Versions Compared

Old Version 2

changes.mady.by.user Florian Müller

Saved on

compared with

New Version 3

changes.mady.by.user Florian Müller

Saved on

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.

...

Some methods have an additional ObjectInfoHolder parameter. This object is only set if the call is an AtomPub call. AtomPub entries and feeds require additional data about the objects that should be returned AND the object that has been passed. In case of a getChildren() call, for example, data about the children AND folder itself would be required. ObjectInfoHolder collects ObjectInfo objects.

Authentictaion Framework

...

Authentication Framework

Authentication information is transported to the service implementations via the CallContext object. The CallContext is basically a Map and can contain any kind of data. The OpenCMIS server fills it by default with a username and a password from either HTTP basic authentication for the AtomPub binding or WS-Security (UsernameToken) for the Web Services binding.

Other authentication methods can be plugged in if needed. Here is how this works for the two CMIS bindings.

AtomPub authentication

For the AtomPub binding a new class implementing the interface org.apache.opencmis.server.impl.atompub.CallContextHandler has to be created. It gets the HttpServletRequest object of the current request and returns key-value pairs that are added to the CallContext. See the JavaDoc for details.

The new CallContext handler can be activated by changing the servlet init parameter callContextHandler in /WEB-INF/web.xml].

Code Block
xml
xml
 
<init-param>
  <param-name>callContextHandler</param-name>
  <param-value>org.example.opencmis.MyCallContextHandler</param-value>
</init-param>

Web Services authentication

For the Web Services binding a new SOAPHandler class has to be created and registered in /WEB-INF/sun-jaxws.xml.

The handleMessage method should look like this:

Code Block
java
java
 
public boolean handleMessage(SOAPMessageContext context) {
  Boolean outboundProperty = (Boolean) context.get(MessageContext.MESSAGE_OUTBOUND_PROPERTY);
  if (outboundProperty.booleanValue()) {
    // we are only looking at inbound messages
    return true;
  }

  // do whatever you have to do here
  String user = ...
  String secret = ...
  
  // set up key-value pairs for the CallContext
  Map<String, String> callContextMap = new HashMap<String, String>();
  callContextMap.put("org.example.opencmis.user", user);
  callContextMap.put("org.example.opencmis.secret", secret);

  // add key-value pairs the SOAP message context
  context.put(AbstractService.CALL_CONTEXT_MAP, callContextMap);
  context.setScope(AbstractService.CALL_CONTEXT_MAP, Scope.APPLICATION);

  return true;
}

Repository Connector Deployment

...