1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34 package info.magnolia.cms.security;
35
36 import info.magnolia.cms.security.auth.callback.CredentialsCallbackHandler;
37 import info.magnolia.cms.security.auth.login.LoginResult;
38
39 import java.util.ArrayList;
40 import java.util.Collection;
41 import java.util.Collections;
42
43 import javax.security.auth.Subject;
44 import javax.security.auth.login.LoginContext;
45 import javax.security.auth.login.LoginException;
46
47
48
49
50
51
52
53
54
55
56 public class RescueSecuritySupport extends SecuritySupportBase {
57
58 private static final org.slf4j.Logger log = org.slf4j.LoggerFactory.getLogger(RescueSecuritySupport.class);
59 public RescueSecuritySupport() {
60 super();
61 log.warn("Using RescueSecuritySupport !");
62 }
63
64 public UserManager getUserManager() {
65 log.warn("Using RescueSecuritySupport, will instantiate RescueUserManager, please fix your configuration !");
66 SystemUserManager userManager = new RescueUserManager();
67 userManager.setName(Realm.REALM_SYSTEM);
68 return userManager;
69 }
70
71 public UserManager getUserManager(String realmName) {
72 log.warn("Using RescueSecuritySupport, will instantiate RescueUserManager, please fix your configuration !");
73 SystemUserManager userManager = new RescueUserManager();
74 userManager.setName(realmName);
75 return userManager;
76 }
77
78 public GroupManager getGroupManager() {
79 log.warn("Using RescueSecuritySupport, will instantiate MgnlGroupManager, please fix your configuration !");
80 return new MgnlGroupManager();
81 }
82
83 public RoleManager getRoleManager() {
84 log.warn("Using RescueSecuritySupport, will instantiate MgnlRoleManager, please fix your configuration !");
85 return new MgnlRoleManager();
86 }
87
88 @Override
89 public LoginResult authenticate(CredentialsCallbackHandler callbackHandler, String customLoginModule) {
90 log.warn("Using RescueSecuritySupport, will force authentication with a fake system user, please fix your configuration !");
91 try {
92 LoginContext loginContext = createLoginContext(callbackHandler, customLoginModule);
93 loginContext.login();
94 User user = new RescueUser(UserManager.SYSTEM_USER, UserManager.SYSTEM_PSWD);
95 user.setSubject(loginContext.getSubject());
96 return new LoginResult(LoginResult.STATUS_SUCCEEDED, user);
97 } catch (LoginException e) {
98 throw new RuntimeException(e);
99 }
100 }
101
102
103
104
105
106
107 protected class RescueUserManager extends SystemUserManager {
108
109 @Override
110 public User getSystemUser() {
111 return new RescueUser(SYSTEM_USER, SYSTEM_PSWD);
112 }
113
114 @Override
115 public User getAnonymousUser() {
116 return new RescueUser(ANONYMOUS_USER, "");
117 }
118 @Override
119 public User getUser(String name) {
120 if(SYSTEM_USER.equals(name)){
121 return new RescueUser(SYSTEM_USER, SYSTEM_PSWD);
122 }
123 return new RescueUser(ANONYMOUS_USER, "");
124 }
125 }
126
127
128
129
130
131
132
133
134 protected class RescueUser implements User {
135 private static final long serialVersionUID = 1L;
136
137 private String name;
138
139 private String password;
140
141 private Subject subject;
142
143 private Collection<String> groups = new ArrayList<String>();
144
145 private Collection<String> roles = new ArrayList<String>();
146
147 public RescueUser(String name, String password) {
148 this.name = name;
149 this.password = password;
150
151 if(UserManager.SYSTEM_USER.equals(name)){
152 groups.add("publishers");
153
154 roles.add("superuser");
155 roles.add("workflow-base");
156 }
157 }
158
159 public boolean hasRole(String roleName) {
160 return roles.contains(roleName);
161 }
162
163 public void removeRole(String roleName) throws UnsupportedOperationException {
164 throw new UnsupportedOperationException();
165 }
166
167 public void addRole(String roleName) throws UnsupportedOperationException {
168 throw new UnsupportedOperationException();
169 }
170
171 public boolean inGroup(String groupName) {
172 return groups.contains(groupName);
173 }
174
175 public void removeGroup(String groupName) throws UnsupportedOperationException {
176 throw new UnsupportedOperationException();
177 }
178
179 public void addGroup(String groupName) throws UnsupportedOperationException {
180 throw new UnsupportedOperationException();
181 }
182
183 public boolean isEnabled() {
184 return true;
185 }
186
187 public void setEnabled(boolean enabled) {
188 throw new UnsupportedOperationException();
189 }
190
191 public String getLanguage() {
192 return "en";
193 }
194
195 public String getName() {
196 return name;
197 }
198
199 public String getPassword() {
200 return password;
201 }
202
203 public String getProperty(String propertyName) {
204 return null;
205 }
206
207 public void setProperty(String propertyName, String value) {
208 throw new UnsupportedOperationException();
209 }
210
211 public Collection<String> getGroups() {
212 return Collections.unmodifiableCollection(groups);
213 }
214
215 public Collection<String> getAllGroups() {
216 return Collections.unmodifiableCollection(groups);
217 }
218
219 public Collection<String> getRoles() {
220 return Collections.unmodifiableCollection(roles);
221 }
222
223 public Collection<String> getAllRoles() {
224 return Collections.unmodifiableCollection(roles);
225 }
226
227 public Subject getSubject() {
228 return subject;
229 }
230
231 public void setSubject(Subject subject) {
232 this.subject = subject;
233 }
234 }
235 }