@Service(value={org.apache.jackrabbit.oak.spi.security.authorization.AuthorizationConfiguration.class,org.apache.jackrabbit.oak.spi.security.SecurityConfiguration.class})
@Property(name="cugSupportedPaths",label="Supported Paths",description="Paths under which CUGs can be created and will be evaluated.",cardinality=2147483647) @Property(name="cugEnabled",label="CUG Evaluation Enabled",description="Flag to enable the evaluation of the configured CUG policies.",boolValue=false) @Property(name="configurationRanking",label="Ranking",description="Ranking of this configuration in a setup with multiple authorization configurations.",intValue=200) @Property(name="oak.security.name",propertyPrivate=true,value="org.apache.jackrabbit.oak.spi.security.authorization.cug.impl.CugConfiguration")
public class CugConfiguration
extends org.apache.jackrabbit.oak.spi.security.ConfigurationBase
implements org.apache.jackrabbit.oak.spi.security.authorization.AuthorizationConfiguration
| Modifier and Type | Field and Description |
|---|---|
static String |
HIDDEN_NESTED_CUGS
The name of the hidden property that stores information about nested
CUG policy nodes.
|
static String |
HIDDEN_TOP_CUG_CNT
The name of the hidden property that stores information about the number
of CUG roots located close to the root node.
|
static String |
MIX_REP_CUG_MIXIN
The name of the mixin type that defines the CUG policy node.
|
static String |
NT_REP_CUG_POLICY
The primary node type name of the CUG policy node.
|
static String |
PARAM_CUG_ENABLED
Name of the configuration option that specifies if CUG content must
be respected for permission evaluation.
|
static String |
PARAM_CUG_SUPPORTED_PATHS
Name of the configuration option that specifies the subtrees that allow
to define closed user groups.
|
static String |
REP_CUG_POLICY
The name of the CUG policy node.
|
static String |
REP_PRINCIPAL_NAMES
The name of the property that stores the principal names that are allowed
to access the restricted area defined by the CUG (closed user group).
|
| Constructor and Description |
|---|
CugConfiguration() |
CugConfiguration(@NotNull org.apache.jackrabbit.oak.spi.security.SecurityProvider securityProvider) |
| Modifier and Type | Method and Description |
|---|---|
protected void |
activate(Map<String,Object> properties) |
void |
bindExclude(CugExclude exclude) |
void |
bindMountInfoProvider(org.apache.jackrabbit.oak.spi.mount.MountInfoProvider mountInfoProvider) |
@NotNull javax.jcr.security.AccessControlManager |
getAccessControlManager(@NotNull org.apache.jackrabbit.oak.api.Root root,
@NotNull org.apache.jackrabbit.oak.namepath.NamePathMapper namePathMapper) |
@NotNull List<? extends org.apache.jackrabbit.oak.spi.commit.CommitHook> |
getCommitHooks(@NotNull String workspaceName) |
@NotNull org.apache.jackrabbit.oak.spi.security.Context |
getContext() |
@NotNull String |
getName() |
@NotNull org.apache.jackrabbit.oak.spi.security.authorization.permission.PermissionProvider |
getPermissionProvider(@NotNull org.apache.jackrabbit.oak.api.Root root,
@NotNull String workspaceName,
@NotNull Set<Principal> principals) |
@NotNull List<org.apache.jackrabbit.oak.spi.xml.ProtectedItemImporter> |
getProtectedItemImporters() |
@NotNull org.apache.jackrabbit.oak.spi.lifecycle.RepositoryInitializer |
getRepositoryInitializer() |
@NotNull org.apache.jackrabbit.oak.spi.security.authorization.restriction.RestrictionProvider |
getRestrictionProvider() |
@NotNull List<? extends org.apache.jackrabbit.oak.spi.commit.ValidatorProvider> |
getValidators(@NotNull String workspaceName,
@NotNull Set<Principal> principals,
@NotNull org.apache.jackrabbit.oak.spi.commit.MoveTracker moveTracker) |
protected void |
modified(Map<String,Object> properties) |
void |
setParameters(@NotNull org.apache.jackrabbit.oak.spi.security.ConfigurationParameters config) |
void |
unbindExclude(CugExclude exclude) |
void |
unbindMountInfoProvider(org.apache.jackrabbit.oak.spi.mount.MountInfoProvider mountInfoProvider) |
getParameters, getRootProvider, getSecurityProvider, getTreeProvider, setRootProvider, setSecurityProvider, setTreeProvidergetConflictHandlers, getWorkspaceInitializerpublic static final String MIX_REP_CUG_MIXIN
public static final String NT_REP_CUG_POLICY
public static final String REP_CUG_POLICY
public static final String HIDDEN_NESTED_CUGS
public static final String HIDDEN_TOP_CUG_CNT
public static final String REP_PRINCIPAL_NAMES
public static final String PARAM_CUG_SUPPORTED_PATHS
public static final String PARAM_CUG_ENABLED
public CugConfiguration()
public CugConfiguration(@NotNull
@NotNull org.apache.jackrabbit.oak.spi.security.SecurityProvider securityProvider)
@NotNull
public @NotNull javax.jcr.security.AccessControlManager getAccessControlManager(@NotNull
@NotNull org.apache.jackrabbit.oak.api.Root root,
@NotNull
@NotNull org.apache.jackrabbit.oak.namepath.NamePathMapper namePathMapper)
getAccessControlManager in interface org.apache.jackrabbit.oak.spi.security.authorization.AuthorizationConfiguration@NotNull public @NotNull org.apache.jackrabbit.oak.spi.security.authorization.restriction.RestrictionProvider getRestrictionProvider()
getRestrictionProvider in interface org.apache.jackrabbit.oak.spi.security.authorization.AuthorizationConfiguration@NotNull
public @NotNull org.apache.jackrabbit.oak.spi.security.authorization.permission.PermissionProvider getPermissionProvider(@NotNull
@NotNull org.apache.jackrabbit.oak.api.Root root,
@NotNull
@NotNull String workspaceName,
@NotNull
@NotNull Set<Principal> principals)
getPermissionProvider in interface org.apache.jackrabbit.oak.spi.security.authorization.AuthorizationConfiguration@NotNull public @NotNull String getName()
getName in interface org.apache.jackrabbit.oak.spi.security.SecurityConfigurationgetName in class org.apache.jackrabbit.oak.spi.security.SecurityConfiguration.Default@NotNull public @NotNull org.apache.jackrabbit.oak.spi.lifecycle.RepositoryInitializer getRepositoryInitializer()
getRepositoryInitializer in interface org.apache.jackrabbit.oak.spi.security.SecurityConfigurationgetRepositoryInitializer in class org.apache.jackrabbit.oak.spi.security.SecurityConfiguration.Default@NotNull public @NotNull List<? extends org.apache.jackrabbit.oak.spi.commit.CommitHook> getCommitHooks(@NotNull @NotNull String workspaceName)
getCommitHooks in interface org.apache.jackrabbit.oak.spi.security.SecurityConfigurationgetCommitHooks in class org.apache.jackrabbit.oak.spi.security.SecurityConfiguration.Default@NotNull public @NotNull List<? extends org.apache.jackrabbit.oak.spi.commit.ValidatorProvider> getValidators(@NotNull @NotNull String workspaceName, @NotNull @NotNull Set<Principal> principals, @NotNull @NotNull org.apache.jackrabbit.oak.spi.commit.MoveTracker moveTracker)
getValidators in interface org.apache.jackrabbit.oak.spi.security.SecurityConfigurationgetValidators in class org.apache.jackrabbit.oak.spi.security.SecurityConfiguration.Default@NotNull public @NotNull List<org.apache.jackrabbit.oak.spi.xml.ProtectedItemImporter> getProtectedItemImporters()
getProtectedItemImporters in interface org.apache.jackrabbit.oak.spi.security.SecurityConfigurationgetProtectedItemImporters in class org.apache.jackrabbit.oak.spi.security.SecurityConfiguration.Default@NotNull public @NotNull org.apache.jackrabbit.oak.spi.security.Context getContext()
getContext in interface org.apache.jackrabbit.oak.spi.security.SecurityConfigurationgetContext in class org.apache.jackrabbit.oak.spi.security.SecurityConfiguration.Defaultpublic void setParameters(@NotNull
@NotNull org.apache.jackrabbit.oak.spi.security.ConfigurationParameters config)
setParameters in class org.apache.jackrabbit.oak.spi.security.ConfigurationBasepublic void bindMountInfoProvider(org.apache.jackrabbit.oak.spi.mount.MountInfoProvider mountInfoProvider)
public void unbindMountInfoProvider(org.apache.jackrabbit.oak.spi.mount.MountInfoProvider mountInfoProvider)
public void bindExclude(CugExclude exclude)
public void unbindExclude(CugExclude exclude)
Copyright © 2012–2018 The Apache Software Foundation. All rights reserved.