Source code

001/**
002 * Copyright 2015 DuraSpace, Inc.
003 *
004 * Licensed under the Apache License, Version 2.0 (the "License");
005 * you may not use this file except in compliance with the License.
006 * You may obtain a copy of the License at
007 *
008 *     http://www.apache.org/licenses/LICENSE-2.0
009 *
010 * Unless required by applicable law or agreed to in writing, software
011 * distributed under the License is distributed on an "AS IS" BASIS,
012 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
013 * See the License for the specific language governing permissions and
014 * limitations under the License.
015 */
016package org.fcrepo.auth.common;
017
018import java.util.Map;
019
020import javax.jcr.Credentials;
021
022import org.modeshape.jcr.ExecutionContext;
023import org.modeshape.jcr.api.ServletCredentials;
024import org.modeshape.jcr.security.AuthenticationProvider;
025import org.modeshape.jcr.security.SecurityContext;
026
027/**
028 * This authentication provider will always authenticate, giving
029 * complete access privileges to the session.
030 *
031 * @author Gregory Jansen
032 */
033public class BypassSecurityServletAuthenticationProvider implements
034        AuthenticationProvider {
035
036    /*
037     * (non-Javadoc)
038     * @see
039     * org.modeshape.jcr.security.AuthenticationProvider#authenticate(javax.
040     * jcr.Credentials, java.lang.String, java.lang.String,
041     * org.modeshape.jcr.ExecutionContext, java.util.Map)
042     */
043    @Override
044    public ExecutionContext authenticate(final Credentials credentials,
045            final String repositoryName, final String workspaceName,
046            final ExecutionContext repositoryContext,
047            final Map<String, Object> sessionAttributes) {
048        if (credentials instanceof ServletCredentials) {
049            return repositoryContext
050                    .with(new AnonymousAdminSecurityContext("bypassAdmin"));
051        }
052        return null;
053
054    }
055
056    /**
057     * Security context with complete
058     */
059    public static class AnonymousAdminSecurityContext implements
060            SecurityContext {
061
062        private String userName;
063
064        /**
065         * Create a new security context with the given user name
066         * @param userName User name to assign to the anonymous admin
067         */
068        public AnonymousAdminSecurityContext(final String userName) {
069            this.userName = userName;
070        }
071
072        /*
073         * (non-Javadoc)
074         * @see org.modeshape.jcr.security.SecurityContext#isAnonymous()
075         */
076        @Override
077        public boolean isAnonymous() {
078            return false;
079        }
080
081        /*
082         * (non-Javadoc)
083         * @see org.modeshape.jcr.security.SecurityContext#getUserName()
084         */
085        @Override
086        public String getUserName() {
087            return userName;
088        }
089
090        /*
091         * (non-Javadoc)
092         * @see
093         * org.modeshape.jcr.security.SecurityContext#hasRole(java.lang.String)
094         */
095        @Override
096        public boolean hasRole(final String roleName) {
097            return true;
098        }
099
100        /*
101         * (non-Javadoc)
102         * @see org.modeshape.jcr.security.SecurityContext#logout()
103         */
104        @Override
105        public void logout() {
106            /*NOOP*/
107        }
108    }
109}