Index: dna-graph/src/main/java/org/jboss/dna/graph/ExecutionContext.java
===================================================================
--- dna-graph/src/main/java/org/jboss/dna/graph/ExecutionContext.java (revision 1377)
+++ dna-graph/src/main/java/org/jboss/dna/graph/ExecutionContext.java (working copy)
@@ -26,7 +26,6 @@
import java.security.AccessControlContext;
import java.security.AccessController;
import java.util.UUID;
-import javax.security.auth.login.LoginException;
import net.jcip.annotations.Immutable;
import org.jboss.dna.common.component.ClassLoaderFactory;
import org.jboss.dna.common.component.StandardClassLoaderFactory;
@@ -300,10 +299,8 @@
* @return the execution context that is identical with this execution context, but with a different security context; never
* null
* @throws IllegalArgumentException if the name is null
- * @throws LoginException if there name is invalid (or there is no login context named "other"), or if the
- * default callback handler JAAS property was not set or could not be loaded
*/
- public ExecutionContext with( SecurityContext securityContext ) throws LoginException {
+ public ExecutionContext with( SecurityContext securityContext ) {
return new ExecutionContext(this, securityContext);
}
Index: dna-jcr/src/main/java/org/jboss/dna/jcr/JcrRepository.java
===================================================================
--- dna-jcr/src/main/java/org/jboss/dna/jcr/JcrRepository.java (revision 1377)
+++ dna-jcr/src/main/java/org/jboss/dna/jcr/JcrRepository.java (working copy)
@@ -29,6 +29,7 @@
import java.security.AccessControlException;
import java.security.AccessController;
import java.util.ArrayList;
+import java.util.Arrays;
import java.util.Collections;
import java.util.EnumMap;
import java.util.HashMap;
@@ -46,7 +47,6 @@
import javax.security.auth.Subject;
import javax.security.auth.login.Configuration;
import javax.security.auth.login.LoginContext;
-import javax.security.auth.login.LoginException;
import net.jcip.annotations.GuardedBy;
import net.jcip.annotations.Immutable;
import net.jcip.annotations.ThreadSafe;
@@ -57,6 +57,7 @@
import org.jboss.dna.graph.ExecutionContext;
import org.jboss.dna.graph.Graph;
import org.jboss.dna.graph.JaasSecurityContext;
+import org.jboss.dna.graph.SecurityContext;
import org.jboss.dna.graph.Subgraph;
import org.jboss.dna.graph.connector.RepositoryConnection;
import org.jboss.dna.graph.connector.RepositoryConnectionFactory;
@@ -137,9 +138,15 @@
/**
* The depth of the subgraphs that should be loaded the connectors. The default value is 1.
*/
- READ_DEPTH;
+ READ_DEPTH,
/**
+ * A comma-delimited list of default roles provided for anonymous access. A null or empty value for this option means that
+ * anonymous access is disabled.
+ */
+ ANONYMOUS_USER_ROLES;
+
+ /**
* Determine the option given the option name. This does more than {@link Option#valueOf(String)}, since this method first
* tries to match the supplied string to the option's {@link Option#name() name}, then the uppercase version of the
* supplied string to the option's name, and finally if the supplied string is a camel-case version of the name (e.g.,
@@ -186,6 +193,11 @@
* The default value for the {@link Option#READ_DEPTH} option is {@value} .
*/
public static final String READ_DEPTH = "1";
+
+ /**
+ * The default value for the {@link Option#READ_DEPTH} option is {@value} .
+ */
+ public static final String ANONYMOUS_USER_ROLES = null;
}
/**
@@ -199,6 +211,7 @@
defaults.put(Option.PROJECT_NODE_TYPES, DefaultOption.PROJECT_NODE_TYPES);
defaults.put(Option.JAAS_LOGIN_CONFIG_NAME, DefaultOption.JAAS_LOGIN_CONFIG_NAME);
defaults.put(Option.READ_DEPTH, DefaultOption.READ_DEPTH);
+ defaults.put(Option.ANONYMOUS_USER_ROLES, DefaultOption.ANONYMOUS_USER_ROLES);
DEFAULT_OPTIONS = Collections.