Hello, I've deployed an application inside Apache Karaf using a Sling feature [1]. I have also installed karaf commands that import some content in JCR Repository.
The commands work well, except when having to write to JCR Repository.
That part fails to login/logout properly from the repository.
Oak inside Karaf uses jaas authentification and I think that is where it
fails but I don't how to make it work. Any ideas?
Regards,
Eugen
----
JcrTemplateImpl | 303 - itembank-jcr - 1.22.0.SNAPSHOT
| Failed to save session
java.lang.RuntimeException: java.lang.RuntimeException:
javax.jcr.AccessDeniedException: Access denied.
at
gr8pi.itembank.jcr.repo.ItemBankHelperImpl.getOrCreateTranslation(ItemBankHelperImpl.java:191)
~[303:itembank-jcr:1.22.0.SNAPSHOT]
at
gr8pi.itembank.migrate.AssessmentToJcrMigrator.migrateAssessmentBehaviorSectionTranslation(AssessmentToJcrMigrator.java:668)
~[?:?]
at
gr8pi.itembank.migrate.AssessmentToJcrMigrator.lambda$null$34(AssessmentToJcrMigrator.java:651)
~[?:?]
at java.lang.Iterable.forEach(Iterable.java:75) ~[?:?]
at
gr8pi.itembank.migrate.AssessmentToJcrMigrator.lambda$migrateAssessmentBehaviorSection$35(AssessmentToJcrMigrator.java:647)
~[?:?]
at
gr8pi.itembank.jcr.repo.JcrTemplateImpl.doInSession(JcrTemplateImpl.java:58)
[303:itembank-jcr:1.22.0.SNAPSHOT]
at
gr8pi.itembank.migrate.AssessmentToJcrMigrator.migrateAssessmentBehaviorSection(AssessmentToJcrMigrator.java:634)
[302:itembank-emf-jcr:1.22.0.SNAPSHOT]
at
gr8pi.itembank.migrate.AssessmentToJcrMigrator.migrateAssessmentSections(AssessmentToJcrMigrator.java:626)
[302:itembank-emf-jcr:1.22.0.SNAPSHOT]
at
gr8pi.itembank.migrate.AssessmentToJcrMigrator.migrate(AssessmentToJcrMigrator.java:619)
[302:itembank-emf-jcr:1.22.0.SNAPSHOT]
at
gr8pi.itembank.migrate.EmfToJcrMigrator.migrate(EmfToJcrMigrator.java:44)
[302:itembank-emf-jcr:1.22.0.SNAPSHOT]
at
gr8pi.itembank.jcr.karaf.commands.EmfToJcrCommand.execute(EmfToJcrCommand.java:52)
[312:shell-commands:1.22.0.SNAPSHOT]
at
org.apache.karaf.shell.impl.action.command.ActionCommand.execute(ActionCommand.java:84)
[33:org.apache.karaf.shell.core:4.2.0]
at
org.apache.karaf.shell.impl.console.osgi.secured.SecuredCommand.execute(SecuredCommand.java:68)
[33:org.apache.karaf.shell.core:4.2.0]
at
org.apache.karaf.shell.impl.console.osgi.secured.SecuredCommand.execute(SecuredCommand.java:86)
[33:org.apache.karaf.shell.core:4.2.0]
at
org.apache.felix.gogo.runtime.Closure.executeCmd(Closure.java:571)
[33:org.apache.karaf.shell.core:4.2.0]
at
org.apache.felix.gogo.runtime.Closure.executeStatement(Closure.java:497)
[33:org.apache.karaf.shell.core:4.2.0]
at org.apache.felix.gogo.runtime.Closure.execute(Closure.java:386)
[33:org.apache.karaf.shell.core:4.2.0]
at org.apache.felix.gogo.runtime.Pipe.doCall(Pipe.java:417)
[33:org.apache.karaf.shell.core:4.2.0]
at org.apache.felix.gogo.runtime.Pipe.call(Pipe.java:229)
[33:org.apache.karaf.shell.core:4.2.0]
at org.apache.felix.gogo.runtime.Pipe.call(Pipe.java:59)
[33:org.apache.karaf.shell.core:4.2.0]
at java.util.concurrent.FutureTask.run(FutureTask.java:266) [?:?]
at
java.util.concurrent.ThreadPoolExecutor.runWorker(ThreadPoolExecutor.java:1149)
[?:?]
at
java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:624)
[?:?]
at java.lang.Thread.run(Thread.java:748) [?:?]
Caused by: java.lang.RuntimeException: javax.jcr.AccessDeniedException:
Access denied.
at
gr8pi.itembank.jcr.repo.ItemBankHelperImpl.findTranslationNode(ItemBankHelperImpl.java:226)
~[?:?]
at
gr8pi.itembank.jcr.repo.ItemBankHelperImpl.getOrCreateTranslation(ItemBankHelperImpl.java:163)
~[?:?]
at
gr8pi.itembank.jcr.repo.ItemBankHelperImpl.getOrCreateTranslation(ItemBankHelperImpl.java:187)
~[?:?]
... 23 more
Caused by: javax.jcr.AccessDeniedException: Access denied.
at
org.apache.jackrabbit.oak.jcr.security.AccessManager.checkPermissions(AccessManager.java:71)
~[?:?]
at
org.apache.jackrabbit.oak.jcr.session.NodeImpl$5.perform(NodeImpl.java:296)
~[?:?]
at
org.apache.jackrabbit.oak.jcr.session.NodeImpl$5.perform(NodeImpl.java:265)
~[?:?]
at
org.apache.jackrabbit.oak.jcr.delegate.SessionDelegate.perform(SessionDelegate.java:208)
~[?:?]
at
org.apache.jackrabbit.oak.jcr.session.ItemImpl.perform(ItemImpl.java:112)
~[?:?]
at
org.apache.jackrabbit.oak.jcr.session.NodeImpl.addNode(NodeImpl.java:265)
~[?:?]
at
org.apache.jackrabbit.commons.JcrUtils.getOrAddNode(JcrUtils.java:955)
~[?:?]
at
gr8pi.itembank.jcr.repo.ItemBankHelperImpl.findTranslationNode(ItemBankHelperImpl.java:219)
~[?:?]
at
gr8pi.itembank.jcr.repo.ItemBankHelperImpl.getOrCreateTranslation(ItemBankHelperImpl.java:163)
~[?:?]
at
gr8pi.itembank.jcr.repo.ItemBankHelperImpl.getOrCreateTranslation(ItemBankHelperImpl.java:187)
~[?:?]
... 23 more
----
My JcrTemplate class looks like this. As you can see I'm trying to login
with admin/admin credentials of the repository but it fails.
@Slf4j
@FieldDefaults(level = AccessLevel.PRIVATE)
@Data
@NoArgsConstructor
@AllArgsConstructor
@Component(
immediate = true,
property = {"user=admin", "password=admin"},
service = {JcrTemplate.class, JcrSessionFactory.class})
public class JcrTemplateImpl implements JcrTemplate, JcrSessionFactory {
@Reference Repository repository;
Credentials credentials;
@Activate
public void activate(Map<String, Object> properties) {
String user = (String) properties.getOrDefault("user", "admin");
String pass = (String) properties.getOrDefault("password", "admin");
credentials = new SimpleCredentials(user, pass.toCharArray());
}
/** Run code in session. Handles session save and closing. */
@Override
public <T> T doInSession(CheckedFunction<T> callback) {
Session session = getSession();
try {
T result = callback.apply(session);
if (session.hasPendingChanges()) {
session.save();
}
return result;
} catch (Exception e) {
log.error("Failed to save session ", e);
throw new RuntimeException(e);
} finally {
session.logout();
}
}
@Override
public Session getSession() {
try {
return repository.login(getCredentials());
} catch (Exception e) {
log.error("Failed to create JCR session {}", e);
throw new RuntimeException(e);
}
}
}
NOTE: The feature at [1] is nearly identical to upstream sling feature
except: I'm using only releases - no snapshots. I've added capabilities
to make the app install and start in Karaf 4.2.0.
[1]
https://bintray.com/netdava/maven/download_file?file_path=org%2Fapache%2Fsling%2Forg.apache.sling.karaf-features%2F0.1.1-netdava7%2Forg.apache.sling.karaf-features-0.1.1-netdava7-features.xml
signature.asc
Description: OpenPGP digital signature
