Changed admin authentication by using database and removed SSL.
Change-Id: Idca1d91aea908326771d34432a93c77032639c62
diff --git a/pom.xml b/pom.xml
index 04243ca..bab503a 100644
--- a/pom.xml
+++ b/pom.xml
@@ -177,7 +177,6 @@
<exclude>**/*APITest.java</exclude>
<exclude>de/ids_mannheim/korap/suites/*.java</exclude>
<exclude>**/ResouceServiceServerTest.java</exclude>
- <exclude>**/PolicyServiceTest.java</exclude>
</excludes>
<includes>
<include>de/ids_mannheim/korap/**/*.java</include>
diff --git a/src/main/java/de/ids_mannheim/korap/config/AdminSetup.java b/src/main/java/de/ids_mannheim/korap/config/AdminSetup.java
index 142b8f0..4d6687f 100644
--- a/src/main/java/de/ids_mannheim/korap/config/AdminSetup.java
+++ b/src/main/java/de/ids_mannheim/korap/config/AdminSetup.java
@@ -8,6 +8,7 @@
/**
* Created by hanl on 30.05.16.
*/
+@Deprecated
public class AdminSetup {
private final String token_hash;
diff --git a/src/main/java/de/ids_mannheim/korap/config/Attributes.java b/src/main/java/de/ids_mannheim/korap/config/Attributes.java
index 8775883..16ddfdd 100644
--- a/src/main/java/de/ids_mannheim/korap/config/Attributes.java
+++ b/src/main/java/de/ids_mannheim/korap/config/Attributes.java
@@ -2,6 +2,7 @@
public class Attributes {
+ // EM: Use enum for the authentication types
public static final String AUTHORIZATION = "Authorization";
public static final String SESSION_AUTHENTICATION = "session_token";
public static final String API_AUTHENTICATION = "api_token";
@@ -44,7 +45,8 @@
public static final String ADDRESS = "address";
public static final String COUNTRY = "country";
public static final String IPADDRESS = "ipaddress";
- // deprcated, use created
+ public static final String IS_ADMIN = "admin";
+ // deprecated, use created
public static final String ACCOUNT_CREATION = "account_creation";
public static final String ACCOUNTLOCK = "account_lock";
public static final String ACCOUNTLINK = "account_link";
diff --git a/src/main/java/de/ids_mannheim/korap/config/ContextHolder.java b/src/main/java/de/ids_mannheim/korap/config/ContextHolder.java
index e142def..c0126da 100644
--- a/src/main/java/de/ids_mannheim/korap/config/ContextHolder.java
+++ b/src/main/java/de/ids_mannheim/korap/config/ContextHolder.java
@@ -29,6 +29,7 @@
public static final String KUSTVAKT_AUTHENTICATION_MANAGER = "kustvakt_authenticationmanager";
public static final String KUSTVAKT_AUTHPROVIDERS = "kustvakt_authproviders";
public static final String KUSTVAKT_USERDB = "kustvakt_userdb";
+ public static final String KUSTVAKT_ADMINDB = "kustvakt_admindb";
public static final String KUSTVAKT_POLICIES = "kustvakt_policies";
private ApplicationContext context = null;
@@ -105,6 +106,10 @@
public EntityHandlerIface getUserDBHandler () {
return getBean(KUSTVAKT_USERDB);
}
+
+ public AdminHandlerIface getAdminDBHandler () {
+ return getBean(KUSTVAKT_ADMINDB);
+ }
public PolicyHandlerIface getPolicyDbProvider () {
diff --git a/src/main/java/de/ids_mannheim/korap/config/KustvaktConfiguration.java b/src/main/java/de/ids_mannheim/korap/config/KustvaktConfiguration.java
index 7255988..4bd1605 100644
--- a/src/main/java/de/ids_mannheim/korap/config/KustvaktConfiguration.java
+++ b/src/main/java/de/ids_mannheim/korap/config/KustvaktConfiguration.java
@@ -28,18 +28,6 @@
public static final Map<String, Object> KUSTVAKT_USER = new HashMap<>();
-// static {
-// KUSTVAKT_USER.put(Attributes.ID, 1000);
-// KUSTVAKT_USER.put(Attributes.USERNAME, "kustvakt");
-// KUSTVAKT_USER.put(Attributes.PASSWORD, "kustvakt2015");
-// KUSTVAKT_USER.put(Attributes.EMAIL, "kustvakt@ids-mannheim.de");
-// KUSTVAKT_USER.put(Attributes.COUNTRY, "Germany");
-// KUSTVAKT_USER.put(Attributes.ADDRESS, "Mannheim");
-// KUSTVAKT_USER.put(Attributes.FIRSTNAME, "Kustvakt");
-// KUSTVAKT_USER.put(Attributes.LASTNAME, "KorAP");
-// KUSTVAKT_USER.put(Attributes.INSTITUTION, "IDS Mannheim");
-// }
-
private static final Logger jlog = LoggerFactory
.getLogger(KustvaktConfiguration.class);
private String indexDir;
@@ -168,7 +156,7 @@
KUSTVAKT_USER.put(Attributes.FIRSTNAME, properties.getProperty("kustvakt.init.user.firstname"));
KUSTVAKT_USER.put(Attributes.LASTNAME, properties.getProperty("kustvakt.init.user.lastname"));
KUSTVAKT_USER.put(Attributes.INSTITUTION, properties.getProperty("kustvakt.init.user.institution"));
-
+ KUSTVAKT_USER.put(Attributes.IS_ADMIN, properties.getProperty("kustvakt.init.user.admin"));
return properties;
}
diff --git a/src/main/java/de/ids_mannheim/korap/handlers/AdminDao.java b/src/main/java/de/ids_mannheim/korap/handlers/AdminDao.java
new file mode 100644
index 0000000..7237afd
--- /dev/null
+++ b/src/main/java/de/ids_mannheim/korap/handlers/AdminDao.java
@@ -0,0 +1,93 @@
+package de.ids_mannheim.korap.handlers;
+
+import java.util.Collections;
+import java.util.HashMap;
+import java.util.List;
+import java.util.Map;
+
+import org.slf4j.Logger;
+import org.slf4j.LoggerFactory;
+import org.springframework.dao.DataAccessException;
+import org.springframework.jdbc.core.namedparam.MapSqlParameterSource;
+import org.springframework.jdbc.core.namedparam.NamedParameterJdbcTemplate;
+
+import de.ids_mannheim.korap.config.KustvaktBaseDaoInterface;
+import de.ids_mannheim.korap.exceptions.KustvaktException;
+import de.ids_mannheim.korap.interfaces.db.AdminHandlerIface;
+import de.ids_mannheim.korap.interfaces.db.PersistenceClient;
+import de.ids_mannheim.korap.user.User;
+
+public class AdminDao implements AdminHandlerIface, KustvaktBaseDaoInterface {
+
+ private static Logger jlog = LoggerFactory.getLogger(AdminDao.class);
+ private NamedParameterJdbcTemplate jdbcTemplate;
+
+ public AdminDao(PersistenceClient client) {
+ this.jdbcTemplate = (NamedParameterJdbcTemplate) client.getSource();
+ }
+
+ @Override
+ public int addAccount(User user) throws KustvaktException{
+ MapSqlParameterSource params = new MapSqlParameterSource();
+ params.addValue("user_id", user.getId());
+ String query = "INSERT INTO admin_users (user_id) VALUES (:user_id)";
+ try {
+ int r = this.jdbcTemplate.update(query, params);
+ return r;
+ }
+ catch (DataAccessException e) {
+ jlog.warn("Could not add {} as an admin. {} is already an admin.",
+ user.getUsername());
+// throw new dbException(user.getId().toString(), "admin_users",
+// StatusCodes.ENTRY_EXISTS, user.getId().toString());
+ return 0;
+ }
+ }
+
+ @Override
+ public int size() {
+ final String query = "SELECT COUNT(*) FROM admin_users;";
+ return this.jdbcTemplate.queryForObject(query, new HashMap<String, Object>(), Integer.class);
+ }
+
+ @Override
+ public int truncate() {
+ String sql = "DELETE FROM korap_users;";
+ try {
+ return this.jdbcTemplate.update(sql, new HashMap<String, Object>());
+ } catch (DataAccessException e) {
+ return -1;
+ }
+ }
+
+ @Override
+ public int updateAccount(User user) throws KustvaktException {
+ // TODO Auto-generated method stub
+ return 0;
+ }
+
+ @Override
+ public int deleteAccount(Integer userid) throws KustvaktException {
+ // TODO Auto-generated method stub
+ return 0;
+ }
+
+ @Override
+ public boolean isAdmin(int userId) {
+ Map<String, String> namedParameters = Collections.singletonMap(
+ "user_id", String.valueOf(userId));
+
+ final String sql = "select id from admin_users where user_id=:user_id;";
+ try {
+ List<Map<String, Object>> ids = this.jdbcTemplate.queryForList(sql, namedParameters);
+ if (ids.isEmpty()){
+ return false;
+ }
+ }
+ catch (DataAccessException e) {
+ return false;
+ }
+ return true;
+ }
+
+}
diff --git a/src/main/java/de/ids_mannheim/korap/handlers/EntityDao.java b/src/main/java/de/ids_mannheim/korap/handlers/EntityDao.java
index a13eeeb..3ef97bb 100644
--- a/src/main/java/de/ids_mannheim/korap/handlers/EntityDao.java
+++ b/src/main/java/de/ids_mannheim/korap/handlers/EntityDao.java
@@ -38,7 +38,6 @@
private static Logger jlog = LoggerFactory.getLogger(EntityDao.class);
private NamedParameterJdbcTemplate jdbcTemplate;
-
public EntityDao (PersistenceClient client) {
this.jdbcTemplate = (NamedParameterJdbcTemplate) client.getSource();
}
@@ -194,11 +193,11 @@
KeyHolder holder = new GeneratedKeyHolder();
+ int r;
try {
- int r = this.jdbcTemplate.update(query, np, holder,
+ r = this.jdbcTemplate.update(query, np, holder,
new String[] { "id" });
user.setId(holder.getKey().intValue());
- return r;
}
catch (DataAccessException e) {
jlog.error("Could not create user account with username: {}",
@@ -206,6 +205,8 @@
throw new dbException(user.getUsername(), "korap_users",
StatusCodes.ENTRY_EXISTS, user.getUsername());
}
+
+ return r;
}
diff --git a/src/main/java/de/ids_mannheim/korap/interfaces/db/AdminHandlerIface.java b/src/main/java/de/ids_mannheim/korap/interfaces/db/AdminHandlerIface.java
new file mode 100644
index 0000000..f9f56d6
--- /dev/null
+++ b/src/main/java/de/ids_mannheim/korap/interfaces/db/AdminHandlerIface.java
@@ -0,0 +1,24 @@
+package de.ids_mannheim.korap.interfaces.db;
+
+import de.ids_mannheim.korap.exceptions.KustvaktException;
+import de.ids_mannheim.korap.user.User;
+
+/**
+ * @author margaretha
+ */
+public interface AdminHandlerIface {
+
+ int updateAccount (User user) throws KustvaktException;
+
+
+ int addAccount (User user) throws KustvaktException;
+
+
+ int deleteAccount (Integer userid) throws KustvaktException;
+
+
+ int truncate () throws KustvaktException;
+
+ boolean isAdmin(int userId);
+
+}
diff --git a/src/main/java/de/ids_mannheim/korap/security/ac/PolicyEvaluator.java b/src/main/java/de/ids_mannheim/korap/security/ac/PolicyEvaluator.java
index 0fbe1d1..928ca77 100644
--- a/src/main/java/de/ids_mannheim/korap/security/ac/PolicyEvaluator.java
+++ b/src/main/java/de/ids_mannheim/korap/security/ac/PolicyEvaluator.java
@@ -172,7 +172,8 @@
public boolean isManaged () {
- return getOwner(this.policies[0]) == KorAPUser.ADMINISTRATOR_ID;
+ //return getOwner(this.policies[0]) == KorAPUser.ADMINISTRATOR_ID;
+ return false;
}
diff --git a/src/main/java/de/ids_mannheim/korap/security/auth/KustvaktAuthenticationManager.java b/src/main/java/de/ids_mannheim/korap/security/auth/KustvaktAuthenticationManager.java
index 4f18a76..c959e5e 100644
--- a/src/main/java/de/ids_mannheim/korap/security/auth/KustvaktAuthenticationManager.java
+++ b/src/main/java/de/ids_mannheim/korap/security/auth/KustvaktAuthenticationManager.java
@@ -11,6 +11,7 @@
import de.ids_mannheim.korap.interfaces.AuthenticationManagerIface;
import de.ids_mannheim.korap.interfaces.EncryptionIface;
import de.ids_mannheim.korap.interfaces.ValidatorIface;
+import de.ids_mannheim.korap.interfaces.db.AdminHandlerIface;
import de.ids_mannheim.korap.interfaces.db.AuditingIface;
import de.ids_mannheim.korap.interfaces.db.EntityHandlerIface;
import de.ids_mannheim.korap.interfaces.db.UserDataDbIface;
@@ -41,18 +42,21 @@
.getLogger(KustvaktAuthenticationManager.class);
private EncryptionIface crypto;
private EntityHandlerIface entHandler;
+ private AdminHandlerIface adminHandler;
private AuditingIface auditing;
private KustvaktConfiguration config;
private Collection userdatadaos;
private LoginCounter counter;
private ValidatorIface validator;
- public KustvaktAuthenticationManager (EntityHandlerIface userdb,
+ public KustvaktAuthenticationManager (EntityHandlerIface userdb,
+ AdminHandlerIface admindb,
EncryptionIface crypto,
KustvaktConfiguration config,
AuditingIface auditer,
Collection<UserDataDbIface> userdatadaos) {
this.entHandler = userdb;
+ this.adminHandler = admindb;
this.config = config;
this.crypto = crypto;
this.auditing = auditer;
@@ -258,7 +262,11 @@
attributes.toString());
}
}
+
+ boolean isAdmin = adminHandler.isAdmin(unknown.getId());
+ unknown.setAdmin(isAdmin);
jlog.trace("Authentication: found username " + unknown.getUsername());
+
if (unknown instanceof KorAPUser) {
if (password == null || password.isEmpty())
throw new WrappedException(new KustvaktException(
@@ -536,6 +544,11 @@
user.addField(param);
}
user.setPassword(hash);
+
+ String o = (String) attributes.get(Attributes.IS_ADMIN);
+ boolean b = Boolean.parseBoolean(o);
+ user.setAdmin(b);
+
try {
UserDetails details = new UserDetails();
details.read(safeMap, true);
@@ -546,6 +559,9 @@
jlog.info("Creating new user account for user {}",
user.getUsername());
entHandler.createAccount(user);
+ if (user.isAdmin() && user instanceof KorAPUser){
+ adminHandler.addAccount(user);
+ }
details.setUserId(user.getId());
settings.setUserId(user.getId());
diff --git a/src/main/java/de/ids_mannheim/korap/user/User.java b/src/main/java/de/ids_mannheim/korap/user/User.java
index 7cf211d..53c3d1e 100644
--- a/src/main/java/de/ids_mannheim/korap/user/User.java
+++ b/src/main/java/de/ids_mannheim/korap/user/User.java
@@ -21,8 +21,8 @@
@Data
public abstract class User implements Serializable {
- public static final int ADMINISTRATOR_ID = 34349733;
- public static final String ADMINISTRATOR_NAME = "admin";
+// public static final int ADMINISTRATOR_ID = 34349733;
+// public static final String ADMINISTRATOR_NAME = "admin";
private Integer id;
// in local its username, in shib it's edupersonPrincipalName
@@ -44,6 +44,7 @@
private List<Userdata> userdata;
+ private boolean isAdmin;
protected User () {
this.fields = new ParamFields();
@@ -134,10 +135,9 @@
return true;
}
-
- public boolean isAdmin () {
- return this.getUsername().equals(ADMINISTRATOR_ID);
- }
+// public boolean isAdmin () {
+// return this.getUsername().equals(ADMINISTRATOR_ID);
+// }
protected abstract User clone ();
@@ -164,10 +164,9 @@
return user;
}
-
- public static KorAPUser getAdmin () {
- return new KorAPUser(ADMINISTRATOR_ID, ADMINISTRATOR_NAME);
- }
+// public static KorAPUser getAdmin () {
+// return new KorAPUser(ADMINISTRATOR_ID, ADMINISTRATOR_NAME);
+// }
public static DemoUser getDemoUser () {
diff --git a/src/main/java/de/ids_mannheim/korap/utils/UserPropertyReader.java b/src/main/java/de/ids_mannheim/korap/utils/UserPropertyReader.java
index 544ceef..d98de46 100644
--- a/src/main/java/de/ids_mannheim/korap/utils/UserPropertyReader.java
+++ b/src/main/java/de/ids_mannheim/korap/utils/UserPropertyReader.java
@@ -21,6 +21,8 @@
/**
* @author hanl
* @date 30/09/2014
+ *
+ * EM: where is this used?
*/
public class UserPropertyReader extends PropertyReader {
@@ -70,23 +72,23 @@
private User createUser (String username, Properties p)
throws KustvaktException {
KorAPUser user;
- if (username.equals(User.ADMINISTRATOR_NAME)) {
- user = User.UserFactory.getAdmin();
-
- String pass = p.getProperty(username + ".password", null);
- if (pass == null)
- throw new KustvaktException(StatusCodes.ILLEGAL_ARGUMENT);
-
- try {
- pass = crypto.secureHash(pass);
- }
- catch (NoSuchAlgorithmException | UnsupportedEncodingException e) {
- throw new KustvaktException(StatusCodes.REQUEST_INVALID);
- }
- user.setPassword(pass);
- iface.createAccount(user);
- }
- else {
+// if (username.equals(User.ADMINISTRATOR_NAME)) {
+// user = User.UserFactory.getAdmin();
+//
+// String pass = p.getProperty(username + ".password", null);
+// if (pass == null)
+// throw new KustvaktException(StatusCodes.ILLEGAL_ARGUMENT);
+//
+// try {
+// pass = crypto.secureHash(pass);
+// }
+// catch (NoSuchAlgorithmException | UnsupportedEncodingException e) {
+// throw new KustvaktException(StatusCodes.REQUEST_INVALID);
+// }
+// user.setPassword(pass);
+// iface.createAccount(user);
+// }
+// else {
user = User.UserFactory.getUser(username);
Map<String, Object> vals = new HashMap<>();
for (Map.Entry e : p.entrySet()) {
@@ -132,7 +134,7 @@
BeansFactory.getKustvaktContext().getUserDataProviders(),
UserSettings.class);
dao.store(set);
- }
+// }
jlog.info("successfully created account for user {}",
user.getUsername());
diff --git a/src/main/java/de/ids_mannheim/korap/web/KustvaktBaseServer.java b/src/main/java/de/ids_mannheim/korap/web/KustvaktBaseServer.java
index 2939a2a..8fbd509 100644
--- a/src/main/java/de/ids_mannheim/korap/web/KustvaktBaseServer.java
+++ b/src/main/java/de/ids_mannheim/korap/web/KustvaktBaseServer.java
@@ -107,15 +107,15 @@
server.setHandler(contextHandler);
- if (kargs.sslContext != null) {
- SslSocketConnector sslConnector = new SslSocketConnector(
- kargs.sslContext);
- sslConnector.setPort(8443);
- sslConnector.setMaxIdleTime(60000);
- server.setConnectors(new Connector[] { connector, sslConnector });
- }
- else
- server.setConnectors(new Connector[] { connector });
+// if (kargs.sslContext != null) {
+// SslSocketConnector sslConnector = new SslSocketConnector(
+// kargs.sslContext);
+// sslConnector.setPort(8443);
+// sslConnector.setMaxIdleTime(60000);
+// server.setConnectors(new Connector[] { connector, sslConnector });
+// }
+// else
+ server.setConnectors(new Connector[] { connector });
server.start();
server.join();
diff --git a/src/main/java/de/ids_mannheim/korap/web/filter/AdminFilter.java b/src/main/java/de/ids_mannheim/korap/web/filter/AdminFilter.java
index 6455452..bfd12f9 100644
--- a/src/main/java/de/ids_mannheim/korap/web/filter/AdminFilter.java
+++ b/src/main/java/de/ids_mannheim/korap/web/filter/AdminFilter.java
@@ -1,93 +1,89 @@
package de.ids_mannheim.korap.web.filter;
-import com.sun.jersey.spi.container.ContainerRequest;
-import com.sun.jersey.spi.container.ContainerRequestFilter;
-import com.sun.jersey.spi.container.ContainerResponseFilter;
-import com.sun.jersey.spi.container.ResourceFilter;
-import de.ids_mannheim.korap.config.AdminSetup;
-import de.ids_mannheim.korap.config.Attributes;
-import de.ids_mannheim.korap.config.BeansFactory;
-import de.ids_mannheim.korap.exceptions.KustvaktException;
-import de.ids_mannheim.korap.interfaces.AuthenticationManagerIface;
-import de.ids_mannheim.korap.interfaces.EncryptionIface;
-import de.ids_mannheim.korap.security.auth.BasicHttpAuth;
-import de.ids_mannheim.korap.security.auth.KustvaktAuthenticationManager;
-import de.ids_mannheim.korap.user.TokenContext;
-import de.ids_mannheim.korap.user.User;
-import de.ids_mannheim.korap.utils.NamingUtils;
-import de.ids_mannheim.korap.utils.StringUtils;
-import de.ids_mannheim.korap.web.utils.KustvaktContext;
-import de.ids_mannheim.korap.web.utils.KustvaktResponseHandler;
-
import java.util.HashMap;
import java.util.Map;
import javax.ws.rs.ext.Provider;
+import com.sun.jersey.spi.container.ContainerRequest;
+import com.sun.jersey.spi.container.ContainerRequestFilter;
+import com.sun.jersey.spi.container.ContainerResponseFilter;
+import com.sun.jersey.spi.container.ResourceFilter;
+
+import de.ids_mannheim.korap.config.Attributes;
+import de.ids_mannheim.korap.config.BeansFactory;
+import de.ids_mannheim.korap.exceptions.KustvaktException;
+import de.ids_mannheim.korap.interfaces.AuthenticationManagerIface;
+import de.ids_mannheim.korap.security.auth.BasicHttpAuth;
+import de.ids_mannheim.korap.user.TokenContext;
+import de.ids_mannheim.korap.user.User;
+import de.ids_mannheim.korap.utils.StringUtils;
+import de.ids_mannheim.korap.web.utils.KustvaktContext;
+import de.ids_mannheim.korap.web.utils.KustvaktResponseHandler;
+
/**
- * @author hanl
- * @date 17/06/2014
+ * @author hanl, margaretha
+ * @date 04/2017
*/
@Provider
public class AdminFilter implements ContainerRequestFilter, ResourceFilter {
-// private static AuthenticationManagerIface authManager = BeansFactory.getKustvaktContext()
-// .getAuthenticationManager();
-
- @Override
- public ContainerRequest filter (ContainerRequest cr) {
- // todo:
- String host = cr.getHeaderValue(ContainerRequest.HOST);
- String agent = cr.getHeaderValue(ContainerRequest.USER_AGENT);
- String authentication = cr
- .getHeaderValue(ContainerRequest.AUTHORIZATION);
-
- //decode password
- String authenticationType = StringUtils.getTokenType(authentication);
- String authenticationCode = StringUtils.stripTokenType(authentication);
- String username = null, token=null;
- if (authenticationType.equals("basic")){
- String[] authContent = BasicHttpAuth.decode(authenticationCode);
- username = authContent[0];
- token= authContent[1];
- }
-
-// if (authentication != null
-// && authentication.endsWith(BeansFactory.getKustvaktContext()
-// .getConfiguration().getAdminToken())) {
-
-// EM: to do ssl
- if (authentication != null && cr.isSecure()) {
-// String token = StringUtils.stripTokenType(authentication);
-// EncryptionIface crypto = BeansFactory.getKustvaktContext()
-// .getEncryption();
-
- // EM: Another method of authentification using admin token
-// if (crypto.checkHash(token, AdminSetup.getInstance().getHash())) {
- TokenContext c = new TokenContext();
- c.setUsername(username);
- c.setTokenType(authenticationType);
- c.setToken(token);
- c.setHostAddress(host);
- c.setUserAgent(agent);
- cr.setSecurityContext(new KustvaktContext(c));
-
-// }
- }
- else
- throw KustvaktResponseHandler.throwAuthenticationException("Unsecure connection.");
- return cr;
- }
+ private static AuthenticationManagerIface authManager = BeansFactory.getKustvaktContext()
+ .getAuthenticationManager();
+ @Override
+ public ContainerRequest filter(ContainerRequest cr) {
+ String authentication = cr.getHeaderValue(ContainerRequest.AUTHORIZATION);
+ if (authentication == null) {
+ throw KustvaktResponseHandler.throwAuthenticationException("The authorization header value is missing.");
+ }
- @Override
- public ContainerRequestFilter getRequestFilter () {
- return this;
- }
+ // decode password
+ String authenticationType = StringUtils.getTokenType(authentication);
+ String authenticationCode = StringUtils.stripTokenType(authentication);
+ String username = null, token = null;
+ int tokenType = 0;
+
+ if (authenticationType.equals(Attributes.BASIC_AUTHENTICATION)) {
+ String[] authContent = BasicHttpAuth.decode(authenticationCode);
+ username = authContent[0];
+ token = authContent[1];
+ }
+
+ String host = cr.getHeaderValue(ContainerRequest.HOST);
+ String agent = cr.getHeaderValue(ContainerRequest.USER_AGENT);
+ Map<String, Object> attributes = new HashMap<>();
+ attributes.put(Attributes.HOST, host);
+ attributes.put(Attributes.USER_AGENT, agent);
+ try {
+ User user = authManager.authenticate(tokenType, username, token, attributes);
+ if (!user.isAdmin()){
+ throw KustvaktResponseHandler.throwAuthenticationException("Admin authentication failed.");
+ }
+ Map<String, Object> properties = cr.getProperties();
+ properties.put("user", user);
+ } catch (KustvaktException e) {
+ throw KustvaktResponseHandler.throwAuthenticationException("User authentication failed.");
+ }
+ TokenContext c = new TokenContext();
+ c.setUsername(username);
+ c.setTokenType(authenticationType);
+ c.setToken(token);
+ c.setHostAddress(host);
+ c.setUserAgent(agent);
+ cr.setSecurityContext(new KustvaktContext(c));
- @Override
- public ContainerResponseFilter getResponseFilter () {
- return null;
- }
+ return cr;
+ }
+
+ @Override
+ public ContainerRequestFilter getRequestFilter() {
+ return this;
+ }
+
+ @Override
+ public ContainerResponseFilter getResponseFilter() {
+ return null;
+ }
}
diff --git a/src/main/java/de/ids_mannheim/korap/web/service/full/AdminService.java b/src/main/java/de/ids_mannheim/korap/web/service/full/AdminService.java
index 983f619..d1a3162 100644
--- a/src/main/java/de/ids_mannheim/korap/web/service/full/AdminService.java
+++ b/src/main/java/de/ids_mannheim/korap/web/service/full/AdminService.java
@@ -20,6 +20,7 @@
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;
+import com.sun.jersey.api.core.HttpContext;
import com.sun.jersey.spi.container.ResourceFilters;
import de.ids_mannheim.korap.auditing.AuditRecord;
@@ -111,7 +112,7 @@
@QueryParam("group") String group,
@QueryParam("perm") List<String> permissions,
@QueryParam("loc") String loc, @QueryParam("expire") String duration,
- @Context SecurityContext context) {
+ @Context HttpContext context) {
try {
KustvaktResource resource = ResourceFactory.getResource(type);
@@ -122,20 +123,8 @@
Permissions.Permission[] p = Permissions.read(permissions
.toArray(new String[0]));
- TokenContext tc = (TokenContext) context.getUserPrincipal();
- Map<String, Object> attributes = new HashMap<>();
- attributes.put(Attributes.HOST, tc.getHostAddress());
- attributes.put(Attributes.USER_AGENT, tc.getUserAgent());
-
- User user = null;
- int tokenType = 0;
- // EM: Use enum for the authentication types
- if(!tc.getTokenType().equals("basic")){
- tokenType = 1;
- }
+ User user = (User) context.getProperties().get("user");
- user = authManager.authenticate(tokenType, tc.getUsername(), tc.getToken(), attributes);
-
PolicyBuilder pb = new PolicyBuilder(user)
.setConditions(new PolicyCondition(group))
.setResources(resource);
diff --git a/src/main/resources/db/mysql/V0.1__userdatabase.sql b/src/main/resources/db/mysql/V0.1__userdatabase.sql
index 09b1591..6f67575 100644
--- a/src/main/resources/db/mysql/V0.1__userdatabase.sql
+++ b/src/main/resources/db/mysql/V0.1__userdatabase.sql
@@ -14,6 +14,13 @@
account_link VARCHAR(100)
);
+CREATE TABLE IF NOT EXISTS admin_users (
+ id INTEGER PRIMARY KEY AUTO_INCREMENT,
+ user_id INTEGER NOT NULL UNIQUE,
+ foreign key (user_id)
+ references korap_users (id)
+);
+
CREATE TABLE IF NOT EXISTS shib_users (
id INTEGER PRIMARY KEY AUTO_INCREMENT,
username VARCHAR(100) NOT NULL UNIQUE,
diff --git a/src/main/resources/db/mysql/mysql_schema_comp.sql b/src/main/resources/db/mysql/mysql_schema_comp.sql
index 6ee11c5..44ec4de 100644
--- a/src/main/resources/db/mysql/mysql_schema_comp.sql
+++ b/src/main/resources/db/mysql/mysql_schema_comp.sql
@@ -22,6 +22,13 @@
accountLink VARCHAR(100)
)$$
+CREATE TABLE IF NOT EXISTS admin_users (
+ id INTEGER PRIMARY KEY AUTO_INCREMENT,
+ user_id INTEGER NOT NULL,
+ foreign key (user_id)
+ references korap_users (id)
+)$$
+
CREATE TABLE IF NOT EXISTS user_details (
Id INTEGER PRIMARY KEY AUTO_INCREMENT,
userID INTEGER NOT NULL UNIQUE,
diff --git a/src/main/resources/db/sqlite/V1__Initial_version.sql b/src/main/resources/db/sqlite/V1__Initial_version.sql
index eaa32ff..55641ae 100644
--- a/src/main/resources/db/sqlite/V1__Initial_version.sql
+++ b/src/main/resources/db/sqlite/V1__Initial_version.sql
@@ -11,6 +11,13 @@
account_link VARCHAR(100)
);
+CREATE TABLE IF NOT EXISTS admin_users (
+id INTEGER PRIMARY KEY AUTOINCREMENT,
+user_id INTEGER NOT NULL UNIQUE,
+foreign key (user_id)
+references korap_users (id)
+);
+
CREATE TABLE IF NOT EXISTS shib_users (
id INTEGER PRIMARY KEY AUTOINCREMENT,
username VARCHAR(150) NOT NULL UNIQUE,
diff --git a/src/main/resources/default-config.xml b/src/main/resources/default-config.xml
index 7d49e91..0a95416 100644
--- a/src/main/resources/default-config.xml
+++ b/src/main/resources/default-config.xml
@@ -99,7 +99,12 @@
class="de.ids_mannheim.korap.handlers.EntityDao">
<constructor-arg ref="kustvakt_db"/>
</bean>
-
+
+ <bean id="kustvakt_admindb"
+ class="de.ids_mannheim.korap.handlers.AdminDao">
+ <constructor-arg ref="kustvakt_db"/>
+ </bean>
+
<bean id="resource_provider"
class="de.ids_mannheim.korap.handlers.ResourceDao">
<constructor-arg ref="kustvakt_db"/>
@@ -192,6 +197,9 @@
<constructor-arg
type="de.ids_mannheim.korap.interfaces.db.EntityHandlerIface"
ref="kustvakt_userdb"/>
+ <constructor-arg
+ type="de.ids_mannheim.korap.interfaces.db.AdminHandlerIface"
+ ref="kustvakt_admindb"/>
<constructor-arg type="de.ids_mannheim.korap.interfaces.EncryptionIface"
ref="kustvakt_encryption"/>
<constructor-arg ref="kustvakt_config"/>
diff --git a/src/test/java/de/ids_mannheim/korap/config/BeanConfigTest.java b/src/test/java/de/ids_mannheim/korap/config/BeanConfigTest.java
index 0309437..4407fb6 100644
--- a/src/test/java/de/ids_mannheim/korap/config/BeanConfigTest.java
+++ b/src/test/java/de/ids_mannheim/korap/config/BeanConfigTest.java
@@ -1,11 +1,8 @@
package de.ids_mannheim.korap.config;
-import de.ids_mannheim.korap.exceptions.KustvaktException;
-import net.jcip.annotations.NotThreadSafe;
+import static org.junit.Assert.assertNotNull;
+
import org.apache.log4j.Logger;
-import org.junit.AfterClass;
-import org.junit.Before;
-import org.junit.BeforeClass;
import org.junit.runner.RunWith;
import org.junit.runner.notification.RunNotifier;
import org.junit.runners.model.InitializationError;
@@ -15,10 +12,8 @@
import org.springframework.test.context.ContextConfiguration;
import org.springframework.test.context.junit4.SpringJUnit4ClassRunner;
-import javax.annotation.PostConstruct;
-
-import static org.junit.Assert.assertNotNull;
-import static org.junit.Assert.assertNull;
+import de.ids_mannheim.korap.exceptions.KustvaktException;
+import net.jcip.annotations.NotThreadSafe;
/**
* @author hanl
diff --git a/src/test/java/de/ids_mannheim/korap/config/TestBeans.java b/src/test/java/de/ids_mannheim/korap/config/TestBeans.java
index 7d33ba2..8c96bc4 100644
--- a/src/test/java/de/ids_mannheim/korap/config/TestBeans.java
+++ b/src/test/java/de/ids_mannheim/korap/config/TestBeans.java
@@ -1,5 +1,6 @@
package de.ids_mannheim.korap.config;
+import de.ids_mannheim.korap.handlers.AdminDao;
import de.ids_mannheim.korap.interfaces.AuthenticationManagerIface;
import de.ids_mannheim.korap.interfaces.EncryptionIface;
import de.ids_mannheim.korap.interfaces.db.*;
@@ -13,35 +14,29 @@
*/
public abstract class TestBeans {
- protected PersistenceClient dataSource;
+ protected PersistenceClient dataSource;
+ public abstract PolicyHandlerIface getPolicyDao();
- public abstract PolicyHandlerIface getPolicyDao ();
+ public abstract KustvaktConfiguration getConfig();
+ public abstract EntityHandlerIface getUserDao();
+
+ public abstract AdminHandlerIface getAdminDao();
- public abstract KustvaktConfiguration getConfig ();
+ public abstract AuditingIface getAuditingDao();
+ public abstract List<ResourceOperationIface> getResourceDaos();
- public abstract EntityHandlerIface getUserDao ();
+ public abstract List<UserDataDbIface> getUserdataDaos();
+ public abstract EncryptionIface getCrypto();
- public abstract AuditingIface getAuditingDao ();
+ public abstract AuthenticationManagerIface getAuthManager();
+ @Bean(name = "kustvakt_db")
+ public PersistenceClient getDataSource() {
+ return this.dataSource;
+ }
- public abstract List<ResourceOperationIface> getResourceDaos ();
-
-
- public abstract List<UserDataDbIface> getUserdataDaos ();
-
-
- public abstract EncryptionIface getCrypto ();
-
-
- public abstract AuthenticationManagerIface getAuthManager ();
-
-
- @Bean(name = "kustvakt_db")
- public PersistenceClient getDataSource () {
- return this.dataSource;
- }
}
diff --git a/src/test/java/de/ids_mannheim/korap/config/TestHelper.java b/src/test/java/de/ids_mannheim/korap/config/TestHelper.java
index 9788eeb..1f4846d 100644
--- a/src/test/java/de/ids_mannheim/korap/config/TestHelper.java
+++ b/src/test/java/de/ids_mannheim/korap/config/TestHelper.java
@@ -414,7 +414,12 @@
return new EntityDao(this.dataSource);
}
-
+ @Bean(name = ContextHolder.KUSTVAKT_ADMINDB)
+ @Override
+ public AdminHandlerIface getAdminDao () {
+ return new AdminDao(this.dataSource);
+ }
+
@Bean(name = ContextHolder.KUSTVAKT_CONFIG)
@Override
public KustvaktConfiguration getConfig () {
@@ -468,7 +473,7 @@
@Override
public AuthenticationManagerIface getAuthManager () {
AuthenticationManagerIface manager = new KustvaktAuthenticationManager(
- getUserDao(), getCrypto(), getConfig(), getAuditingDao(),
+ getUserDao(), getAdminDao(), getCrypto(), getConfig(), getAuditingDao(),
getUserdataDaos());
Set<AuthenticationIface> pro = new HashSet<>();
pro.add(new BasicHttpAuth());
diff --git a/src/test/java/de/ids_mannheim/korap/web/service/full/PolicyServiceTest.java b/src/test/java/de/ids_mannheim/korap/web/service/full/PolicyServiceTest.java
index f47dd68..6959924 100644
--- a/src/test/java/de/ids_mannheim/korap/web/service/full/PolicyServiceTest.java
+++ b/src/test/java/de/ids_mannheim/korap/web/service/full/PolicyServiceTest.java
@@ -1,48 +1,20 @@
package de.ids_mannheim.korap.web.service.full;
import static org.junit.Assert.assertEquals;
-import static org.junit.Assert.assertNotNull;
-import static org.junit.Assert.assertTrue;
-import java.io.File;
import java.io.IOException;
-import java.nio.charset.Charset;
-import java.nio.charset.StandardCharsets;
-import java.nio.file.FileSystems;
-import java.nio.file.Files;
-import java.nio.file.Path;
-import java.security.KeyManagementException;
-import java.security.NoSuchAlgorithmException;
-import java.security.cert.X509Certificate;
-import java.util.Collection;
import java.util.List;
import java.util.UUID;
-import javax.net.ssl.HostnameVerifier;
-import javax.net.ssl.HttpsURLConnection;
-import javax.net.ssl.SSLContext;
-import javax.net.ssl.TrustManager;
-import javax.net.ssl.X509TrustManager;
-
import org.junit.BeforeClass;
import org.junit.Test;
-import org.mindrot.jbcrypt.BCrypt;
-import com.fasterxml.jackson.databind.JsonNode;
-import com.sun.jersey.api.client.Client;
import com.sun.jersey.api.client.ClientResponse;
-import com.sun.jersey.api.client.config.ClientConfig;
-import com.sun.jersey.api.client.config.DefaultClientConfig;
-import com.sun.jersey.client.urlconnection.HTTPSProperties;
-import de.ids_mannheim.korap.config.AdminSetup;
import de.ids_mannheim.korap.config.Attributes;
-import de.ids_mannheim.korap.config.TestHelper;
import de.ids_mannheim.korap.exceptions.KustvaktException;
-import de.ids_mannheim.korap.handlers.ResourceDao;
import de.ids_mannheim.korap.interfaces.db.PolicyHandlerIface;
import de.ids_mannheim.korap.interfaces.db.ResourceOperationIface;
-import de.ids_mannheim.korap.resources.Corpus;
import de.ids_mannheim.korap.resources.KustvaktResource;
import de.ids_mannheim.korap.resources.Permissions;
import de.ids_mannheim.korap.resources.Permissions.Permission;
@@ -52,7 +24,6 @@
import de.ids_mannheim.korap.security.auth.BasicHttpAuth;
import de.ids_mannheim.korap.user.User;
import de.ids_mannheim.korap.user.User.UserFactory;
-import de.ids_mannheim.korap.utils.JsonUtils;
import de.ids_mannheim.korap.web.service.FastJerseyTest;
/**
@@ -64,46 +35,10 @@
public static void configure() throws Exception {
FastJerseyTest.setPackages("de.ids_mannheim.korap.web.service.full", "de.ids_mannheim.korap.web.filter",
"de.ids_mannheim.korap.web.utils");
- // containerURI = "https://localhost/";
}
-// public void initServer(int port) {
-// super.initServer(port);
-//
-// TrustManager[] trustAllCerts = new TrustManager[] { new X509TrustManager() {
-// public X509Certificate[] getAcceptedIssuers() {
-// return null;
-// }
-//
-// public void checkClientTrusted(X509Certificate[] certs, String authType) {
-// }
-//
-// public void checkServerTrusted(X509Certificate[] certs, String authType) {
-// }
-// } };
-//
-// HostnameVerifier hostnameVerifier = HttpsURLConnection.getDefaultHostnameVerifier();
-// ClientConfig config = new DefaultClientConfig();
-// SSLContext ctx = null;
-// try {
-// ctx = SSLContext.getInstance("SSL");
-// ctx.init(null, trustAllCerts, new java.security.SecureRandom());
-// } catch (NoSuchAlgorithmException | KeyManagementException e) {
-// e.printStackTrace();
-// }
-//
-// config.getProperties().put(HTTPSProperties.PROPERTY_HTTPS_PROPERTIES,
-// new HTTPSProperties(hostnameVerifier, ctx));
-// client = Client.create(config);
-//
-// AdminSetup.getInstance();
-// }
-
@Test
public void testCreatePolicyForResource() throws IOException, KustvaktException {
- //Path p = FileSystems.getDefault().getPath("admin_token");
- //List<String> content = Files.readAllLines(p, StandardCharsets.UTF_8);
- //String adminToken = content.get(0);
String id = UUID.randomUUID().toString();
ClientResponse response = resource()
.path(getAPIVersion())
diff --git a/src/test/resources/test-default-config.xml b/src/test/resources/test-default-config.xml
index 3ad0aeb..48e97a8 100644
--- a/src/test/resources/test-default-config.xml
+++ b/src/test/resources/test-default-config.xml
@@ -1,12 +1,9 @@
<?xml version="1.0" encoding="UTF-8"?>
<beans xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
- xmlns:p="http://www.springframework.org/schema/p"
- xmlns:util="http://www.springframework.org/schema/util"
- xmlns:aop="http://www.springframework.org/schema/aop"
- xmlns:tx="http://www.springframework.org/schema/tx"
- xmlns="http://www.springframework.org/schema/beans"
- xmlns:cache="http://www.springframework.org/schema/cache"
- xsi:schemaLocation="http://www.springframework.org/schema/beans
+ xmlns:p="http://www.springframework.org/schema/p" xmlns:util="http://www.springframework.org/schema/util"
+ xmlns:aop="http://www.springframework.org/schema/aop" xmlns:tx="http://www.springframework.org/schema/tx"
+ xmlns="http://www.springframework.org/schema/beans" xmlns:cache="http://www.springframework.org/schema/cache"
+ xsi:schemaLocation="http://www.springframework.org/schema/beans
http://www.springframework.org/schema/beans/spring-beans-4.0.xsd
http://www.springframework.org/schema/tx
http://www.springframework.org/schema/tx/spring-tx-4.0.xsd
@@ -21,226 +18,208 @@
http://www.springframework.org/schema/util
http://www.springframework.org/schema/util/spring-util-4.0.xsd">
- <bean id="props"
- class="org.springframework.beans.factory.config.PropertiesFactoryBean">
- <property name="ignoreResourceNotFound" value="true"/>
- <property name="locations">
- <array>
- <value>classpath:kustvakt.conf</value>
- <value>file:./kustvakt.conf</value>
- </array>
- </property>
- </bean>
+ <bean id="props"
+ class="org.springframework.beans.factory.config.PropertiesFactoryBean">
+ <property name="ignoreResourceNotFound" value="true" />
+ <property name="locations">
+ <array>
+ <value>classpath:kustvakt.conf</value>
+ <value>file:./kustvakt.conf</value>
+ </array>
+ </property>
+ </bean>
- <bean id="jdbc_props"
- class="org.springframework.beans.factory.config.PropertyPlaceholderConfigurer">
- <property name="ignoreResourceNotFound" value="true"/>
- <property name="locations">
- <array>
- <value>classpath:jdbc.properties</value>
- <value>file:./jdbc_tests.properties</value>
- </array>
- </property>
- </bean>
+ <bean id="jdbc_props"
+ class="org.springframework.beans.factory.config.PropertyPlaceholderConfigurer">
+ <property name="ignoreResourceNotFound" value="true" />
+ <property name="locations">
+ <array>
+ <value>classpath:jdbc.properties</value>
+ <value>file:./jdbc_tests.properties</value>
+ </array>
+ </property>
+ </bean>
- <bean id='cacheManager'
- class='org.springframework.cache.ehcache.EhCacheCacheManager'
- p:cacheManager-ref='ehcache'/>
+ <bean id='cacheManager' class='org.springframework.cache.ehcache.EhCacheCacheManager'
+ p:cacheManager-ref='ehcache' />
- <bean id='ehcache'
- class='org.springframework.cache.ehcache.EhCacheManagerFactoryBean'
- p:configLocation='classpath:ehcache.xml'
- p:shared='true'/>
+ <bean id='ehcache'
+ class='org.springframework.cache.ehcache.EhCacheManagerFactoryBean'
+ p:configLocation='classpath:ehcache.xml' p:shared='true' />
- <!-- props are injected from default-config.xml -->
- <bean id="kustvakt_config"
- class="de.ids_mannheim.korap.config.KustvaktConfiguration">
- <property name="properties" ref="props"/>
- </bean>
+ <!-- props are injected from default-config.xml -->
+ <bean id="kustvakt_config" class="de.ids_mannheim.korap.config.KustvaktConfiguration">
+ <property name="properties" ref="props" />
+ </bean>
- <!--class="org.apache.commons.dbcp2.BasicDataSource"-->
- <!-- org.springframework.jdbc.datasource.SingleConnectionDataSource -->
- <!-- org.springframework.jdbc.datasource.DriverManagerDataSource -->
- <bean id="dataSource"
- class="org.springframework.jdbc.datasource.SingleConnectionDataSource"
- lazy-init="false">
- <property name="driverClassName" value="org.sqlite.JDBC"/>
- <property name="url" value="jdbc:sqlite::memory:"/>
- <!--<property name="initialSize" value="1" />-->
- <!--<property name="maxTotal" value="1" />-->
- <!--<property name="maxIdle" value="1" />-->
- <!--<property name="username" value="${jdbc.username}"/>-->
- <!--<property name="password" value="${jdbc.password}"/>-->
- <!-- relevant for single connection datasource and sqlite -->
- <property name="suppressClose">
- <value>true</value>
- </property>
- <!--<property name="initialSize" value="2"/>-->
- <!--<property name="maxIdle" value="2"/>-->
- <!--<property name="poolPreparedStatements" value="true"/>-->
- </bean>
+ <!--class="org.apache.commons.dbcp2.BasicDataSource" -->
+ <!-- org.springframework.jdbc.datasource.SingleConnectionDataSource -->
+ <!-- org.springframework.jdbc.datasource.DriverManagerDataSource -->
+ <bean id="dataSource"
+ class="org.springframework.jdbc.datasource.SingleConnectionDataSource"
+ lazy-init="false">
+ <property name="driverClassName" value="org.sqlite.JDBC" />
+ <property name="url" value="jdbc:sqlite::memory:" />
+ <!--<property name="initialSize" value="1" /> -->
+ <!--<property name="maxTotal" value="1" /> -->
+ <!--<property name="maxIdle" value="1" /> -->
+ <!--<property name="username" value="${jdbc.username}"/> -->
+ <!--<property name="password" value="${jdbc.password}"/> -->
+ <!-- relevant for single connection datasource and sqlite -->
+ <property name="suppressClose">
+ <value>true</value>
+ </property>
+ <!--<property name="initialSize" value="2"/> -->
+ <!--<property name="maxIdle" value="2"/> -->
+ <!--<property name="poolPreparedStatements" value="true"/> -->
+ </bean>
- <!-- to configure database for sqlite, mysql, etc. migrations -->
- <bean id="flyway" class="org.flywaydb.core.Flyway" init-method="migrate">
- <property name="baselineOnMigrate" value="false"/>
- <property name="locations"
- value="classpath:db.sqlite"/>
- <property name="dataSource" ref="dataSource"/>
- </bean>
+ <!-- to configure database for sqlite, mysql, etc. migrations -->
+ <bean id="flyway" class="org.flywaydb.core.Flyway" init-method="migrate">
+ <property name="baselineOnMigrate" value="false" />
+ <property name="locations" value="classpath:db.sqlite" />
+ <property name="dataSource" ref="dataSource" />
+ </bean>
- <bean id="kustvakt_db"
- class="de.ids_mannheim.korap.handlers.JDBCClient">
- <constructor-arg index="0" ref="dataSource"/>
- <property name="database" value="jdbc:sqlite::memory:"/>
- </bean>
+ <bean id="kustvakt_db" class="de.ids_mannheim.korap.handlers.JDBCClient">
+ <constructor-arg index="0" ref="dataSource" />
+ <property name="database" value="jdbc:sqlite::memory:" />
+ </bean>
- <bean id="kustvakt_userdetails"
- class="de.ids_mannheim.korap.handlers.UserDetailsDao">
- <constructor-arg ref="kustvakt_db"/>
- </bean>
+ <bean id="kustvakt_userdetails" class="de.ids_mannheim.korap.handlers.UserDetailsDao">
+ <constructor-arg ref="kustvakt_db" />
+ </bean>
- <bean id="kustvakt_usersettings"
- class="de.ids_mannheim.korap.handlers.UserSettingsDao">
- <constructor-arg ref="kustvakt_db"/>
- </bean>
+ <bean id="kustvakt_usersettings" class="de.ids_mannheim.korap.handlers.UserSettingsDao">
+ <constructor-arg ref="kustvakt_db" />
+ </bean>
- <bean id="kustvakt_auditing"
- class="de.ids_mannheim.korap.handlers.JDBCAuditing">
- <constructor-arg ref="kustvakt_db"/>
- </bean>
+ <bean id="kustvakt_auditing" class="de.ids_mannheim.korap.handlers.JDBCAuditing">
+ <constructor-arg ref="kustvakt_db" />
+ </bean>
- <bean id="kustvakt_userdb"
- class="de.ids_mannheim.korap.handlers.EntityDao">
- <constructor-arg ref="kustvakt_db"/>
- </bean>
+ <bean id="kustvakt_userdb" class="de.ids_mannheim.korap.handlers.EntityDao">
+ <constructor-arg ref="kustvakt_db" />
+ </bean>
- <bean id="resource_provider"
- class="de.ids_mannheim.korap.handlers.ResourceDao">
- <constructor-arg ref="kustvakt_db"/>
- </bean>
+ <bean id="kustvakt_admindb" class="de.ids_mannheim.korap.handlers.AdminDao">
+ <constructor-arg ref="kustvakt_db" />
+ </bean>
- <bean id="document_provider"
- class="de.ids_mannheim.korap.handlers.DocumentDao">
- <constructor-arg ref="kustvakt_db"/>
- </bean>
+ <bean id="resource_provider" class="de.ids_mannheim.korap.handlers.ResourceDao">
+ <constructor-arg ref="kustvakt_db" />
+ </bean>
- <bean id="kustvakt_policies"
- class="de.ids_mannheim.korap.security.ac.PolicyDao">
- <constructor-arg ref="kustvakt_db"/>
- </bean>
+ <bean id="document_provider" class="de.ids_mannheim.korap.handlers.DocumentDao">
+ <constructor-arg ref="kustvakt_db" />
+ </bean>
- <bean name="kustvakt_encryption"
- class="de.ids_mannheim.korap.interfaces.defaults.KustvaktEncryption">
- <constructor-arg ref="kustvakt_config"/>
- </bean>
+ <bean id="kustvakt_policies" class="de.ids_mannheim.korap.security.ac.PolicyDao">
+ <constructor-arg ref="kustvakt_db" />
+ </bean>
- <!-- authentication providers to use -->
- <bean id="api_auth"
- class="de.ids_mannheim.korap.security.auth.APIAuthentication">
- <constructor-arg
- type="de.ids_mannheim.korap.config.KustvaktConfiguration"
- ref="kustvakt_config"/>
- </bean>
+ <bean name="kustvakt_encryption"
+ class="de.ids_mannheim.korap.interfaces.defaults.KustvaktEncryption">
+ <constructor-arg ref="kustvakt_config" />
+ </bean>
- <bean id="openid_auth"
- class="de.ids_mannheim.korap.security.auth.OpenIDconnectAuthentication">
- <constructor-arg
- type="de.ids_mannheim.korap.config.KustvaktConfiguration"
- ref="kustvakt_config"/>
- <constructor-arg
- type="de.ids_mannheim.korap.interfaces.db.PersistenceClient"
- ref="kustvakt_db"/>
- </bean>
+ <!-- authentication providers to use -->
+ <bean id="api_auth" class="de.ids_mannheim.korap.security.auth.APIAuthentication">
+ <constructor-arg type="de.ids_mannheim.korap.config.KustvaktConfiguration"
+ ref="kustvakt_config" />
+ </bean>
- <bean id="basic_auth"
- class="de.ids_mannheim.korap.security.auth.BasicHttpAuth"/>
+ <bean id="openid_auth"
+ class="de.ids_mannheim.korap.security.auth.OpenIDconnectAuthentication">
+ <constructor-arg type="de.ids_mannheim.korap.config.KustvaktConfiguration"
+ ref="kustvakt_config" />
+ <constructor-arg
+ type="de.ids_mannheim.korap.interfaces.db.PersistenceClient" ref="kustvakt_db" />
+ </bean>
+
+ <bean id="basic_auth" class="de.ids_mannheim.korap.security.auth.BasicHttpAuth" />
- <bean id="session_auth"
- class="de.ids_mannheim.korap.security.auth.SessionAuthentication">
- <constructor-arg
- type="de.ids_mannheim.korap.config.KustvaktConfiguration"
- ref="kustvakt_config"/>
- <constructor-arg
- type="de.ids_mannheim.korap.interfaces.EncryptionIface"
- ref="kustvakt_encryption"/>
- </bean>
+ <bean id="session_auth"
+ class="de.ids_mannheim.korap.security.auth.SessionAuthentication">
+ <constructor-arg type="de.ids_mannheim.korap.config.KustvaktConfiguration"
+ ref="kustvakt_config" />
+ <constructor-arg type="de.ids_mannheim.korap.interfaces.EncryptionIface"
+ ref="kustvakt_encryption" />
+ </bean>
- <util:list id="kustvakt_authproviders"
- value-type="de.ids_mannheim.korap.interfaces.AuthenticationIface">
- <ref bean="basic_auth"/>
- <ref bean="session_auth"/>
- <ref bean="api_auth"/>
- <ref bean="openid_auth"/>
- </util:list>
+ <util:list id="kustvakt_authproviders"
+ value-type="de.ids_mannheim.korap.interfaces.AuthenticationIface">
+ <ref bean="basic_auth" />
+ <ref bean="session_auth" />
+ <ref bean="api_auth" />
+ <ref bean="openid_auth" />
+ </util:list>
- <bean id="userdata_details"
- class="de.ids_mannheim.korap.handlers.UserDetailsDao">
- <constructor-arg
- type="de.ids_mannheim.korap.interfaces.db.PersistenceClient"
- ref="kustvakt_db"/>
- </bean>
- <bean id="userdata_settings"
- class="de.ids_mannheim.korap.handlers.UserSettingsDao">
- <constructor-arg
- type="de.ids_mannheim.korap.interfaces.db.PersistenceClient"
- ref="kustvakt_db"/>
- </bean>
+ <bean id="userdata_details" class="de.ids_mannheim.korap.handlers.UserDetailsDao">
+ <constructor-arg
+ type="de.ids_mannheim.korap.interfaces.db.PersistenceClient" ref="kustvakt_db" />
+ </bean>
+ <bean id="userdata_settings" class="de.ids_mannheim.korap.handlers.UserSettingsDao">
+ <constructor-arg
+ type="de.ids_mannheim.korap.interfaces.db.PersistenceClient" ref="kustvakt_db" />
+ </bean>
- <util:list id="kustvakt_userdata"
- value-type="de.ids_mannheim.korap.interfaces.db.UserdataDbIface">
- <ref bean="userdata_details"/>
- <ref bean="userdata_settings"/>
- </util:list>
+ <util:list id="kustvakt_userdata"
+ value-type="de.ids_mannheim.korap.interfaces.db.UserdataDbIface">
+ <ref bean="userdata_details" />
+ <ref bean="userdata_settings" />
+ </util:list>
- <util:list id="kustvakt_resources"
- value-type="de.ids_mannheim.korap.interfaces.db.ResourceOperationIface">
- <ref bean="document_provider"/>
- <ref bean="resource_provider"/>
- </util:list>
+ <util:list id="kustvakt_resources"
+ value-type="de.ids_mannheim.korap.interfaces.db.ResourceOperationIface">
+ <ref bean="document_provider" />
+ <ref bean="resource_provider" />
+ </util:list>
- <!-- specify type for constructor argument -->
- <bean id="kustvakt_authenticationmanager"
- class="de.ids_mannheim.korap.security.auth.KustvaktAuthenticationManager">
- <constructor-arg
- type="de.ids_mannheim.korap.interfaces.db.EntityHandlerIface"
- ref="kustvakt_userdb"/>
- <constructor-arg type="de.ids_mannheim.korap.interfaces.EncryptionIface"
- ref="kustvakt_encryption"/>
- <constructor-arg ref="kustvakt_config"/>
- <constructor-arg
- type="de.ids_mannheim.korap.interfaces.db.AuditingIface"
- ref="kustvakt_auditing"/>
- <constructor-arg ref="kustvakt_userdata"/>
- <!-- inject authentication providers to use -->
- <property name="providers" ref="kustvakt_authproviders"/>
- </bean>
+ <!-- specify type for constructor argument -->
+ <bean id="kustvakt_authenticationmanager"
+ class="de.ids_mannheim.korap.security.auth.KustvaktAuthenticationManager">
+ <constructor-arg
+ type="de.ids_mannheim.korap.interfaces.db.EntityHandlerIface" ref="kustvakt_userdb" />
+ <constructor-arg
+ type="de.ids_mannheim.korap.interfaces.db.AdminHandlerIface" ref="kustvakt_admindb" />
+ <constructor-arg type="de.ids_mannheim.korap.interfaces.EncryptionIface"
+ ref="kustvakt_encryption" />
+ <constructor-arg ref="kustvakt_config" />
+ <constructor-arg type="de.ids_mannheim.korap.interfaces.db.AuditingIface"
+ ref="kustvakt_auditing" />
+ <constructor-arg ref="kustvakt_userdata" />
+ <!-- inject authentication providers to use -->
+ <property name="providers" ref="kustvakt_authproviders" />
+ </bean>
- <!-- todo: if db interfaces not loaded via spring, does transaction even work then? -->
- <!-- the transactional advice (i.e. what 'happens'; see the <aop:advisor/> bean below) -->
- <tx:advice id="txAdvice" transaction-manager="txManager">
- <!-- the transactional semantics... -->
- <tx:attributes>
- <!-- all methods starting with 'get' are read-only -->
- <tx:method name="get*" read-only="true"
- rollback-for="KorAPException"/>
- <!-- other methods use the default transaction settings (see below) -->
- <tx:method name="*" rollback-for="KorAPException"/>
- </tx:attributes>
- </tx:advice>
+ <!-- todo: if db interfaces not loaded via spring, does transaction even
+ work then? -->
+ <!-- the transactional advice (i.e. what 'happens'; see the <aop:advisor/>
+ bean below) -->
+ <tx:advice id="txAdvice" transaction-manager="txManager">
+ <!-- the transactional semantics... -->
+ <tx:attributes>
+ <!-- all methods starting with 'get' are read-only -->
+ <tx:method name="get*" read-only="true" rollback-for="KorAPException" />
+ <!-- other methods use the default transaction settings (see below) -->
+ <tx:method name="*" rollback-for="KorAPException" />
+ </tx:attributes>
+ </tx:advice>
- <!-- ensure that the above transactional advice runs for any execution
- of an operation defined by the service interface -->
- <aop:config>
- <aop:pointcut id="service"
- expression="execution(* de.ids_mannheim.korap.interfaces.db.*.*(..))"/>
- <aop:advisor advice-ref="txAdvice" pointcut-ref="service"/>
- </aop:config>
+ <!-- ensure that the above transactional advice runs for any execution of
+ an operation defined by the service interface -->
+ <aop:config>
+ <aop:pointcut id="service"
+ expression="execution(* de.ids_mannheim.korap.interfaces.db.*.*(..))" />
+ <aop:advisor advice-ref="txAdvice" pointcut-ref="service" />
+ </aop:config>
- <!-- similarly, don't forget the PlatformTransactionManager -->
- <bean id="txManager"
- class="org.springframework.jdbc.datasource.DataSourceTransactionManager">
- <property name="dataSource" ref="dataSource"/>
- </bean>
+ <!-- similarly, don't forget the PlatformTransactionManager -->
+ <bean id="txManager"
+ class="org.springframework.jdbc.datasource.DataSourceTransactionManager">
+ <property name="dataSource" ref="dataSource" />
+ </bean>
</beans>
\ No newline at end of file