diff --git oak-core/src/main/java/org/apache/jackrabbit/oak/security/SecurityProviderImpl.java oak-core/src/main/java/org/apache/jackrabbit/oak/security/SecurityProviderImpl.java index ff3b31d..e393cd5 100644 --- oak-core/src/main/java/org/apache/jackrabbit/oak/security/SecurityProviderImpl.java +++ oak-core/src/main/java/org/apache/jackrabbit/oak/security/SecurityProviderImpl.java @@ -56,56 +56,52 @@ import org.apache.jackrabbit.oak.spi.whiteboard.Whiteboard; import org.apache.jackrabbit.oak.spi.whiteboard.WhiteboardAuthorizableActionProvider; import org.apache.jackrabbit.oak.spi.whiteboard.WhiteboardAware; import org.apache.jackrabbit.oak.spi.whiteboard.WhiteboardRestrictionProvider; -import org.osgi.framework.ServiceReference; -import org.osgi.service.component.ComponentContext; +import org.osgi.framework.BundleContext; import com.google.common.collect.ImmutableMap; import static com.google.common.base.Preconditions.checkNotNull; -@Component(immediate = true) +@Component(name="org.apache.jackrabbit.oak.security.SecurityProvider") @Service public class SecurityProviderImpl implements SecurityProvider, WhiteboardAware { @Reference(bind = "bindAuthorizationConfiguration", - cardinality = ReferenceCardinality.MANDATORY_UNARY, // FIXME OAK-1268 - policyOption = ReferencePolicyOption.GREEDY) - private AuthorizationConfiguration authorizationConfiguration; + cardinality = ReferenceCardinality.OPTIONAL_UNARY) // FIXME OAK-1268 + private volatile AuthorizationConfiguration authorizationConfiguration; @Reference(bind = "bindAuthenticationConfiguration", - cardinality = ReferenceCardinality.MANDATORY_UNARY, - policyOption = ReferencePolicyOption.GREEDY) - private AuthenticationConfiguration authenticationConfiguration; + cardinality = ReferenceCardinality.OPTIONAL_UNARY) + private volatile AuthenticationConfiguration authenticationConfiguration; @Reference(bind = "bindPrivilegeConfiguration", - cardinality = ReferenceCardinality.MANDATORY_UNARY, - policyOption = ReferencePolicyOption.GREEDY) - private PrivilegeConfiguration privilegeConfiguration; + cardinality = ReferenceCardinality.OPTIONAL_UNARY) + private volatile PrivilegeConfiguration privilegeConfiguration; @Reference(bind = "bindUserConfiguration", - cardinality = ReferenceCardinality.MANDATORY_UNARY, - policyOption = ReferencePolicyOption.GREEDY) - private UserConfiguration userConfiguration; + cardinality = ReferenceCardinality.OPTIONAL_UNARY) + private volatile UserConfiguration userConfiguration; @Reference(referenceInterface = PrincipalConfiguration.class, + name = "principalConfiguration", bind = "bindPrincipalConfiguration", unbind = "unbindPrincipalConfiguration", - cardinality = ReferenceCardinality.MANDATORY_MULTIPLE, - policyOption = ReferencePolicyOption.GREEDY) - private PrincipalConfiguration principalConfiguration = new CompositePrincipalConfiguration(this); + cardinality = ReferenceCardinality.OPTIONAL_MULTIPLE) + private final CompositePrincipalConfiguration compositePrincipalConfiguration = new CompositePrincipalConfiguration(this); @Reference(referenceInterface = TokenConfiguration.class, + name = "tokenConfiguration", bind = "bindTokenConfiguration", unbind = "unbindTokenConfiguration", - cardinality = ReferenceCardinality.OPTIONAL_MULTIPLE, - policyOption = ReferencePolicyOption.GREEDY) - private TokenConfiguration tokenConfiguration = new CompositeTokenConfiguration(this); + cardinality = ReferenceCardinality.OPTIONAL_MULTIPLE) + private final CompositeTokenConfiguration compositeTokenConfiguration = new CompositeTokenConfiguration(this); @Reference(referenceInterface = AuthorizableNodeName.class, + name = "authorizableNodeName", bind = "bindAuthorizableNodeName", cardinality = ReferenceCardinality.OPTIONAL_UNARY, policyOption = ReferencePolicyOption.GREEDY) - private NameGenerator authorizableNodeName = new NameGenerator(); + private final NameGenerator nameGenerator = new NameGenerator(); private final WhiteboardAuthorizableActionProvider authorizableActionProvider = new WhiteboardAuthorizableActionProvider(); private final WhiteboardRestrictionProvider restrictionProvider = new WhiteboardRestrictionProvider(); @@ -132,9 +128,9 @@ public class SecurityProviderImpl implements SecurityProvider, WhiteboardAware { authenticationConfiguration = new AuthenticationConfigurationImpl(this); authorizationConfiguration = new AuthorizationConfigurationImpl(this); userConfiguration = new UserConfigurationImpl(this); - principalConfiguration = new PrincipalConfigurationImpl(this); + compositePrincipalConfiguration.addConfiguration(new PrincipalConfigurationImpl(this)); privilegeConfiguration = new PrivilegeConfigurationImpl(); - tokenConfiguration = new TokenConfigurationImpl(this); + compositeTokenConfiguration.addConfiguration(new TokenConfigurationImpl(this)); } @Override @@ -169,9 +165,9 @@ public class SecurityProviderImpl implements SecurityProvider, WhiteboardAware { scs.add(authenticationConfiguration); scs.add(authorizationConfiguration); scs.add(userConfiguration); - scs.add(principalConfiguration); + scs.add(compositePrincipalConfiguration); scs.add(privilegeConfiguration); - scs.add(tokenConfiguration); + scs.add(compositeTokenConfiguration); return scs; } @@ -186,21 +182,23 @@ public class SecurityProviderImpl implements SecurityProvider, WhiteboardAware { } else if (UserConfiguration.class == configClass) { return (T) userConfiguration; } else if (PrincipalConfiguration.class == configClass) { - return (T) principalConfiguration; + return (T) compositePrincipalConfiguration; } else if (PrivilegeConfiguration.class == configClass) { return (T) privilegeConfiguration; } else if (TokenConfiguration.class == configClass) { - return (T) tokenConfiguration; + return (T) compositeTokenConfiguration; } else { throw new IllegalArgumentException("Unsupported security configuration class " + configClass); } } @Activate - protected void activate(ComponentContext context) throws Exception { - whiteboard = new OsgiWhiteboard(context.getBundleContext()); + protected void activate(BundleContext context) throws Exception { + whiteboard = new OsgiWhiteboard(context); authorizableActionProvider.start(whiteboard); restrictionProvider.start(whiteboard); + + initializeConfigurations(); } @Deactivate @@ -209,90 +207,74 @@ public class SecurityProviderImpl implements SecurityProvider, WhiteboardAware { restrictionProvider.stop(); } - protected void bindAuthorizationConfiguration(@Nonnull ServiceReference reference) { - // also add authorization config specific default parameters for OSGi environments - // todo: the config class should track the 'restrictionProvider' itself. + private void initializeConfigurations() { Map authorizMap = ImmutableMap.of( AccessControlConstants.PARAM_RESTRICTION_PROVIDER, restrictionProvider ); - authorizationConfiguration = - (AuthorizationConfiguration) initConfiguration(reference, ConfigurationParameters.of(authorizMap)); - } + // also add authorization config specific default parameters for OSGi environments + // todo: the config class should track the 'restrictionProvider' itself. + initConfiguration(authorizationConfiguration, ConfigurationParameters.of(authorizMap)); - protected void bindAuthenticationConfiguration(@Nonnull ServiceReference reference) { - authenticationConfiguration = - (AuthenticationConfiguration) initConfiguration(reference, ConfigurationParameters.EMPTY); - } + initConfiguration(authenticationConfiguration, ConfigurationParameters.EMPTY); - protected void bindUserConfiguration(@Nonnull ServiceReference reference) { // also initialize user config specific default parameters for OSGi environments // todo: the config class should track the 'providers' itself. Map userMap = ImmutableMap.of( UserConstants.PARAM_AUTHORIZABLE_ACTION_PROVIDER, authorizableActionProvider, - UserConstants.PARAM_AUTHORIZABLE_NODE_NAME, authorizableNodeName); - userConfiguration = (UserConfiguration) initConfiguration(reference, ConfigurationParameters.of(userMap)); + UserConstants.PARAM_AUTHORIZABLE_NODE_NAME, nameGenerator); + initConfiguration(userConfiguration, ConfigurationParameters.of(userMap)); + + initConfiguration(privilegeConfiguration, ConfigurationParameters.EMPTY); } - protected void bindPrivilegeConfiguration(@Nonnull ServiceReference reference) { - privilegeConfiguration = (PrivilegeConfiguration) initConfiguration(reference, ConfigurationParameters.EMPTY); + protected void bindAuthorizationConfiguration(@Nonnull AuthorizationConfiguration reference) { + authorizationConfiguration = reference; } - protected void bindPrincipalConfiguration(@Nonnull ServiceReference reference) { - // replace composite configuration if needed - if (!(principalConfiguration instanceof CompositePrincipalConfiguration)) { - principalConfiguration = new CompositePrincipalConfiguration(this); - } - ((CompositePrincipalConfiguration) principalConfiguration).addConfiguration( - (PrincipalConfiguration) initConfiguration(reference, ConfigurationParameters.EMPTY)); + protected void bindAuthenticationConfiguration(@Nonnull AuthenticationConfiguration reference) { + authenticationConfiguration = reference; } - protected void unbindPrincipalConfiguration(@Nonnull ServiceReference reference) { - Object pc = reference.getBundle().getBundleContext().getService(reference); - if (pc instanceof PrincipalConfiguration) { - if (principalConfiguration instanceof CompositePrincipalConfiguration) { - ((CompositePrincipalConfiguration) principalConfiguration).removeConfiguration((PrincipalConfiguration) pc); - } - } + protected void bindUserConfiguration(@Nonnull UserConfiguration reference) { + userConfiguration = reference; } - protected void bindTokenConfiguration(@Nonnull ServiceReference reference) { - // replace composite configuration if needed - if (!(tokenConfiguration instanceof CompositeTokenConfiguration)) { - tokenConfiguration = new CompositeTokenConfiguration(this); - } - ((CompositeTokenConfiguration) tokenConfiguration).addConfiguration( - (TokenConfiguration) initConfiguration(reference, ConfigurationParameters.EMPTY)); + protected void bindPrivilegeConfiguration(@Nonnull PrivilegeConfiguration reference) { + privilegeConfiguration = reference; } - protected void unbindTokenConfiguration(@Nonnull ServiceReference reference) { - Object tc = reference.getBundle().getBundleContext().getService(reference); - if (tc instanceof TokenConfiguration) { - if (tokenConfiguration instanceof CompositeTokenConfiguration) { - ((CompositeTokenConfiguration) tokenConfiguration).removeConfiguration((TokenConfiguration) tc); - } - } + protected void bindPrincipalConfiguration(@Nonnull PrincipalConfiguration reference) { + compositePrincipalConfiguration.addConfiguration(initConfiguration(reference, ConfigurationParameters.EMPTY)); } - protected void bindAuthorizableNodeName(@Nonnull ServiceReference reference) { - Object ann = reference.getBundle().getBundleContext().getService(reference); - if (ann instanceof AuthorizableNodeName) { - authorizableNodeName.dlg = (AuthorizableNodeName) ann; - } + protected void unbindPrincipalConfiguration(@Nonnull PrincipalConfiguration reference) { + compositePrincipalConfiguration.removeConfiguration(reference); } - private Object initConfiguration(@Nonnull ServiceReference reference, @Nonnull ConfigurationParameters params) { - Object service = reference.getBundle().getBundleContext().getService(reference); - if (service instanceof ConfigurationBase) { - ConfigurationBase cfg = (ConfigurationBase) service; + protected void bindTokenConfiguration(@Nonnull TokenConfiguration reference) { + compositeTokenConfiguration.addConfiguration(initConfiguration(reference, ConfigurationParameters.EMPTY)); + } + + protected void unbindTokenConfiguration(@Nonnull TokenConfiguration reference) { + compositeTokenConfiguration.removeConfiguration(reference); + } + + protected void bindAuthorizableNodeName(@Nonnull AuthorizableNodeName reference) { + nameGenerator.dlg = reference; + } + + private T initConfiguration(@Nonnull T config, @Nonnull ConfigurationParameters params) { + if (config instanceof ConfigurationBase) { + ConfigurationBase cfg = (ConfigurationBase) config; cfg.setSecurityProvider(this); cfg.setParameters(ConfigurationParameters.of(params, cfg.getParameters())); } - return service; + return config; } private final class NameGenerator implements AuthorizableNodeName { - private AuthorizableNodeName dlg = AuthorizableNodeName.DEFAULT; + private volatile AuthorizableNodeName dlg = AuthorizableNodeName.DEFAULT; @Nonnull @Override @@ -300,5 +282,4 @@ public class SecurityProviderImpl implements SecurityProvider, WhiteboardAware { return dlg.generateNodeName(authorizableId); } } - } diff --git oak-core/src/main/java/org/apache/jackrabbit/oak/security/authentication/AuthenticationConfigurationImpl.java oak-core/src/main/java/org/apache/jackrabbit/oak/security/authentication/AuthenticationConfigurationImpl.java index cd53e2f..c9f7554 100644 --- oak-core/src/main/java/org/apache/jackrabbit/oak/security/authentication/AuthenticationConfigurationImpl.java +++ oak-core/src/main/java/org/apache/jackrabbit/oak/security/authentication/AuthenticationConfigurationImpl.java @@ -23,6 +23,7 @@ import javax.security.auth.login.Configuration; import org.apache.felix.scr.annotations.Activate; import org.apache.felix.scr.annotations.Component; +import org.apache.felix.scr.annotations.ConfigurationPolicy; import org.apache.felix.scr.annotations.Service; import org.apache.jackrabbit.oak.api.ContentRepository; import org.apache.jackrabbit.oak.spi.security.ConfigurationBase; @@ -49,7 +50,7 @@ import org.slf4j.LoggerFactory; * * */ -@Component +@Component(policy = ConfigurationPolicy.REQUIRE) @Service({AuthenticationConfiguration.class, SecurityConfiguration.class}) public class AuthenticationConfigurationImpl extends ConfigurationBase implements AuthenticationConfiguration { diff --git oak-core/src/main/java/org/apache/jackrabbit/oak/security/authentication/token/TokenConfigurationImpl.java oak-core/src/main/java/org/apache/jackrabbit/oak/security/authentication/token/TokenConfigurationImpl.java index 7bdcaec..7be9132 100644 --- oak-core/src/main/java/org/apache/jackrabbit/oak/security/authentication/token/TokenConfigurationImpl.java +++ oak-core/src/main/java/org/apache/jackrabbit/oak/security/authentication/token/TokenConfigurationImpl.java @@ -22,6 +22,7 @@ import javax.annotation.Nonnull; import org.apache.felix.scr.annotations.Activate; import org.apache.felix.scr.annotations.Component; +import org.apache.felix.scr.annotations.ConfigurationPolicy; import org.apache.felix.scr.annotations.Service; import org.apache.jackrabbit.oak.api.Root; import org.apache.jackrabbit.oak.spi.security.ConfigurationBase; @@ -35,7 +36,7 @@ import org.apache.jackrabbit.oak.spi.security.user.UserConfiguration; /** * Default implementation for the {@code TokenConfiguration} interface. */ -@Component() +@Component(policy = ConfigurationPolicy.REQUIRE) @Service({TokenConfiguration.class, SecurityConfiguration.class}) public class TokenConfigurationImpl extends ConfigurationBase implements TokenConfiguration { diff --git oak-core/src/main/java/org/apache/jackrabbit/oak/security/authorization/AuthorizationConfigurationImpl.java oak-core/src/main/java/org/apache/jackrabbit/oak/security/authorization/AuthorizationConfigurationImpl.java index 126516d..1e6e853 100644 --- oak-core/src/main/java/org/apache/jackrabbit/oak/security/authorization/AuthorizationConfigurationImpl.java +++ oak-core/src/main/java/org/apache/jackrabbit/oak/security/authorization/AuthorizationConfigurationImpl.java @@ -27,6 +27,7 @@ import javax.jcr.security.AccessControlManager; import org.apache.felix.scr.annotations.Activate; import org.apache.felix.scr.annotations.Component; +import org.apache.felix.scr.annotations.ConfigurationPolicy; import org.apache.felix.scr.annotations.Service; import org.apache.jackrabbit.oak.api.Root; import org.apache.jackrabbit.oak.namepath.NamePathMapper; @@ -60,7 +61,7 @@ import com.google.common.collect.ImmutableList; /** * Default implementation of the {@code AccessControlConfiguration}. */ -@Component() +@Component(policy = ConfigurationPolicy.REQUIRE) @Service({AuthorizationConfiguration.class, SecurityConfiguration.class}) public class AuthorizationConfigurationImpl extends ConfigurationBase implements AuthorizationConfiguration { diff --git oak-core/src/main/java/org/apache/jackrabbit/oak/security/principal/PrincipalConfigurationImpl.java oak-core/src/main/java/org/apache/jackrabbit/oak/security/principal/PrincipalConfigurationImpl.java index 138003f..f33a3ed 100644 --- oak-core/src/main/java/org/apache/jackrabbit/oak/security/principal/PrincipalConfigurationImpl.java +++ oak-core/src/main/java/org/apache/jackrabbit/oak/security/principal/PrincipalConfigurationImpl.java @@ -22,6 +22,7 @@ import javax.annotation.Nonnull; import org.apache.felix.scr.annotations.Activate; import org.apache.felix.scr.annotations.Component; +import org.apache.felix.scr.annotations.ConfigurationPolicy; import org.apache.felix.scr.annotations.Service; import org.apache.jackrabbit.api.security.principal.PrincipalManager; import org.apache.jackrabbit.oak.api.Root; @@ -38,7 +39,7 @@ import org.apache.jackrabbit.oak.spi.security.user.UserConfiguration; /** * Default implementation of the {@code PrincipalConfiguration} */ -@Component() +@Component(policy = ConfigurationPolicy.REQUIRE) @Service({PrincipalConfiguration.class, SecurityConfiguration.class}) public class PrincipalConfigurationImpl extends ConfigurationBase implements PrincipalConfiguration { diff --git oak-core/src/main/java/org/apache/jackrabbit/oak/security/privilege/PrivilegeConfigurationImpl.java oak-core/src/main/java/org/apache/jackrabbit/oak/security/privilege/PrivilegeConfigurationImpl.java index fb0f546..5c85820 100644 --- oak-core/src/main/java/org/apache/jackrabbit/oak/security/privilege/PrivilegeConfigurationImpl.java +++ oak-core/src/main/java/org/apache/jackrabbit/oak/security/privilege/PrivilegeConfigurationImpl.java @@ -26,6 +26,7 @@ import javax.annotation.Nonnull; import org.apache.felix.scr.annotations.Activate; import org.apache.felix.scr.annotations.Component; +import org.apache.felix.scr.annotations.ConfigurationPolicy; import org.apache.felix.scr.annotations.Service; import org.apache.jackrabbit.api.security.authorization.PrivilegeManager; import org.apache.jackrabbit.oak.api.Root; @@ -43,7 +44,7 @@ import org.apache.jackrabbit.oak.spi.security.privilege.PrivilegeConfiguration; /** * Configuration for the privilege management component. */ -@Component() +@Component(policy = ConfigurationPolicy.REQUIRE) @Service({PrivilegeConfiguration.class, SecurityConfiguration.class}) public class PrivilegeConfigurationImpl extends ConfigurationBase implements PrivilegeConfiguration { diff --git oak-core/src/main/java/org/apache/jackrabbit/oak/security/user/UserConfigurationImpl.java oak-core/src/main/java/org/apache/jackrabbit/oak/security/user/UserConfigurationImpl.java index 308fb8f..0c259a7 100644 --- oak-core/src/main/java/org/apache/jackrabbit/oak/security/user/UserConfigurationImpl.java +++ oak-core/src/main/java/org/apache/jackrabbit/oak/security/user/UserConfigurationImpl.java @@ -26,6 +26,7 @@ import javax.annotation.Nonnull; import org.apache.felix.scr.annotations.Activate; import org.apache.felix.scr.annotations.Component; +import org.apache.felix.scr.annotations.ConfigurationPolicy; import org.apache.felix.scr.annotations.Service; import org.apache.jackrabbit.api.security.user.UserManager; import org.apache.jackrabbit.oak.api.Root; @@ -46,7 +47,7 @@ import org.apache.jackrabbit.oak.spi.xml.ProtectedItemImporter; /** * Default implementation of the {@link UserConfiguration}. */ -@Component() +@Component(policy = ConfigurationPolicy.REQUIRE) @Service({UserConfiguration.class, SecurityConfiguration.class}) public class UserConfigurationImpl extends ConfigurationBase implements UserConfiguration, SecurityConfiguration { diff --git oak-jcr/pom.xml oak-jcr/pom.xml index 08ebf53..5b7f408 100644 --- oak-jcr/pom.xml +++ oak-jcr/pom.xml @@ -154,15 +154,16 @@ org.apache.felix + maven-scr-plugin + + + org.apache.felix maven-bundle-plugin org.apache.jackrabbit.oak.jcr - - org.apache.jackrabbit.oak.jcr.osgi.Activator - diff --git oak-jcr/src/main/java/org/apache/jackrabbit/oak/jcr/osgi/OsgiRepositoryFactory.java oak-jcr/src/main/java/org/apache/jackrabbit/oak/jcr/osgi/OsgiRepositoryFactory.java index 1b38a30..c43bfea 100644 --- oak-jcr/src/main/java/org/apache/jackrabbit/oak/jcr/osgi/OsgiRepositoryFactory.java +++ oak-jcr/src/main/java/org/apache/jackrabbit/oak/jcr/osgi/OsgiRepositoryFactory.java @@ -19,8 +19,6 @@ package org.apache.jackrabbit.oak.jcr.osgi; -import java.util.HashMap; -import java.util.Map; import java.util.Properties; import javax.jcr.Repository; @@ -29,36 +27,24 @@ import org.apache.felix.scr.annotations.Activate; import org.apache.felix.scr.annotations.Component; import org.apache.felix.scr.annotations.Deactivate; import org.apache.felix.scr.annotations.Reference; -import org.apache.felix.scr.annotations.ReferencePolicyOption; import org.apache.jackrabbit.oak.Oak; import org.apache.jackrabbit.oak.api.ContentRepository; import org.apache.jackrabbit.oak.osgi.OsgiWhiteboard; import org.apache.jackrabbit.oak.plugins.commit.JcrConflictHandler; import org.apache.jackrabbit.oak.plugins.nodetype.write.InitialContent; -import org.apache.jackrabbit.oak.security.SecurityProviderImpl; -import org.apache.jackrabbit.oak.spi.security.ConfigurationParameters; import org.apache.jackrabbit.oak.spi.security.SecurityProvider; -import org.apache.jackrabbit.oak.spi.security.privilege.PrivilegeConstants; -import org.apache.jackrabbit.oak.spi.security.user.UserConfiguration; -import org.apache.jackrabbit.oak.spi.security.user.UserConstants; -import org.apache.jackrabbit.oak.spi.security.user.action.AccessControlAction; import org.apache.jackrabbit.oak.spi.state.NodeStore; import org.apache.jackrabbit.oak.spi.whiteboard.Whiteboard; import org.apache.jackrabbit.oak.spi.whiteboard.WhiteboardEditorProvider; import org.apache.jackrabbit.oak.spi.whiteboard.WhiteboardExecutor; import org.apache.jackrabbit.oak.spi.whiteboard.WhiteboardIndexEditorProvider; import org.apache.jackrabbit.oak.spi.whiteboard.WhiteboardIndexProvider; -import org.apache.jackrabbit.oak.spi.xml.ImportBehavior; -import org.apache.jackrabbit.oak.spi.xml.ProtectedItemImporter; import org.osgi.framework.BundleContext; import org.osgi.framework.ServiceRegistration; @Component(immediate = true) public class OsgiRepositoryFactory { - @Reference(policyOption = ReferencePolicyOption.GREEDY) - private NodeStore store; - private final WhiteboardEditorProvider editorProvider = new WhiteboardEditorProvider(); @@ -74,26 +60,11 @@ public class OsgiRepositoryFactory { private ServiceRegistration registration; - // FIXME OAK-1476 : SecurityProvider implementation should not be hardcoded - private final SecurityProvider securityProvider = - new SecurityProviderImpl(buildSecurityConfig()); - - private static ConfigurationParameters buildSecurityConfig() { - // FIXME OAK-1476: review configuration default values which are Adobe specific - Map userConfig = new HashMap(); - userConfig.put(UserConstants.PARAM_GROUP_PATH, "/home/groups"); - userConfig.put(UserConstants.PARAM_USER_PATH, "/home/users"); - userConfig.put(UserConstants.PARAM_DEFAULT_DEPTH, 1); - userConfig.put(AccessControlAction.USER_PRIVILEGE_NAMES, new String[] {PrivilegeConstants.JCR_ALL}); - userConfig.put(AccessControlAction.GROUP_PRIVILEGE_NAMES, new String[] {PrivilegeConstants.JCR_READ}); - userConfig.put(ProtectedItemImporter.PARAM_IMPORT_BEHAVIOR, ImportBehavior.NAME_BESTEFFORT); - - Map config = new HashMap(); - config.put( - UserConfiguration.NAME, - ConfigurationParameters.of(userConfig)); - return ConfigurationParameters.of(config); - } + @Reference + private SecurityProvider securityProvider; + + @Reference + private NodeStore store; @Activate public void activate(BundleContext bundleContext) throws Exception {