diff --git a/.gitignore b/.gitignore
index 310c07f..dfb8072 100644
--- a/.gitignore
+++ b/.gitignore
@@ -3,3 +3,4 @@ target
.project
.settings
.idea/
+/*.iml
diff --git a/pom.xml b/pom.xml
index 9f6459d..659c94f 100644
--- a/pom.xml
+++ b/pom.xml
@@ -1,348 +1,358 @@
-
-
- org.sonatype.oss
- oss-parent
- 7
-
- 4.0.0
- com.cognifide.secureaem
- secure-aem
- 1.3.3-SNAPSHOT
- ${packaging.type}
- Secure AEM
- This application provides detailed security report for your AEM installation. After installation it's available in the 'Tools' page.
- https://github.com/Cognifide/SecureCQ
-
-
- The Apache Software License, Version 2.0
- http://www.apache.org/licenses/LICENSE-2.0.txt
- repo
-
-
- 2013
-
- UTF-8
- UTF-8
- yyyyMMdd-HHmmss
- http://localhost:4502
- admin
- admin
- secure-aem
-
-
- scm:git:https://github.com/Cognifide/SecureCQ.git
- scm:git:https://github.com/Cognifide/SecureCQ.git
- https://github.com/Cognifide/SecureCQ.git
-
-
- Cognifide
- http://www.cognifide.com
-
-
-
- Tomasz Rękawek
- tomasz.rekawek@cognifide.com
- Cognifide
-
-
-
-
- adobe-public-releases
- http://repo.adobe.com/nexus/content/groups/public
-
-
-
-
-
- org.apache.maven.plugins
- maven-gpg-plugin
- 1.6
-
-
- sign-artifacts
- verify
-
- sign
-
-
-
-
-
- maven-compiler-plugin
- 3.5.1
-
-
- 1.8
-
-
-
- org.apache.felix
- maven-scr-plugin
- 1.22.0
-
-
- generate-scr-scrdescriptor
-
- scr
-
-
-
-
-
- org.apache.felix
- maven-bundle-plugin
- 3.2.0
- true
-
-
- cq5
- ${project.artifactId}
- ${project.name}
- ${project.organization.name}
- *;artifactId=httpclient|httpcore|gson|commons-lang3|commons-cli
-
-
-
-
- maven-assembly-plugin
- 2.6
-
- ${assembly.name}-${project.version}
- false
-
- src/main/assembly/${assembly.descriptor}.xml
-
-
-
- com.cognifide.secureaem.cli.Main
-
-
-
-
-
- package
-
- single
-
-
-
-
-
- com.cognifide.maven.plugins
- maven-crx-plugin
- 1.0.3
-
-
-
- ${instance.url}
- ${instance.username}
- ${instance.password}
-
-
-
- org.apache.maven.plugins
- maven-source-plugin
- 3.0.1
-
-
- attach-sources
-
- jar
-
-
-
-
-
- org.apache.maven.plugins
- maven-javadoc-plugin
- 2.10.4
-
-
- attach-javadocs
-
- jar
-
-
-
-
-
-
-
-
-
- org.eclipse.m2e
- lifecycle-mapping
- 1.0.0
-
-
-
-
-
- org.apache.felix
- maven-scr-plugin
- [1.7.2,)
-
- scr
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
- org.apache.sling
- org.apache.sling.api
- 2.2.0
- provided
-
-
- org.apache.felix
- org.apache.felix.scr.annotations
- 1.9.0
- provided
-
-
-
- javax.servlet
- servlet-api
- 2.4
- provided
-
-
- javax.jcr
- jcr
- 2.0
- provided
-
-
-
- com.day.cq
- cq-replication
- 5.4.2
- provided
-
-
- com.day.cq
- cq-commons
- 5.4.6
- provided
-
-
-
- org.apache.commons
- commons-lang3
- 3.4
-
-
- commons-cli
- commons-cli
- 1.2
-
-
- org.apache.httpcomponents
- httpclient
- 4.2.3
-
-
- org.apache.httpcomponents
- httpcore
- 4.2.3
-
-
-
- com.google.code.gson
- gson
- 2.7
-
-
- org.apache.sling
- org.apache.sling.servlets.post
- 2.3.24
- provided
-
-
- com.adobe.granite
- com.adobe.granite.crypto
- 0.0.24
-
+
+
+ org.sonatype.oss
+ oss-parent
+ 7
+
+ 4.0.0
+ com.cognifide.secureaem
+ secure-aem
+ 1.3.3-SNAPSHOT
+ ${packaging.type}
+ Secure AEM
+ This application provides detailed security report for your AEM installation. After installation it's
+ available in the 'Tools' page.
+
+ https://github.com/Cognifide/SecureCQ
+
+
+ The Apache Software License, Version 2.0
+ http://www.apache.org/licenses/LICENSE-2.0.txt
+ repo
+
+
+ 2013
+
+ UTF-8
+ UTF-8
+ yyyyMMdd-HHmmss
+ http://localhost:4502
+ admin
+ admin
+ secure-aem
+
+
+ scm:git:https://github.com/Cognifide/SecureCQ.git
+ scm:git:https://github.com/Cognifide/SecureCQ.git
+ https://github.com/Cognifide/SecureCQ.git
+
+
+ Cognifide
+ http://www.cognifide.com
+
+
+
+ Tomasz Rękawek
+ tomasz.rekawek@cognifide.com
+ Cognifide
+
+
+
+
+ adobe-public-releases
+ http://repo.adobe.com/nexus/content/groups/public
+
+
+
+
+
+ org.apache.maven.plugins
+ maven-gpg-plugin
+ 1.6
+
+
+ sign-artifacts
+ verify
+
+ sign
+
+
+
+
+
+ maven-compiler-plugin
+ 3.5.1
+
+
+ 1.8
+
+
+
+ org.apache.felix
+ maven-scr-plugin
+ 1.22.0
+
+
+ generate-scr-scrdescriptor
+
+ scr
+
+
+
+
+
+ org.apache.felix
+ maven-bundle-plugin
+ 3.2.0
+ true
+
+
+ cq5
+ ${project.artifactId}
+ ${project.name}
+ ${project.organization.name}
+ *;artifactId=httpclient|httpcore|gson|commons-lang3|commons-cli
+
+
+
+
+
+ maven-assembly-plugin
+ 2.6
+
+ ${assembly.name}-${project.version}
+ false
+
+ src/main/assembly/${assembly.descriptor}.xml
+
+
+
+ com.cognifide.secureaem.cli.Main
+
+
+
+
+
+ package
+
+ single
+
+
+
+
+
+ com.cognifide.maven.plugins
+ maven-crx-plugin
+ 1.0.3
+
+
+
+ ${instance.url}
+ ${instance.username}
+ ${instance.password}
+
+
+
+ org.apache.maven.plugins
+ maven-source-plugin
+ 3.0.1
+
+
+ attach-sources
+
+ jar
+
+
+
+
+
+ org.apache.maven.plugins
+ maven-javadoc-plugin
+ 2.10.4
+
+
+ attach-javadocs
+
+ jar
+
+
+
+
+
+
+
+
+
+ org.eclipse.m2e
+ lifecycle-mapping
+ 1.0.0
+
+
+
+
+
+ org.apache.felix
+ maven-scr-plugin
+ [1.7.2,)
+
+ scr
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+ org.apache.sling
+ org.apache.sling.api
+ 2.2.0
+ provided
+
+
+ org.apache.sling
+ org.apache.sling.commons.osgi
+ 2.4.0
+ provided
+
+
+ org.apache.felix
+ org.apache.felix.scr.annotations
+ 1.9.0
+ provided
+
+
+
+ javax.servlet
+ servlet-api
+ 2.4
+ provided
+
+
+ javax.jcr
+ jcr
+ 2.0
+ provided
+
+
+
+ com.day.cq
+ cq-replication
+ 5.4.2
+ provided
+
+
+ com.day.cq
+ cq-commons
+ 5.4.6
+ provided
+
+
+
+ org.apache.commons
+ commons-lang3
+ 3.4
+
+
+ commons-cli
+ commons-cli
+ 1.2
+
+
+ org.apache.httpcomponents
+ httpclient
+ 4.2.3
+
+
+ org.apache.httpcomponents
+ httpcore
+ 4.2.3
+
+
+
+ com.google.code.gson
+ gson
+ 2.7
+
+
+ org.apache.sling
+ org.apache.sling.servlets.post
+ 2.3.24
+ provided
+
+
+ com.adobe.granite
+ com.adobe.granite.crypto
+ 0.0.24
+
-
-
-
- aem
-
- true
-
-
- aem
- bundle
-
-
-
- org.slf4j
- slf4j-api
- 1.5.8
- provided
-
-
-
-
- cli
-
-
- performRelease
- true
-
-
-
- cli
- jar
-
-
-
- org.slf4j
- slf4j-simple
- 1.7.21
-
-
-
-
- release-sign-artifacts
-
-
- performRelease
- true
-
-
-
-
-
- org.apache.maven.plugins
- maven-gpg-plugin
- 1.6
-
-
- sign-artifacts
- verify
-
- sign
-
-
-
-
-
-
-
-
+
+
+
+ aem
+
+ true
+
+
+ aem
+ bundle
+
+
+
+ org.slf4j
+ slf4j-api
+ 1.5.8
+ provided
+
+
+
+
+ cli
+
+
+ performRelease
+ true
+
+
+
+ cli
+ jar
+
+
+
+ org.slf4j
+ slf4j-simple
+ 1.7.21
+
+
+
+
+ release-sign-artifacts
+
+
+ performRelease
+ true
+
+
+
+
+
+ org.apache.maven.plugins
+ maven-gpg-plugin
+ 1.6
+
+
+ sign-artifacts
+ verify
+
+ sign
+
+
+
+
+
+
+
+
diff --git a/src/main/java/com/cognifide/secureaem/sling/ConfigurationProvider.java b/src/main/java/com/cognifide/secureaem/sling/ConfigurationProvider.java
index 8762ab0..01a530e 100644
--- a/src/main/java/com/cognifide/secureaem/sling/ConfigurationProvider.java
+++ b/src/main/java/com/cognifide/secureaem/sling/ConfigurationProvider.java
@@ -6,26 +6,37 @@
import org.apache.felix.scr.annotations.Component;
import org.apache.felix.scr.annotations.Reference;
import org.apache.felix.scr.annotations.ReferenceCardinality;
+import org.apache.felix.scr.annotations.ReferencePolicy;
import org.apache.felix.scr.annotations.Service;
import org.apache.sling.api.SlingHttpServletRequest;
-import java.util.Optional;
-
@Component
@Service(ConfigurationProvider.class)
public class ConfigurationProvider {
- @Reference(cardinality = ReferenceCardinality.OPTIONAL_UNARY)
- private GlobalConfiguration globalConfiguration;
+ @Reference(cardinality = ReferenceCardinality.OPTIONAL_UNARY,
+ policy = ReferencePolicy.DYNAMIC,
+ referenceInterface = SecureAemGlobalConfiguration.class,
+ bind = "bind", unbind = "unbind")
+ private SecureAemGlobalConfiguration globalConfiguration;
@Reference
private CryptoSupport cryptoSupport;
public Configuration createConfiguration(SlingHttpServletRequest request) {
ResourceTestConfiguration testConfiguration = new ResourceTestConfiguration(request);
- GlobalConfiguration globalConfig = Optional.ofNullable(this.globalConfiguration)
- .orElseGet(() -> new ResourceGlobalConfiguration(request, cryptoSupport));
+ GlobalConfiguration globalConfig = globalConfiguration;
+ if (globalConfig == null) {
+ globalConfig = new ResourceGlobalConfiguration(request, cryptoSupport);
+ }
return new ConfigurationWrapper(globalConfig, testConfiguration);
}
+ public void bind(SecureAemGlobalConfiguration globalConfiguration) {
+ this.globalConfiguration = globalConfiguration;
+ }
+
+ public void unbind(SecureAemGlobalConfiguration globalConfiguration) {
+ this.globalConfiguration = null;
+ }
}
diff --git a/src/main/java/com/cognifide/secureaem/sling/SecureAemGlobalConfiguration.java b/src/main/java/com/cognifide/secureaem/sling/SecureAemGlobalConfiguration.java
new file mode 100644
index 0000000..5f11262
--- /dev/null
+++ b/src/main/java/com/cognifide/secureaem/sling/SecureAemGlobalConfiguration.java
@@ -0,0 +1,116 @@
+package com.cognifide.secureaem.sling;
+
+import com.adobe.granite.crypto.CryptoException;
+import com.adobe.granite.crypto.CryptoSupport;
+import com.cognifide.secureaem.GlobalConfiguration;
+import org.apache.felix.scr.annotations.Activate;
+import org.apache.felix.scr.annotations.Component;
+import org.apache.felix.scr.annotations.ConfigurationPolicy;
+import org.apache.felix.scr.annotations.Property;
+import org.apache.felix.scr.annotations.Reference;
+import org.apache.felix.scr.annotations.Service;
+import org.apache.sling.commons.osgi.PropertiesUtil;
+import org.slf4j.Logger;
+import org.slf4j.LoggerFactory;
+
+import java.util.Map;
+
+@Service(SecureAemGlobalConfiguration.class)
+@Component(label = "Global Configuration for Secure Aem",
+ description = "This configuration is used instead of the global configuration provided in the content. To use values configured in content please disable this " +
+ "Component or remove configuration file.",
+ policy = ConfigurationPolicy.REQUIRE,
+ metatype = true,
+ immediate = true)
+public class SecureAemGlobalConfiguration implements GlobalConfiguration {
+
+ private static final Logger LOGGER = LoggerFactory.getLogger(SecureAemGlobalConfiguration.class);
+
+ @Reference
+ private CryptoSupport cryptoSupport;
+
+ @Property(label = "Dispatcher url")
+ private static final String DISPATCHER_URL = "dispatcher.url";
+
+ @Property(label = "Author url", value = "http://localhost:4502")
+ private static final String AUTHOR_URL = "author.url";
+
+ @Property(label = "Author login", value = "admin")
+ private static final String AUTHOR_LOGIN = "author.login";
+
+ @Property(label = "Author password", value = "admin",
+ description = "Should be encrypted with tool available through /system/console/crypto. Plain text supported but not recommended.")
+ private static final String AUTHOR_PASSOWRD = "author.password";
+
+ @Property(label = "Publish url", value = "http://localhost:4503")
+ private static final String PUBLISH_URL = "publish.url";
+
+ @Property(label = "Publish login", value = "admin")
+ private static final String PUBLISH_LOGIN = "publish.login";
+
+ @Property(label = "Publish password", value = "admin",
+ description = "Should be encrypted with tool available through /system/console/crypto. Plain text supported but not recommended.")
+ private static final String PUBLISH_PASSOWRD = "publish.password";
+
+ private String dispatcherUrl;
+
+ private String authorUrl;
+
+ private String authorLogin;
+
+ private String authorPassowrd;
+
+ private String publishUrl;
+
+ private String publishLogin;
+
+ private String publishPassword;
+
+ @Activate
+ protected void activate(Map properties) {
+ LOGGER.info("Activating service.");
+ dispatcherUrl = PropertiesUtil.toString(properties.get(DISPATCHER_URL), "");
+ authorUrl = PropertiesUtil.toString(properties.get(AUTHOR_URL), "");
+ authorLogin = PropertiesUtil.toString(properties.get(AUTHOR_LOGIN), "");
+ authorPassowrd = PropertiesUtil.toString(properties.get(AUTHOR_PASSOWRD), "");
+ publishUrl = PropertiesUtil.toString(properties.get(PUBLISH_URL), "");
+ publishLogin = PropertiesUtil.toString(properties.get(PUBLISH_LOGIN), "");
+ publishPassword = PropertiesUtil.toString(properties.get(PUBLISH_PASSOWRD), "");
+ }
+
+ @Override
+ public String getDispatcherUrl() {
+ return dispatcherUrl;
+ }
+
+ @Override
+ public String getAuthor() {
+ return authorUrl;
+ }
+
+ @Override
+ public String getAuthorLogin() {
+ return authorLogin;
+ }
+
+ @Override
+ public String getAuthorPassword() {
+ return authorPassowrd;
+ }
+
+ @Override
+ public String getPublish() {
+ return publishUrl;
+ }
+
+ @Override
+ public String getPublishLogin() {
+ return publishLogin;
+ }
+
+ @Override
+ public String getPublishPassword() {
+ return publishPassword;
+ }
+
+}