public void setUp() throws Exception {
IUnifiedRepository repository =
new MockUnifiedRepository(new MockUnifiedRepository.SpringSecurityCurrentUserProvider());
datasourceMgmtService =
new JcrBackedDatasourceMgmtService(repository, new DatabaseDialectService());
datasourceMgmtWebService = new DefaultDatasourceMgmtWebService(datasourceMgmtService);
dbConnectionAdapter = new DatabaseConnectionAdapter();
SecurityContextHolder.getContext()
.setAuthentication(
new UsernamePasswordAuthenticationToken(
MockUnifiedRepository.root().getName(), null, new GrantedAuthority[0]));
repository.createFolder(
repository.getFile("/etc").getId(),
new RepositoryFile.Builder(FOLDER_PDI).folder(true).build(),
new RepositoryFileAcl.Builder(MockUnifiedRepository.root())
.ace(MockUnifiedRepository.everyone(), READ, READ_ACL, WRITE, WRITE_ACL)
.build(),
null);
repository.createFolder(
repository.getFile("/etc/pdi").getId(),
new RepositoryFile.Builder(FOLDER_DATABASES).folder(true).build(),
null);
SecurityContextHolder.getContext()
.setAuthentication(
new UsernamePasswordAuthenticationToken(EXP_LOGIN, null, new GrantedAuthority[0]));
}
public Principal login(Object credentials, String charset) {
List<String> decodedCredentials = Arrays.asList(decodeBase64Credentials(credentials, charset));
HttpGraniteContext context = (HttpGraniteContext) GraniteContext.getCurrentInstance();
HttpServletRequest httpRequest = context.getRequest();
String user = decodedCredentials.get(0);
String password = decodedCredentials.get(1);
Authentication auth = new UsernamePasswordAuthenticationToken(user, password);
Principal principal = null;
ApplicationContext ctx =
WebApplicationContextUtils.getWebApplicationContext(
httpRequest.getSession().getServletContext());
if (ctx != null) {
AbstractAuthenticationManager authenticationManager =
BeanFactoryUtils.beanOfTypeIncludingAncestors(ctx, AbstractAuthenticationManager.class);
try {
Authentication authentication = authenticationManager.authenticate(auth);
SecurityContext securityContext = SecurityContextHolder.getContext();
securityContext.setAuthentication(authentication);
principal = authentication;
SecurityContextHolder.setContext(securityContext);
saveSecurityContextInSession(securityContext, 0);
endLogin(credentials, charset);
} catch (AuthenticationException e) {
handleAuthenticationExceptions(e);
}
}
log.debug("User %s logged in", user);
return principal;
}
/**
* Logs in with given username.
*
* @param username username of user
* @param tenantId tenant to which this user belongs
* @tenantAdmin true to add the tenant admin authority to the user's roles
*/
protected void login(final String username, final ITenant tenant, String[] roles) {
StandaloneSession pentahoSession =
new StandaloneSession(tenantedUserNameUtils.getPrincipleId(tenant, username));
pentahoSession.setAuthenticated(
tenant.getId(), tenantedUserNameUtils.getPrincipleId(tenant, username));
PentahoSessionHolder.setSession(pentahoSession);
pentahoSession.setAttribute(IPentahoSession.TENANT_ID_KEY, tenant.getId());
final String password = "******";
List<GrantedAuthority> authList = new ArrayList<GrantedAuthority>();
for (String roleName : roles) {
authList.add(
new GrantedAuthorityImpl(tenantedRoleNameUtils.getPrincipleId(tenant, roleName)));
}
GrantedAuthority[] authorities = authList.toArray(new GrantedAuthority[0]);
UserDetails userDetails = new User(username, password, true, true, true, true, authorities);
Authentication auth =
new UsernamePasswordAuthenticationToken(userDetails, password, authorities);
PentahoSessionHolder.setSession(pentahoSession);
// this line necessary for Spring Security's MethodSecurityInterceptor
SecurityContextHolder.getContext().setAuthentication(auth);
SecurityHelper.getInstance().becomeUser(tenantedUserNameUtils.getPrincipleId(tenant, username));
SecurityContextHolder.getContext().setAuthentication(auth);
}
private void setCurrentUser(String username) {
originalSecurityContext = SecurityContextHolder.getContext();
SecurityContextImpl context = new SecurityContextImpl();
context.setAuthentication(
new UsernamePasswordAuthenticationToken(
new User(username, "", true, new GrantedAuthority[] {}), null));
SecurityContextHolder.setContext(context);
}
public Object authorize(AbstractSecurityContext context) throws Exception {
log.debug("Authorize: %s", context);
log.debug(
"Is %s secured? %b",
context.getDestination().getId(), context.getDestination().isSecured());
startAuthorization(context);
HttpGraniteContext graniteContext = (HttpGraniteContext) GraniteContext.getCurrentInstance();
Authentication authentication = SecurityContextHolder.getContext().getAuthentication();
SecurityContext securityContextBefore = null;
int securityContextHashBefore = 0;
if (graniteContext.getRequest().getAttribute(FILTER_APPLIED) == null) {
securityContextBefore = loadSecurityContextFromSession();
if (securityContextBefore == null) securityContextBefore = SecurityContextHolder.getContext();
else securityContextHashBefore = securityContextBefore.hashCode();
SecurityContextHolder.setContext(securityContextBefore);
authentication = securityContextBefore.getAuthentication();
}
if (context.getDestination().isSecured()) {
if (!isAuthenticated(authentication)
|| authentication instanceof AnonymousAuthenticationToken) {
log.debug("Is not authenticated!");
throw SecurityServiceException.newNotLoggedInException("User not logged in");
}
if (!userCanAccessService(context, authentication)) {
log.debug("Access denied for: %s", authentication.getName());
throw SecurityServiceException.newAccessDeniedException("User not in required role");
}
}
try {
Object returnedObject =
securityInterceptor != null
? securityInterceptor.invoke(context)
: endAuthorization(context);
return returnedObject;
} catch (AccessDeniedException e) {
throw SecurityServiceException.newAccessDeniedException(e.getMessage());
} catch (InvocationTargetException e) {
handleAuthorizationExceptions(e);
throw e;
} finally {
if (graniteContext.getRequest().getAttribute(FILTER_APPLIED) == null) {
// Do this only when not already filtered by Spring Security
SecurityContext securityContextAfter = SecurityContextHolder.getContext();
SecurityContextHolder.clearContext();
saveSecurityContextInSession(securityContextAfter, securityContextHashBefore);
}
}
}
@BeforeClass
public static void beforeClass() throws Exception {
System.setProperty(SYSTEM_PROPERTY, "MODE_GLOBAL");
PentahoSessionHolder.setStrategyName(PentahoSessionHolder.MODE_GLOBAL);
FileUtils.deleteDirectory(new File("/tmp/jackrabbit-test-TRUNK"));
SecurityContextHolder.setStrategyName(SecurityContextHolder.MODE_GLOBAL);
}
@Before
public void setUp() throws Exception {
manager = new MockBackingRepositoryLifecycleManager(new MockSecurityHelper());
repo = context.mock(IUnifiedRepository.class);
booter = new MicroPlatform("test-res/solution1");
booter.define(IPasswordService.class, Base64PasswordService.class, Scope.GLOBAL);
booter.define(IDatabaseConnection.class, DatabaseConnection.class, Scope.GLOBAL);
booter.define(IDatabaseDialectService.class, DatabaseDialectService.class, Scope.GLOBAL);
booter.define(IMondrianCatalogService.class, MondrianCatalogHelper.class, Scope.GLOBAL);
booter.define(ICacheManager.class, CacheManager.class, Scope.GLOBAL);
booter.defineInstance(IUserRoleListService.class, context.mock(IUserRoleListService.class));
final IAuthorizationPolicy policy = context.mock(IAuthorizationPolicy.class);
booter.defineInstance(IAuthorizationPolicy.class, policy);
booter.defineInstance(IUnifiedRepository.class, repo);
booter.setSettingsProvider(new SystemSettings());
booter.start();
context.checking(
new Expectations() {
{
oneOf(policy);
will(returnValue(false));
oneOf(policy);
will(returnValue(false));
oneOf(policy);
will(returnValue(false));
}
});
PentahoSessionHolder.setStrategyName(PentahoSessionHolder.MODE_GLOBAL);
SecurityContextHolder.setStrategyName(SecurityContextHolder.MODE_GLOBAL);
}
protected void login(final String username, final String tenantId, final boolean tenantAdmin) {
StandaloneSession pentahoSession = new StandaloneSession(username);
pentahoSession.setAuthenticated(username);
pentahoSession.setAttribute(IPentahoSession.TENANT_ID_KEY, tenantId);
final String password = "******";
List<GrantedAuthority> authList = new ArrayList<GrantedAuthority>();
authList.add(
new GrantedAuthorityImpl(
MessageFormat.format(tenantAuthenticatedAuthorityNamePattern, tenantId)));
if (tenantAdmin) {
authList.add(
new GrantedAuthorityImpl(
MessageFormat.format(tenantAdminAuthorityNamePattern, tenantId)));
}
GrantedAuthority[] authorities = authList.toArray(new GrantedAuthority[0]);
UserDetails userDetails = new User(username, password, true, true, true, true, authorities);
Authentication auth =
new UsernamePasswordAuthenticationToken(userDetails, password, authorities);
PentahoSessionHolder.setSession(pentahoSession);
// this line necessary for Spring Security's MethodSecurityInterceptor
SecurityContextHolder.getContext().setAuthentication(auth);
manager.newTenant();
manager.newUser();
}
protected void onSetUpInTransaction() throws Exception {
super.onSetUpInTransaction();
servletConfig = new MockServletConfig(new MockServletContext(), "simple");
MockServletConfig complexConfig =
new MockServletConfig(servletConfig.getServletContext(), "complex");
complexConfig.addInitParameter("publishContext", "false");
complexConfig.addInitParameter("class", "notWritable");
complexConfig.addInitParameter("unknownParam", "someValue");
simpleDispatcherServlet = new DispatcherServlet();
simpleDispatcherServlet.setContextClass(SimpleWebApplicationContext.class);
simpleDispatcherServlet.init(servletConfig);
complexDispatcherServlet = new DispatcherServlet();
complexDispatcherServlet.setContextClass(WebApplicationContext.class);
complexDispatcherServlet.setNamespace("test");
Constants constants = (Constants) applicationContext.getBean("constants");
Authentication auth = constants.getAuthentication(applicationContext);
SecurityContextHolder.getContext().setAuthentication(auth);
parent = (Controller) applicationContext.getBean("workCodeController");
child = (Controller) applicationContext.getBean("workCodeFormController");
sf = (SessionFactory) applicationContext.getBean("sessionFactory");
}
protected boolean isLoggedIn() {
final Authentication authentication = SecurityContextHolder.getContext().getAuthentication();
if (authentication == null || authentication.getPrincipal() == null) {
return false;
}
return true;
}
/** {@inheritDoc} */
@Override
protected void doFilterHttp(
HttpServletRequest request, HttpServletResponse response, FilterChain chain)
throws IOException, ServletException {
boolean shouldFilter = AclUtils.shouldFilter();
try {
if (shouldFilter) {
String user = SecurityContextHolder.getContext().getAuthentication().getName();
List<Group> groups = m_groupDao.findGroupsForUser(user);
String[] groupNames = new String[groups.size()];
for (int i = 0; i < groups.size(); i++) {
groupNames[i] = groups.get(i).getName();
}
m_filterManager.enableAuthorizationFilter(groupNames);
}
chain.doFilter(request, response);
} finally {
if (shouldFilter) {
m_filterManager.disableAuthorizationFilter();
}
}
}
public ConfigAttributeDefinition getAttributes(Object filter) throws IllegalArgumentException {
// TODO Auto-generated method stub
FilterInvocation filterInvocation = (FilterInvocation) filter;
String requestURI = filterInvocation.getRequestUrl();
Map<String, Set<String>> urlAuthorities = this.getUrlAuthorities(filterInvocation);
Authentication auth = SecurityContextHolder.getContext().getAuthentication();
boolean isSuperUser = false;
if (auth != null) {
for (int i = 0; i < auth.getAuthorities().length; i++) {
if ("超级管理员".equals(auth.getAuthorities()[i].getAuthority())) {
isSuperUser = true;
break;
}
}
if ((!isSuperUser) && (!isUrlGrantedRight(requestURI, auth))) {
return null;
} else {
String grantedAuthorities = null;
grantedAuthorities = getAuth(requestURI, auth);
if (grantedAuthorities != null) {
ConfigAttributeEditor configAttrEditor = new ConfigAttributeEditor();
configAttrEditor.setAsText(grantedAuthorities);
return (ConfigAttributeDefinition) configAttrEditor.getValue();
}
}
}
return null;
}
@After
public void teardown() throws Exception {
if (originalSecurityContext != null) {
SecurityContextHolder.setContext(originalSecurityContext);
}
configHelper.onTearDown();
}
@Before
public void setUp() {
String[] configFiles = new String[] {"springTestFilterBeans.xml"};
this.ctx = new ClassPathXmlApplicationContext(configFiles);
SecurityContextHolder.getContext().setAuthentication(null);
this.filter = (NegotiateSecurityFilter) this.ctx.getBean("waffleNegotiateSecurityFilter");
}
public void logout() {
HttpGraniteContext context = (HttpGraniteContext) GraniteContext.getCurrentInstance();
HttpSession session = context.getSession(false);
if (session != null
&& session.getAttribute(HttpSessionContextIntegrationFilter.SPRING_SECURITY_CONTEXT_KEY)
!= null) session.invalidate();
SecurityContextHolder.clearContext();
}
@BeforeMethod
public void setupSysadmin() {
Enterprise e = enterpriseGenerator.createUniqueInstance();
Role r = roleGenerator.createInstance();
User u = userGenerator.createInstance(e, r, "sysadmin", "sysadmin");
setup(e, r, u);
SecurityContextHolder.getContext().setAuthentication(new SysadminAuthentication());
}
protected boolean isAdmin() {
final Authentication authentication = SecurityContextHolder.getContext().getAuthentication();
if (authentication == null || authentication.getPrincipal() == null) {
return false;
}
if (hasAdminRole(authentication.getAuthorities())) {
return true;
}
return false;
}
protected User getLoggedInUser() {
Authentication auth = SecurityContextHolder.getContext().getAuthentication();
if (auth == null) {
return null;
}
Object obj = auth.getPrincipal();
if (obj instanceof UserDetails) {
return (User) obj;
}
return null;
}
@Override
protected void setUp() throws Exception {
super.setUp();
// store initial security context for later restoration
initialSecurityContext = SecurityContextHolder.getContext();
SecurityContext context = new SecurityContextImpl();
User user = new User("user");
user.setId(1L);
user.setPassword("password");
user.addRole(new Role(Constants.USER_ROLE));
UsernamePasswordAuthenticationToken token =
new UsernamePasswordAuthenticationToken(
user.getUsername(), user.getPassword(), user.getAuthorities());
token.setDetails(user);
context.setAuthentication(token);
SecurityContextHolder.setContext(context);
}
public User getUser() {
// 取得登录用户
SecurityContext ctx = SecurityContextHolder.getContext();
Authentication auth = ctx.getAuthentication();
User user = null;
if (auth.getPrincipal() instanceof UserDetails) {
user = (User) auth.getPrincipal();
}
return user;
}
/**
* After returning, grab the user, check if they've been modified and reset the SecurityContext if
* they have.
*
* @param returnValue the user object
* @param method the name of the method executed
* @param args the arguments to the method
* @param target the target class
* @throws Throwable thrown when args[0] is null or not a User object
*/
public void afterReturning(Object returnValue, Method method, Object[] args, Object target)
throws Throwable {
User user = (User) args[0];
if (user.getVersion() != null) {
// reset the authentication object if current user
Authentication auth = SecurityContextHolder.getContext().getAuthentication();
AuthenticationTrustResolver resolver = new AuthenticationTrustResolverImpl();
// allow new users to signup - this is OK b/c Signup doesn't allow setting of roles
boolean signupUser = resolver.isAnonymous(auth);
if (auth != null && !signupUser) {
User currentUser = getCurrentUser(auth);
if (currentUser.getId().equals(user.getId())) {
auth =
new UsernamePasswordAuthenticationToken(
user, user.getPassword(), user.getAuthorities());
SecurityContextHolder.getContext().setAuthentication(auth);
}
}
}
}
/**
* Returns the connected user details.
*
* @return
*/
public static Account getLoginAccount() {
SecurityContext context = SecurityContextHolder.getContext();
Authentication authen = context.getAuthentication();
Object principal = null;
if (authen != null) {
principal = authen.getPrincipal();
}
if (principal != null && principal instanceof Account) {
return (Account) principal;
} else {
return null;
}
} // - getLoginAccount
protected void loginAsRepositoryAdmin() {
StandaloneSession pentahoSession = new StandaloneSession(repositoryAdminUsername);
pentahoSession.setAuthenticated(repositoryAdminUsername);
final GrantedAuthority[] repositoryAdminAuthorities = new GrantedAuthority[] {};
final String password = "******";
UserDetails repositoryAdminUserDetails =
new User(
repositoryAdminUsername, password, true, true, true, true, repositoryAdminAuthorities);
Authentication repositoryAdminAuthentication =
new UsernamePasswordAuthenticationToken(
repositoryAdminUserDetails, password, repositoryAdminAuthorities);
PentahoSessionHolder.setSession(pentahoSession);
// this line necessary for Spring Security's MethodSecurityInterceptor
SecurityContextHolder.getContext().setAuthentication(repositoryAdminAuthentication);
}
@BeforeClass
public static void beforeClass() throws Exception {
// BasicConfigurator.configure();
System.setProperty(SYSTEM_PROPERTY, "MODE_GLOBAL");
Logger.getLogger("org").setLevel(Level.WARN);
Logger.getLogger("org.pentaho").setLevel(Level.WARN);
Logger.getLogger(RepositoryResource.class).setLevel(Level.DEBUG);
// Logger.getLogger(RequestProxy.class).setLevel(Level.DEBUG);
Logger.getLogger("MIME_TYPE").setLevel(Level.TRACE);
PentahoSessionHolder.setStrategyName(PentahoSessionHolder.MODE_GLOBAL);
FileUtils.deleteDirectory(new File("/tmp/jackrabbit-test-TRUNK"));
SecurityContextHolder.setStrategyName(SecurityContextHolder.MODE_GLOBAL);
}
@Test
public void testGuestIsDisabled() throws IOException, ServletException {
String securityPackage = "Negotiate";
SimpleFilterChain filterChain = new SimpleFilterChain();
SimpleHttpRequest request = new SimpleHttpRequest();
String clientToken = BaseEncoding.base64().encode("Guest".getBytes());
request.addHeader("Authorization", securityPackage + " " + clientToken);
SimpleHttpResponse response = new SimpleHttpResponse();
this.filter.doFilter(request, response, filterChain);
assertEquals(401, response.getStatus());
assertNull(SecurityContextHolder.getContext().getAuthentication());
}
public void testAddUserWithoutAdminRole() throws Exception {
Authentication auth = SecurityContextHolder.getContext().getAuthentication();
assertTrue(auth.isAuthenticated());
UserManager userManager = makeInterceptedTarget();
User user = new User("admin");
user.setId(2L);
try {
userManager.saveUser(user);
fail("AccessDeniedException not thrown");
} catch (AccessDeniedException expected) {
assertNotNull(expected);
assertEquals(expected.getMessage(), UserSecurityAdvice.ACCESS_DENIED);
}
}
/**
* {@inheritDoc}
*
* <p>Creates a {@code UsernamePasswordAuthenticationToken} from the given {@code principal} and
* {@code credentials} and passes to Spring Security {@code AuthenticationManager}.
*/
@Override
protected Authentication getAuthentication(
final Principal principal, final Credentials credentials) throws RepositoryException {
// only handles SimpleCredential instances; DefaultLoginModule behaves the same way (albeit
// indirectly)
if (!(credentials instanceof SimpleCredentials)) {
logger.debug("credentials not instance of SimpleCredentials; returning null"); // $NON-NLS-1$
return null;
}
SimpleCredentials simpleCredentials = (SimpleCredentials) credentials;
UsernamePasswordAuthenticationToken token =
new UsernamePasswordAuthenticationToken(
simpleCredentials.getUserID(), String.valueOf(simpleCredentials.getPassword()));
boolean authenticated = false;
try {
org.springframework.security.Authentication authentication =
SecurityContextHolder.getContext().getAuthentication();
if (authentication != null
&& authentication.getName().equals(simpleCredentials.getUserID())) {
// see if there's already an active Authentication for this user.
authenticated = true;
} else {
// delegate to Spring Security
getAuthenticationManager().authenticate(token);
authenticated = true;
}
} catch (AuthenticationException e) {
logger.debug("authentication exception", e); // $NON-NLS-1$
}
final boolean authenticateResult = authenticated;
return new Authentication() {
public boolean canHandle(Credentials credentials) {
// this is decided earlier in getAuthentication
return true;
}
public boolean authenticate(Credentials credentials) throws RepositoryException {
return authenticateResult;
}
};
}
/**
* Save the user, encrypting their passwords if necessary
*
* @return success when good things happen
* @throws Exception when bad things happen
*/
public String save() throws Exception {
user.setEnabled(true);
// Set the default user role on this new user
user.addRole(roleManager.getRole(Constants.USER_ROLE));
try {
userManager.saveUser(user);
} catch (AccessDeniedException ade) {
// thrown by UserSecurityAdvice configured in aop:advisor userManagerSecurity
log.warn(ade.getMessage());
getResponse().sendError(HttpServletResponse.SC_FORBIDDEN);
return null;
} catch (UserExistsException e) {
log.warn(e.getMessage());
List<Object> args = new ArrayList<Object>();
args.add(user.getUsername());
args.add(user.getEmail());
addActionError(getText("errors.existing.user", args));
// redisplay the unencrypted passwords
user.setPassword(user.getConfirmPassword());
return INPUT;
}
saveMessage(getText("user.registered"));
getSession().setAttribute(Constants.REGISTERED, Boolean.TRUE);
// log user in automatically
UsernamePasswordAuthenticationToken auth =
new UsernamePasswordAuthenticationToken(
user.getUsername(), user.getConfirmPassword(), user.getAuthorities());
auth.setDetails(user);
SecurityContextHolder.getContext().setAuthentication(auth);
// Send an account information e-mail
mailMessage.setSubject(getText("signup.email.subject"));
try {
sendUserMessage(user, getText("signup.email.message"), RequestUtil.getAppURL(getRequest()));
} catch (MailException me) {
addActionError(me.getMostSpecificCause().getMessage());
}
return SUCCESS;
}
void onValidateForm() {
provider.setUserDetailsService(userserve);
provider.setPasswordEncoder(new ShaPasswordEncoder());
authtoken = new UsernamePasswordAuthenticationToken(fLogin, fpass);
provider.setSaltSource(salt);
Authentication token = null;
try {
token = provider.authenticate(authtoken);
} catch (org.springframework.security.BadCredentialsException e) {
loginform.recordError("Either the Username or Password is incorrect, Please try again.");
return;
}
if (token.isAuthenticated()) {
System.out.println("user has been authenticated");
this.user = userDAO.findByUsername(fLogin);
SecurityContextHolder.getContext().setAuthentication(token);
SavedRequest savedRequest =
(SavedRequest)
requestGlobals
.getHTTPServletRequest()
.getSession()
.getAttribute(AbstractProcessingFilter.SPRING_SECURITY_SAVED_REQUEST_KEY);
Session s = request.getSession(false);
s.invalidate();
s = request.getSession(true);
if (savedRequest != null) {
url = null;
try {
url = new URL(savedRequest.getRequestURL());
} catch (MalformedURLException e) {
System.out.println("malformed url:" + savedRequest.getRequestURI());
}
}
} else {
// fpass = null;
// fLogin = null;
loginform.recordError("Either the Username or Password is incorrect, Please try again.");
}
}
@Before
public void beforeTest() throws PlatformInitializationException {
mp = new MicroPlatform();
// used by DefaultPentahoJackrabbitAccessControlHelper
mp.defineInstance(IAuthorizationPolicy.class, authorizationPolicy);
mp.defineInstance(ITenantManager.class, tenantManager);
mp.define(ITenant.class, Tenant.class);
mp.defineInstance("roleAuthorizationPolicyRoleBindingDaoTarget", roleBindingDaoTarget);
mp.defineInstance(IRoleAuthorizationPolicyRoleBindingDao.class, roleBindingDaoTarget);
mp.defineInstance("tenantedUserNameUtils", tenantedUserNameUtils);
mp.defineInstance("tenantedRoleNameUtils", tenantedRoleNameUtils);
mp.defineInstance("repositoryAdminUsername", repositoryAdminUsername);
mp.define(
IRoleAuthorizationPolicyRoleBindingDao.class, RoleAuthorizationPolicy.class, Scope.GLOBAL);
mp.define(ITenantManager.class, RepositoryTenantManager.class, Scope.GLOBAL);
mp.defineInstance("singleTenantAdminAuthorityName", new String("Administrator"));
mp.defineInstance(
"RepositoryFileProxyFactory",
new RepositoryFileProxyFactory(this.testJcrTemplate, this.repositoryFileDao));
UserRoleDaoUserDetailsService userDetailsService = new UserRoleDaoUserDetailsService();
userDetailsService.setUserRoleDao(userRoleDao);
List<String> systemRoles = new ArrayList<String>();
systemRoles.add("Admin");
List<String> extraRoles = Arrays.asList(new String[] {"Authenticated", "Anonymous"});
String adminRole = "Admin";
userRoleListService =
new UserRoleDaoUserRoleListService(
userRoleDao,
userDetailsService,
tenantedUserNameUtils,
systemRoles,
extraRoles,
adminRole);
((UserRoleDaoUserRoleListService) userRoleListService).setUserRoleDao(userRoleDao);
((UserRoleDaoUserRoleListService) userRoleListService)
.setUserDetailsService(userDetailsService);
mp.defineInstance(IUserRoleListService.class, userRoleListService);
mp.start();
logout();
startupCalled = true;
SecurityContextHolder.setStrategyName(SecurityContextHolder.MODE_GLOBAL);
}
