001/*
002 * Licensed to DuraSpace under one or more contributor license agreements.
003 * See the NOTICE file distributed with this work for additional information
004 * regarding copyright ownership.
005 *
006 * DuraSpace licenses this file to you under the Apache License,
007 * Version 2.0 (the "License"); you may not use this file except in
008 * compliance with the License.  You may obtain a copy of the License at
009 *
010 *     http://www.apache.org/licenses/LICENSE-2.0
011 *
012 * Unless required by applicable law or agreed to in writing, software
013 * distributed under the License is distributed on an "AS IS" BASIS,
014 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
015 * See the License for the specific language governing permissions and
016 * limitations under the License.
017 */
018package org.fcrepo.auth.common;
019
020import java.util.Map;
021
022import javax.jcr.Credentials;
023
024import org.modeshape.jcr.ExecutionContext;
025import org.modeshape.jcr.api.ServletCredentials;
026import org.modeshape.jcr.security.AuthenticationProvider;
027import org.modeshape.jcr.security.SecurityContext;
028
029/**
030 * This authentication provider will always authenticate, giving
031 * complete access privileges to the session.
032 *
033 * @author Gregory Jansen
034 */
035public class BypassSecurityServletAuthenticationProvider implements
036        AuthenticationProvider {
037
038    /*
039     * (non-Javadoc)
040     * @see
041     * org.modeshape.jcr.security.AuthenticationProvider#authenticate(javax.
042     * jcr.Credentials, java.lang.String, java.lang.String,
043     * org.modeshape.jcr.ExecutionContext, java.util.Map)
044     */
045    @Override
046    public ExecutionContext authenticate(final Credentials credentials,
047            final String repositoryName, final String workspaceName,
048            final ExecutionContext repositoryContext,
049            final Map<String, Object> sessionAttributes) {
050        if (credentials instanceof ServletCredentials) {
051            return repositoryContext
052                    .with(new AnonymousAdminSecurityContext("bypassAdmin"));
053        }
054        return null;
055
056    }
057
058    /**
059     * Security context with complete
060     */
061    public static class AnonymousAdminSecurityContext implements
062            SecurityContext {
063
064        private String userName;
065
066        /**
067         * Create a new security context with the given user name
068         * @param userName User name to assign to the anonymous admin
069         */
070        public AnonymousAdminSecurityContext(final String userName) {
071            this.userName = userName;
072        }
073
074        /*
075         * (non-Javadoc)
076         * @see org.modeshape.jcr.security.SecurityContext#isAnonymous()
077         */
078        @Override
079        public boolean isAnonymous() {
080            return false;
081        }
082
083        /*
084         * (non-Javadoc)
085         * @see org.modeshape.jcr.security.SecurityContext#getUserName()
086         */
087        @Override
088        public String getUserName() {
089            return userName;
090        }
091
092        /*
093         * (non-Javadoc)
094         * @see
095         * org.modeshape.jcr.security.SecurityContext#hasRole(java.lang.String)
096         */
097        @Override
098        public boolean hasRole(final String roleName) {
099            return true;
100        }
101
102        /*
103         * (non-Javadoc)
104         * @see org.modeshape.jcr.security.SecurityContext#logout()
105         */
106        @Override
107        public void logout() {
108            /*NOOP*/
109        }
110    }
111}