@Service(value={org.apache.jackrabbit.oak.spi.security.authorization.AuthorizationConfiguration.class,org.apache.jackrabbit.oak.spi.security.SecurityConfiguration.class})
@Properties(value={@Property(name="cugSupportedPaths",label="Supported Paths",description="Paths under which CUGs can be created and will be evaluated.",cardinality=2147483647),@Property(name="cugEnabled",label="CUG Enabled",description="Flag to enable the evaluation of the configured CUG policies.",boolValue=false),@Property(name="configurationRanking",label="Ranking",description="Ranking of this configuration in a setup with multiple authorization configurations.",intValue=200)})
public class CugConfiguration
extends org.apache.jackrabbit.oak.spi.security.ConfigurationBase
implements org.apache.jackrabbit.oak.spi.security.authorization.AuthorizationConfiguration
| Modifier and Type | Field and Description |
|---|---|
static String |
MIX_REP_CUG_MIXIN
The name of the mixin type that defines the CUG policy node.
|
static String |
NT_REP_CUG_POLICY
The primary node type name of the CUG policy node.
|
static String |
PARAM_CUG_ENABLED
Name of the configuration option that specifies if CUG content must
be respected for permission evaluation.
|
static String |
PARAM_CUG_SUPPORTED_PATHS
Name of the configuration option that specifies the subtrees that allow
to define closed user groups.
|
static String |
REP_CUG_POLICY
The name of the CUG policy node.
|
static String |
REP_PRINCIPAL_NAMES
The name of the property that stores the principal names that are allowed
to access the restricted area defined by the CUG (closed user group).
|
| Constructor and Description |
|---|
CugConfiguration() |
CugConfiguration(org.apache.jackrabbit.oak.spi.security.SecurityProvider securityProvider) |
| Modifier and Type | Method and Description |
|---|---|
protected void |
activate() |
AccessControlManager |
getAccessControlManager(org.apache.jackrabbit.oak.api.Root root,
org.apache.jackrabbit.oak.namepath.NamePathMapper namePathMapper) |
org.apache.jackrabbit.oak.spi.security.Context |
getContext() |
String |
getName() |
org.apache.jackrabbit.oak.spi.security.authorization.permission.PermissionProvider |
getPermissionProvider(org.apache.jackrabbit.oak.api.Root root,
String workspaceName,
Set<Principal> principals) |
List<org.apache.jackrabbit.oak.spi.xml.ProtectedItemImporter> |
getProtectedItemImporters() |
org.apache.jackrabbit.oak.spi.lifecycle.RepositoryInitializer |
getRepositoryInitializer() |
org.apache.jackrabbit.oak.spi.security.authorization.restriction.RestrictionProvider |
getRestrictionProvider() |
List<? extends org.apache.jackrabbit.oak.spi.commit.ValidatorProvider> |
getValidators(String workspaceName,
Set<Principal> principals,
org.apache.jackrabbit.oak.spi.commit.MoveTracker moveTracker) |
getParameters, getSecurityProvider, setParameters, setSecurityProvidergetCommitHooks, getWorkspaceInitializerpublic static final String MIX_REP_CUG_MIXIN
public static final String NT_REP_CUG_POLICY
public static final String REP_CUG_POLICY
public static final String REP_PRINCIPAL_NAMES
public static final String PARAM_CUG_SUPPORTED_PATHS
public static final String PARAM_CUG_ENABLED
public CugConfiguration()
public CugConfiguration(@Nonnull org.apache.jackrabbit.oak.spi.security.SecurityProvider securityProvider)
@Nonnull public AccessControlManager getAccessControlManager(@Nonnull org.apache.jackrabbit.oak.api.Root root, @Nonnull org.apache.jackrabbit.oak.namepath.NamePathMapper namePathMapper)
getAccessControlManager in interface org.apache.jackrabbit.oak.spi.security.authorization.AuthorizationConfiguration@Nonnull public org.apache.jackrabbit.oak.spi.security.authorization.restriction.RestrictionProvider getRestrictionProvider()
getRestrictionProvider in interface org.apache.jackrabbit.oak.spi.security.authorization.AuthorizationConfiguration@Nonnull public org.apache.jackrabbit.oak.spi.security.authorization.permission.PermissionProvider getPermissionProvider(@Nonnull org.apache.jackrabbit.oak.api.Root root, @Nonnull String workspaceName, @Nonnull Set<Principal> principals)
getPermissionProvider in interface org.apache.jackrabbit.oak.spi.security.authorization.AuthorizationConfiguration@Nonnull public String getName()
getName in interface org.apache.jackrabbit.oak.spi.security.SecurityConfigurationgetName in class org.apache.jackrabbit.oak.spi.security.SecurityConfiguration.Default@Nonnull public org.apache.jackrabbit.oak.spi.lifecycle.RepositoryInitializer getRepositoryInitializer()
getRepositoryInitializer in interface org.apache.jackrabbit.oak.spi.security.SecurityConfigurationgetRepositoryInitializer in class org.apache.jackrabbit.oak.spi.security.SecurityConfiguration.Default@Nonnull public List<? extends org.apache.jackrabbit.oak.spi.commit.ValidatorProvider> getValidators(@Nonnull String workspaceName, @Nonnull Set<Principal> principals, @Nonnull org.apache.jackrabbit.oak.spi.commit.MoveTracker moveTracker)
getValidators in interface org.apache.jackrabbit.oak.spi.security.SecurityConfigurationgetValidators in class org.apache.jackrabbit.oak.spi.security.SecurityConfiguration.Default@Nonnull public List<org.apache.jackrabbit.oak.spi.xml.ProtectedItemImporter> getProtectedItemImporters()
getProtectedItemImporters in interface org.apache.jackrabbit.oak.spi.security.SecurityConfigurationgetProtectedItemImporters in class org.apache.jackrabbit.oak.spi.security.SecurityConfiguration.Default@Nonnull public org.apache.jackrabbit.oak.spi.security.Context getContext()
getContext in interface org.apache.jackrabbit.oak.spi.security.SecurityConfigurationgetContext in class org.apache.jackrabbit.oak.spi.security.SecurityConfiguration.Default@Activate
protected void activate()
throws IOException,
org.apache.jackrabbit.oak.api.CommitFailedException,
PrivilegedActionException,
RepositoryException
IOExceptionorg.apache.jackrabbit.oak.api.CommitFailedExceptionPrivilegedActionExceptionRepositoryExceptionCopyright © 2012-2015 The Apache Software Foundation. All Rights Reserved.