1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34 package info.magnolia.cms.security;
35
36 import info.magnolia.cms.util.ObservationUtil;
37 import info.magnolia.context.MgnlContext;
38 import info.magnolia.repository.RepositoryConstants;
39
40 import javax.jcr.Node;
41 import javax.jcr.RepositoryException;
42 import javax.jcr.Session;
43 import javax.jcr.observation.EventIterator;
44 import javax.jcr.observation.EventListener;
45
46 import org.apache.commons.lang.StringUtils;
47 import org.slf4j.Logger;
48 import org.slf4j.LoggerFactory;
49
50
51
52
53
54
55
56 public class SystemUserManager extends MgnlUserManager {
57
58
59
60
61 private static Logger log = LoggerFactory.getLogger(SystemUserManager.class);
62
63
64
65
66
67 private User anonymousUser;
68
69 public SystemUserManager() {
70
71 EventListener anonymousListener = new EventListener() {
72
73 @Override
74 public void onEvent(EventIterator events) {
75 anonymousUser = null;
76 log.debug("Anonymous user reloaded");
77 }
78
79 };
80
81 final String anonymousUserPath = "/" + Realm.REALM_SYSTEM.getName() + "/" + UserManager.ANONYMOUS_USER;
82 ObservationUtil.registerChangeListener(
83 RepositoryConstants.USERS,
84 anonymousUserPath,
85 true,
86 "mgnl:user",
87 anonymousListener);
88
89 ObservationUtil.registerChangeListener(
90 RepositoryConstants.USER_GROUPS,
91 "/",
92 true,
93 "mgnl:group",
94 anonymousListener);
95
96 ObservationUtil.registerDeferredChangeListener(
97 RepositoryConstants.USER_ROLES,
98 "/",
99 true,
100 "mgnl:role",
101 anonymousListener,
102 1000,
103 5000);
104 }
105
106 @Override
107 public String getRealmName() {
108 String name = super.getRealmName();
109
110 if (StringUtils.isEmpty(name)) {
111 log.error("realm of system user manager is not set!");
112 return Realm.REALM_SYSTEM.getName();
113 }
114 return name;
115 }
116
117 @Override
118 public User getSystemUser() {
119 return getOrCreateUser(UserManager.SYSTEM_USER, UserManager.SYSTEM_PSWD);
120 }
121
122 @Override
123 public User getAnonymousUser() {
124 if (anonymousUser == null) {
125
126 anonymousUser = getRequiredSystemUser(UserManager.ANONYMOUS_USER, UserManager.ANONYMOUS_USER);
127 }
128 return anonymousUser;
129 }
130
131
132
133
134 private User getRequiredSystemUser(final String username, String password) {
135 return MgnlContext.doInSystemContext(new SilentSessionOp<User>(getRepositoryName()) {
136
137 @Override
138 public User doExec(Session session) throws RepositoryException {
139 User user = null;
140 Node node;
141 try {
142 node = session.getNode("/" + Realm.REALM_SYSTEM.getName() + "/" + username);
143 }
144 catch (RepositoryException e) {
145 log.error("Error caught while loading the system user "
146 + username
147 + ": "
148 + e.getClass().getName()
149 + ": "
150 + e.getMessage(), e);
151 return null;
152 }
153 if (node == null) {
154 log.error("User not found: {}.", username);
155 return null;
156 }
157
158 user = newUserInstance(node);
159 return user;
160 }});
161 }
162
163 protected User getOrCreateUser(String userName, String password) {
164 User user = getUser(userName);
165 if (user == null) {
166 log.error(
167 "Failed to get system user [{}], will try to create new system user with default password",
168 userName);
169 user = this.createUser(userName, password);
170 }
171 return user;
172 }
173 }