Package org.exist.security

Examples of org.exist.security.Subject


      BrokerPool db = null;
      DBBroker broker = null;
      try {
        db = BrokerPool.getInstance();
        broker = db.get(null);
        final Subject subject = broker.getSubject();
       
        final URL url = new URL("xmldb:exist://jsessionid:"+subject.getSessionId()+"@"+ uri.toString());
        connection = url.openConnection();
      } catch (final IllegalArgumentException e) {
        throw new IOException(e);
      } catch (final MalformedURLException e) {
        throw new IOException(e);
View Full Code Here


       
        final JobDataMap jobDataMap = jec.getJobDetail().getJobDataMap();
       
        //TODO why are these values not used from the class members?
        final String xqueryresource = (String)jobDataMap.get("xqueryresource");
        final Subject user = (Subject)jobDataMap.get("user");
       
        final BrokerPool pool = (BrokerPool)jobDataMap.get("brokerpool");
        final Properties params = (Properties)jobDataMap.get("params");
        final boolean unschedule = ((Boolean)jobDataMap.get("unschedule")).booleanValue();

        //if invalid arguments then abort
        if((pool == null) || (xqueryresource == null) || (user == null)) {
            abort("BrokerPool or XQueryResource or User was null!");
        }

        DBBroker broker = null;
        DocumentImpl resource = null;
        Source source = null;
        XQueryPool xqPool  = null;
        CompiledXQuery compiled = null;
        XQueryContext context = null;

        try {

            //get the xquery
            broker = pool.get(user);

            if(xqueryresource.indexOf(':') > 0) {
                source = SourceFactory.getSource(broker, "", xqueryresource, true);
            } else {
                final XmldbURI pathUri = XmldbURI.create(xqueryresource);
                resource = broker.getXMLResource(pathUri, Lock.READ_LOCK);

                if(resource != null) {
                    source = new DBSource(broker, (BinaryDocument)resource, true);
                }
            }

            if(source != null) {

                //execute the xquery
                final XQuery xquery = broker.getXQueryService();
                xqPool = xquery.getXQueryPool();

                //try and get a pre-compiled query from the pool
                compiled = xqPool.borrowCompiledXQuery(broker, source);

                if(compiled == null) {
                    context = xquery.newContext(AccessContext.REST); //TODO should probably have its own AccessContext.SCHEDULER
                } else {
                    context = compiled.getContext();
                }

                //TODO: don't hardcode this?
                if(resource != null) {
                    context.setModuleLoadPath(XmldbURI.EMBEDDED_SERVER_URI.append(resource.getCollection().getURI()).toString());
                    context.setStaticallyKnownDocuments(new XmldbURI[] {
                        resource.getCollection().getURI()
                    });
                }

                if(compiled == null) {

                    try {
                        compiled = xquery.compile(context, source);
                    }
                    catch(final IOException e) {
                        abort("Failed to read query from " + xqueryresource);
                    }
                }

                //declare any parameters as external variables
                if(params != null) {
                    String bindingPrefix = params.getProperty("bindingPrefix");

                    if(bindingPrefix == null) {
                        bindingPrefix = "local";
                    }
                   

                    for(final Entry param : params.entrySet()) {
                        final String key = (String)param.getKey();
                        final String value = (String)param.getValue();
                        context.declareVariable( bindingPrefix + ":" + key, new StringValue(value));
                    }
                }

                xquery.execute(compiled, null);

            } else {
                LOG.warn("XQuery User Job not found: " + xqueryresource + ", job not scheduled");
            }
        } catch(final EXistException ee) {
            abort("Could not get DBBroker!");
        } catch(final PermissionDeniedException pde) {
            abort("Permission denied for the scheduling user: " + user.getName() + "!");
        } catch(final XPathException xpe) {
            abort("XPathException in the Job: " + xpe.getMessage() + "!", unschedule);
        } catch(final MalformedURLException e) {
            abort("Could not load XQuery: " + e.getMessage());
        } catch(final IOException e) {
View Full Code Here

              final AbstractPrincipal remove_group = (AbstractPrincipal)principalDb.get(group.getName());
              if(remove_group == null)
                    {throw new IllegalArgumentException("Group does '"+group.getName()+"' not exist!");}
   
              final DBBroker broker = getDatabase().getActiveBroker();
                final Subject subject = broker.getSubject();
               
                ((Group)remove_group).assertCanModifyGroup(subject);
   
                remove_group.setRemoved(true);
                remove_group.setCollection(broker, collectionRemovedGroups, XmldbURI.create(UUIDGenerator.getUUID() + ".xml"));
View Full Code Here

        if(!account.isEnabled()) {
            throw new AuthenticationException(AuthenticationException.ACCOUNT_LOCKED, "Account '" + accountName + "' is disabled.");
        }

        final Subject subject = new SubjectImpl((AccountImpl) account, credentials);
        if(!subject.isAuthenticated()) {
            throw new AuthenticationException(AuthenticationException.WRONG_PASSWORD, "Wrong password for user [" + accountName + "] ");
        }
           
        return subject;
    }
View Full Code Here

            if (!configDir.mkdirs()) {
                return;
            }
        }
      DBBroker broker = null;
      Subject subject = null;
      try {
        broker = BrokerPool.getInstance().getActiveBroker();
        subject = broker.getSubject();
        broker.setSubject(broker.getBrokerPool().getSecurityManager().getSystemSubject());
View Full Code Here

          {return getSystemSubject();}

        if (getGuestSubject().getSessionId().equals(credentials))
          {return getGuestSubject();}

            final Subject subject = sessions.read(new SessionDbRead<Subject>(){
                @Override
                public Subject execute(final Map<String, Session> db) {
                 
                  Session session = db.get((String)credentials);
                  if (session == null) return null;
                 
                  if (session.isValid())
                    return session.getSubject();
                 
                  return null;
                }
            });

            if(subject == null)
                {throw new AuthenticationException(AuthenticationException.SESSION_NOT_FOUND, "Session [" + credentials + "] not found");}

            if (events != null)
              {events.authenticated(subject);}
           
            //TODO: validate session
            return subject;
        }

        for(final Realm realm : realms) {
            try {
              final Subject subject = realm.authenticate(username, credentials);
             
                if (LOG.isDebugEnabled())
                  {LOG.debug("Authenticated by '"+realm.getId()+"' as '"+subject+"'.");}
               
                if (events != null)
View Full Code Here

        }
        return bd;
    }
   
    private void setAdminCredentials(DBBroker broker, String newCredentials) throws ConfigurationException, PermissionDeniedException {
      final Subject subject = broker.getSubject();
      subject.setPassword(newCredentials);
      subject.save(broker);
    }
View Full Code Here

            if(jobConfig.getResourceName().startsWith("/db/") || jobConfig.getResourceName().indexOf(':') > 0) {
                if(jobConfig.getType().equals(JobType.SYSTEM)) {
                    LOG.error("System jobs may only be written in Java");
                } else {
                    //create an XQuery job
                    final Subject guestUser = brokerPool.getSecurityManager().getGuestSubject();
                    job = new UserXQueryJob(jobConfig.getJobName(), jobConfig.getResourceName(), guestUser);
                    try {
                        // check if a job with the same name is already registered
                        if(getScheduler().getJobDetail(new JobKey(job.getName(), UserJob.JOB_GROUP)) != null) {
                            // yes, try to make the job's name unique
View Full Code Here

        if (loadPathAttrib != null)
          {moduleLoadPath = getValue(loadPathAttrib);}
        else
          {moduleLoadPath = getServletContext().getRealPath(requestPath.substring(request.getContextPath().length()));}

        Subject user = getDefaultUser();

        // to determine the user, first check the request attribute "xquery.user", then
        // the current session attribute "user"
        final Object userAttrib = request.getAttribute(ATTR_XQUERY_USER);
        final HttpSession session = request.getSession( false );
        if(userAttrib != null || (session != null && request.isRequestedSessionIdValid())) {
            final Object passwdAttrib = request.getAttribute(ATTR_XQUERY_PASSWORD);
            String username;
            String password;
            if (userAttrib != null) {
                username = getValue(userAttrib);
                password = getValue(passwdAttrib);
            } else {
                username = getSessionAttribute(session, "user");
                password = getSessionAttribute(session, "password");
            }
           
            //TODO authentication should use super.authenticate(...) !!!
      try {
        if( username != null && password != null ) {
          Subject newUser = getPool().getSecurityManager().authenticate(username, password);
              if (newUser != null && newUser.isAuthenticated())
                {user = newUser;}
        }
               
      } catch (final AuthenticationException e) {
        getLog().error("User can not be authenticated ("+username+").");
      }
        }
       
        if (user == getDefaultUser()) {
          Subject requestUser = HttpAccount.getUserFromServletRequest(request);
          if (requestUser != null) {
            user = requestUser;
          } else {
            requestUser = getAuthenticator().authenticate(request, response, false);
            if (requestUser != null)
View Full Code Here

        return session;
    }
   
    public java.lang.String connect(java.lang.String userId, java.lang.String password) throws java.rmi.RemoteException {
      try {
        final Subject u = pool.getSecurityManager().authenticate(userId, password);
     
            LOG.debug("user " + userId + " connected");
           
            return SessionManager.getInstance().createSession(u);
    } catch (final Exception e) {
View Full Code Here

TOP

Related Classes of org.exist.security.Subject

Copyright © 2018 www.massapicom. All rights reserved.
All source code are property of their respective owners. Java is a trademark of Sun Microsystems, Inc and owned by ORACLE Inc. Contact coftware#gmail.com.