Package org.silverpeas.core.jcr.impl.oak.security
The implementation of the JCR is provided by Apache Jackrabbit Oak. It expects, like any other
JCR implementations, the users and the groups of users are managed within the JCR. But those are
managed directly by Silverpeas itself. In the case they are managed externally, Oak expects a
synchronization of them with the repository, and it is what we don't want here to avoid user
management duplication, even for satisfying any specific authentication and authorization
process. Nevertheless, custom authentication and authorization mechanisms can be plugged into
Oak, but they have to be based upon JAAS and the security system of Silverpeas isn't built upon
JAAS. So this package provides the components required by Oak to authenticate and to authorize a
user but in bypassing all of this security mechanism in Oak.
- Author:
- mmoquillon
-
Class Summary Class Description SilverpeasAuthenticationConfiguration Configuration defining the authentication mechanism Oak has to apply when accessing a repository within the context of Silverpeas.SilverpeasAuthorizationConfiguration Configuration defining the authorization mechanism Oak has to apply when a user walks across the content tree of a repository within the context of Silverpeas.SilverpeasCallbackHandler JAAS callback handler used by the login modules to get all the credentials of the user being authenticated.SilverpeasLoginContext Context of a login/logout to the JCR repository by a user within the scope of Silverpeas out of any JAAS process as the security system of Silverpeas isn't built upon this framework.SilverpeasPermissionProvider This provider covers permission validation of a given user in Silverpeas upon read and write access on the JCR content tree.SilverpeasSecurityProvider Security provider for the Oak implementation of the JCR.