (SimpleCredentials) ra.getCredentials();
    assertEquals("userId", user, sc.getUserID());
    assertEquals("password", password, new String(sc.getPassword()));
}
 

private boolean checkLogin(Repository repository) throws RepositoryException {
  boolean loginSuccessful = true;
  Credentials credentials = new SimpleCredentials(userId, userPassword.toCharArray());
  try {
    repository.login(credentials).logout();
  } catch (LoginException e) {
    loginSuccessful = false;
  }
  return loginSuccessful;
}
 

public Session login() throws RepositoryException {
    return repository.login(new SimpleCredentials("admin", "admin".toCharArray()));
}
 

private static Session getSession(final TransientRepository repository) throws RepositoryException {
    return repository.login(new SimpleCredentials(USER_ID, PASSWORD));
}
 

private static Session getSession(final TransientRepository repository) throws RepositoryException {
    return repository.login(new SimpleCredentials(USER_ID, PASSWORD_CHARS));
}
 

private Session openSession() throws RepositoryException {
    return repository.login(new SimpleCredentials("user", "pass".toCharArray()));
}
 

@Override
public Class<?> getObjectType() {
    return SimpleCredentials.class;
}
 

void relogin() throws RepositoryException {
    admin.logout();
    admin = repository.login(new SimpleCredentials("admin", "admin".toCharArray()));

}
 

private Instance()
        throws RepositoryException {
    repository = new Jcr().createRepository();
    admin = repository.login(new SimpleCredentials("admin", "admin".toCharArray()));
    packMgr = new JcrPackageManagerImpl(admin, new String[0]);
}