DRYD-177: First stages of moving authority and vocab initialization to the Services...

author remillet <remillet@yahoo.com>

Sat, 28 Oct 2017 00:06:49 +0000 (17:06 -0700)

committer remillet <remillet@yahoo.com>

Sat, 28 Oct 2017 00:06:49 +0000 (17:06 -0700)
author remillet <remillet@yahoo.com>
Sat, 28 Oct 2017 00:06:49 +0000 (17:06 -0700)
committer remillet <remillet@yahoo.com>
Sat, 28 Oct 2017 00:06:49 +0000 (17:06 -0700)
diff --git a/services/JaxRsServiceProvider/pom.xml b/services/JaxRsServiceProvider/pom.xml

index e2832a8180bbe4c1d12fec48ffaaabb152650850..9c8f180e6fe2a27a6065f94e1b4d718d01f3a70a 100644 (file)
--- a/services/JaxRsServiceProvider/pom.xml
+++ b/services/JaxRsServiceProvider/pom.xml
@@ -93,6 +93,37 @@
                         <groupId>org.jboss.logging</groupId>
                 </exclusion>
              </exclusions>
+        </dependency>
+        <dependency>
+                       <groupId>org.collectionspace.services</groupId>
+               <artifactId>org.collectionspace.services.authentication.service</artifactId>
+               <version>${project.version}</version>
+               <exclusions>
+                               <exclusion>
+                                       <artifactId>servlet-api-2.5</artifactId>
+                                       <groupId>org.mortbay.jetty</groupId>
+                               </exclusion>
+                               <exclusion>
+                                       <artifactId>spring-core</artifactId>
+                                       <groupId>org.springframework</groupId>
+                               </exclusion>
+                               <exclusion>
+                                       <artifactId>spring-beans</artifactId>
+                                       <groupId>org.springframework</groupId>
+                               </exclusion>
+                               <exclusion>
+                                       <artifactId>jsp-api-2.1</artifactId>
+                                       <groupId>org.mortbay.jetty</groupId>
+                               </exclusion>
+                               <exclusion>
+                                       <artifactId>jsp-2.1</artifactId>
+                                       <groupId>org.mortbay.jetty</groupId>
+                               </exclusion>
+                               <exclusion>
+                                       <artifactId>jaxb-impl</artifactId>
+                                       <groupId>com.sun.xml.bind</groupId>
+                               </exclusion>
+                       </exclusions>
          </dependency>
                 <dependency>
                         <groupId>org.collectionspace.services</groupId>
diff --git a/services/JaxRsServiceProvider/src/main/java/org/collectionspace/services/jaxrs/CSpaceResteasyBootstrap.java b/services/JaxRsServiceProvider/src/main/java/org/collectionspace/services/jaxrs/CSpaceResteasyBootstrap.java

index 0781ac4f458ba95f8e30a86f1b56fb4a8a9aeb08..495c2b0fa34b3a494392087b5e8e015be850bf5d 100644 (file)
--- a/services/JaxRsServiceProvider/src/main/java/org/collectionspace/services/jaxrs/CSpaceResteasyBootstrap.java
+++ b/services/JaxRsServiceProvider/src/main/java/org/collectionspace/services/jaxrs/CSpaceResteasyBootstrap.java
@@ -1,11 +1,27 @@
  package org.collectionspace.services.jaxrs;
  
  import javax.servlet.ServletContextEvent;
+import javax.ws.rs.core.Response;
  
  import org.jboss.resteasy.core.Dispatcher;
  import org.jboss.resteasy.plugins.server.servlet.ResteasyBootstrap;
+import org.collectionspace.authentication.CSpaceTenant;
+import org.collectionspace.services.authorization.AuthZ;
+import org.collectionspace.services.client.PersonAuthorityClient;
+import org.collectionspace.services.client.PersonAuthorityClientUtils;
+import org.collectionspace.services.client.PoxPayloadOut;
+import org.collectionspace.services.person.PersonAuthorityResource;
  import org.collectionspace.services.common.ResourceMap;
+import org.collectionspace.services.common.ServiceMain;
+import org.collectionspace.services.common.config.TenantBindingConfigReaderImpl;
+import org.collectionspace.services.config.service.AuthorityInstanceType;
+import org.collectionspace.services.config.service.ServiceBindingType;
+import org.collectionspace.services.config.service.ServiceBindingType.AuthorityInstanceList;
+import org.collectionspace.services.config.tenant.TenantBindingType;
+
  import java.util.Date;
+import java.util.Hashtable;
+import java.util.List;
  
  public class CSpaceResteasyBootstrap extends ResteasyBootstrap {
         
@@ -21,6 +37,9 @@ public class CSpaceResteasyBootstrap extends ResteasyBootstrap {
                         CollectionSpaceJaxRsApplication app = (CollectionSpaceJaxRsApplication)deployment.getApplication();
                         Dispatcher disp = deployment.getDispatcher();
                         disp.getDefaultContextObjects().put(ResourceMap.class, app.getResourceMap());
+                       
+                       initializeAuthorities(app.getResourceMap());
+                       
                 System.out.println(String.format("%tc [INFO] CollectionSpace Services' JAX-RS application started.", new Date()));
                 } catch (Throwable e) {
                         e.printStackTrace();
@@ -35,4 +54,44 @@ public class CSpaceResteasyBootstrap extends ResteasyBootstrap {
         System.out.println("[INFO] CollectionSpace Services' JAX-RS application stopped.");
      }  
  
+    public void initializeAuthorities(ResourceMap resourceMap) {
+       TenantBindingConfigReaderImpl tenantBindingConfigReader = ServiceMain.getInstance().getTenantBindingConfigReader();     
+       Hashtable<String, TenantBindingType> tenantBindingsTable = tenantBindingConfigReader.getTenantBindings(false);
+       for (TenantBindingType tenantBindings : tenantBindingsTable.values()) {
+               for (ServiceBindingType serviceBinding : tenantBindings.getServiceBindings()) {
+                       AuthorityInstanceList element = serviceBinding.getAuthorityInstanceList();
+                       if (element != null && element.getAuthorityInstance() != null) {
+                               List<AuthorityInstanceType> authorityInstanceList = element.getAuthorityInstance();
+                               for (AuthorityInstanceType authorityInstance : authorityInstanceList) {
+                                       CSpaceTenant tenant = new CSpaceTenant(tenantBindings.getId(), tenantBindings.getName());
+                                       initializeAuthorityInstance(resourceMap, authorityInstance, serviceBinding.getName(), tenant);
+                               }
+                       }
+               }
+       }
+       }
+
+    private void initializeAuthorityInstance(ResourceMap resourceMap, AuthorityInstanceType authorityInstance, String serviceName, CSpaceTenant tenant) {
+               // TODO Auto-generated method stub
+               try {
+                       AuthZ.get().login(tenant);
+                       PersonAuthorityClient client = new PersonAuthorityClient();                     
+                       PoxPayloadOut xmlPayloadOut = PersonAuthorityClientUtils.createPersonAuthorityInstance(
+                                       authorityInstance.getTitle(), authorityInstance.getTitleRef(), client.getCommonPartName());
+                       String xmlPayload = xmlPayloadOut.asXML();
+                       PersonAuthorityResource personAuthorityResource = (PersonAuthorityResource) resourceMap.get(serviceName.toLowerCase());
+                       Response response = personAuthorityResource.createAuthority(xmlPayload);
+                       int status = response.getStatus();
+                                               
+               } catch (Exception e) {
+                       // TODO Auto-generated catch block
+                       e.printStackTrace();
+               }
+       }
+
+       private void initializeVocabularies() {
+               // TODO Auto-generated method stub
+               
+       }
+
  }
diff --git a/services/account/service/pom.xml b/services/account/service/pom.xml

index fbae535366ee899fa44795b313795d62def8bb5f..02294873335e6806164df1c53c8c9a60ea2188ab 100644 (file)
--- a/services/account/service/pom.xml
+++ b/services/account/service/pom.xml
@@ -49,6 +49,12 @@
              <artifactId>org.collectionspace.services.account.client</artifactId>
              <version>${project.version}</version>
          </dependency>
+               <dependency>
+                       <groupId>org.collectionspace.services</groupId>
+                       <artifactId>org.collectionspace.services.authentication.service</artifactId>
+                       <version>${project.version}</version>
+                       <scope>provided</scope>
+               </dependency>        
  
          <!-- External dependencies -->
          
diff --git a/services/account/service/src/main/java/org/collectionspace/services/account/AccountRoleSubResource.java b/services/account/service/src/main/java/org/collectionspace/services/account/AccountRoleSubResource.java

index 4b05c1bd9d2de143c90b95df09042ee7e7762975..811df57b699ce202bd86e39ddbea1ac170651c1c 100644 (file)
--- a/services/account/service/src/main/java/org/collectionspace/services/account/AccountRoleSubResource.java
+++ b/services/account/service/src/main/java/org/collectionspace/services/account/AccountRoleSubResource.java
@@ -28,6 +28,7 @@ import java.util.ArrayList;
  
  import javax.persistence.PersistenceException;
  
+import org.collectionspace.authentication.AuthN;
  import org.collectionspace.services.account.storage.AccountRoleDocumentHandler;
  //import org.collectionspace.services.authorization.AccountRolesList;
  //import org.collectionspace.services.authorization.AccountRolesList.AccountRoleListItem;
@@ -178,8 +179,8 @@ public class AccountRoleSubResource
         input.setRole(springRoles);
         RoleValue springAdminRole = new RoleValue();
         springRoles.add(springAdminRole);
-       springAdminRole.setRoleId(AuthorizationCommon.ROLE_SPRING_ADMIN_ID);
-       springAdminRole.setRoleName(AuthorizationCommon.ROLE_SPRING_ADMIN_NAME);
+       springAdminRole.setRoleId(AuthN.ROLE_SPRING_ADMIN_ID);
+       springAdminRole.setRoleName(AuthN.ROLE_SPRING_ADMIN_NAME);
  
         // The Spring role relationship may already exist, if it does then we'll get a PersistenceException that
         // we'll just ignore.
@@ -191,7 +192,7 @@ public class AccountRoleSubResource
                 //If we get this exception, it means that the role relationship already exists, so
                 //we can just ignore this exception.
                 if (logger.isTraceEnabled() == true) {
-                       logger.trace(AuthorizationCommon.ROLE_SPRING_ADMIN_NAME +
+                       logger.trace(AuthN.ROLE_SPRING_ADMIN_NAME +
                                         " relationship already exists for account: " +
                                         input.getAccount().get(0).getAccountId(), e);
                 }
diff --git a/services/authentication/service/src/main/java/org/collectionspace/authentication/AuthN.java b/services/authentication/service/src/main/java/org/collectionspace/authentication/AuthN.java

index 5cf351b12af3af859e88a6a45d04fe6a8c229ee3..b1a6db2e2bf5e7cfeeb8443cf624fd84ee33e42f 100644 (file)
--- a/services/authentication/service/src/main/java/org/collectionspace/authentication/AuthN.java
+++ b/services/authentication/service/src/main/java/org/collectionspace/authentication/AuthN.java
@@ -68,9 +68,28 @@ public class AuthN {
      private static DataSource dataSource = null;
      private AuthNContext authnContext;
      
+    //
+    // The "super" role has a predefined ID of "0" and a tenant ID of "0";
+    //
+    final public static String ROLE_ALL_TENANTS_MANAGER = "ALL_TENANTS_MANAGER";
+    final public static String ROLE_ALL_TENANTS_MANAGER_ID = "0";
+    final public static String ALL_TENANTS_MANAGER_TENANT_ID = "0";
+    public static final String ADMIN_TENANT_ID = "0";
+    public static final String ANONYMOUS_TENANT_ID = "-1";
+    
+    public static final String ANONYMOUS_USER = "anonymous";
+    public static final String ANONYMOUS_TENANT_NAME = ANONYMOUS_USER;
+    public static final String SPRING_ADMIN_USER = "SPRING_ADMIN";
+    public static final String SPRING_ADMIN_PASSWORD = "SPRING_ADMIN";
+    public static final String TENANT_ID_QUERY_PARAM = "tid";
+    public static final String TENANT_ID_PATH_PARAM = "tenantId";
+    
+    public static final String ROLE_SPRING_ADMIN_ID = "-1";
+    public static final String ROLE_SPRING_ADMIN_NAME = "ROLE_SPRING_ADMIN";
+
      // Define a special account value for the tenantManager. Yes, this is a hack, but
      // less troublesome than the alternatives.
-    public static final String TENANT_MANAGER_ACCT_ID = "0"; 
+    public static final String TENANT_MANAGER_ACCT_ID = ALL_TENANTS_MANAGER_TENANT_ID;
  
      private AuthN() {
          //hardcoded initialization of a provider
diff --git a/services/authentication/service/src/main/java/org/collectionspace/authentication/spi/AuthNContext.java b/services/authentication/service/src/main/java/org/collectionspace/authentication/spi/AuthNContext.java

index c8c911a11412c4977d89845e479844558bda25eb..873fabe828855d320daf8788a2d785d9aa2fb576 100644 (file)
--- a/services/authentication/service/src/main/java/org/collectionspace/authentication/spi/AuthNContext.java
+++ b/services/authentication/service/src/main/java/org/collectionspace/authentication/spi/AuthNContext.java
@@ -32,13 +32,6 @@ import org.collectionspace.authentication.CSpaceUser;
   */
  public interface AuthNContext {
      
-    public static final String ANONYMOUS_USER = "anonymous";
-    public static final String ANONYMOUS_TENANT_ID = "-1";
-    public static final String ANONYMOUS_TENANT_NAME = ANONYMOUS_USER;
-    public static final String SPRING_ADMIN_USER = "SPRING_ADMIN";
-    public static final String TENANT_ID_QUERY_PARAM = "tid";
-    public static final String TENANT_ID_PATH_PARAM = "tenantId";
-
      /**
       * Returns the username of the authenticated user.
       * 
diff --git a/services/authentication/service/src/main/java/org/collectionspace/authentication/spring/SpringAuthNContext.java b/services/authentication/service/src/main/java/org/collectionspace/authentication/spring/SpringAuthNContext.java

index 11af775097df4a6cee68f1f4435f9adcfe13d46c..2d3ef77f6334aeda6e0444cc3e7d453cfed539d2 100644 (file)
--- a/services/authentication/service/src/main/java/org/collectionspace/authentication/spring/SpringAuthNContext.java
+++ b/services/authentication/service/src/main/java/org/collectionspace/authentication/spring/SpringAuthNContext.java
@@ -23,6 +23,7 @@
   */
  package org.collectionspace.authentication.spring;
  
+import org.collectionspace.authentication.AuthN;
  import org.collectionspace.authentication.CSpaceTenant;
  import org.collectionspace.authentication.CSpaceUser;
  import org.collectionspace.authentication.spi.AuthNContext;
@@ -39,25 +40,31 @@ public class SpringAuthNContext implements AuthNContext {
       * 
       * @return the username
       */
-    public String getUserId() {
+    @Override
+       public String getUserId() {
          Authentication authToken = SecurityContextHolder.getContext().getAuthentication();
          
          if (authToken == null) {
-            return ANONYMOUS_USER;
+            return AuthN.ANONYMOUS_USER;
          }
          
          return authToken.getName();
      }
  
      /**
-     * Returns the authenticated user.
+     * Returns the authenticated CSpaceUser user.
       * 
       * @return the user
       */
-    public CSpaceUser getUser() {
+    @Override
+       public CSpaceUser getUser() {
          Authentication authentication = SecurityContextHolder.getContext().getAuthentication();
          Object principal = authentication.getPrincipal();
-        CSpaceUser user = (CSpaceUser) principal;
+        
+        CSpaceUser user = null;
+        if (principal instanceof CSpaceUser ) {
+               user = (CSpaceUser) principal;
+        }
          
          return user;
      }
@@ -67,14 +74,23 @@ public class SpringAuthNContext implements AuthNContext {
       * 
       * @return the tenant id
       */
-    public String getCurrentTenantId() {
-        String username = getUserId();
-        
-        if (username.equals(ANONYMOUS_USER) || username.equals(SPRING_ADMIN_USER)) {
-            return ANONYMOUS_TENANT_ID;
-        }
-
-        return getCurrentTenant().getId();
+    @Override
+       public String getCurrentTenantId() {
+       String result = null;
+       
+       CSpaceUser cspaceUser = getUser();
+       if (cspaceUser != null) {
+            result = getCurrentTenant().getId();
+       } else {
+               String username = getUserId();        
+               if (username.equals(AuthN.ANONYMOUS_USER)) {
+                   result = AuthN.ANONYMOUS_TENANT_ID;
+               } else if (username.equals(AuthN.SPRING_ADMIN_USER)) {
+                   result = AuthN.ADMIN_TENANT_ID;
+               }
+       }
+       
+       return result;
      }
  
      /**
@@ -82,9 +98,10 @@ public class SpringAuthNContext implements AuthNContext {
       * 
       * @return the tenant name
       */
-    public String getCurrentTenantName() {
-        if (getUserId().equals(ANONYMOUS_USER)) {
-            return ANONYMOUS_TENANT_NAME;
+    @Override
+       public String getCurrentTenantName() {
+        if (getUserId().equals(AuthN.ANONYMOUS_USER)) {
+            return AuthN.ANONYMOUS_TENANT_NAME;
          }
  
          return getCurrentTenant().getName();
@@ -95,7 +112,8 @@ public class SpringAuthNContext implements AuthNContext {
       * 
       * @return the tenant
       */
-    public CSpaceTenant getCurrentTenant() {
+    @Override
+       public CSpaceTenant getCurrentTenant() {
          return getUser().getPrimaryTenant();
      }
  }
diff --git a/services/authorization-mgt/import/src/main/java/org/collectionspace/services/authorization/driver/AuthorizationSeedDriver.java b/services/authorization-mgt/import/src/main/java/org/collectionspace/services/authorization/driver/AuthorizationSeedDriver.java

index 55b662d847224658800d3248f7e53c158fd991af..5dfa264ba9dd470b4bafbadbfb50a73e0eeaad19 100644 (file)
--- a/services/authorization-mgt/import/src/main/java/org/collectionspace/services/authorization/driver/AuthorizationSeedDriver.java
+++ b/services/authorization-mgt/import/src/main/java/org/collectionspace/services/authorization/driver/AuthorizationSeedDriver.java
@@ -31,6 +31,7 @@ import java.util.List;
  import javax.persistence.EntityManager;
  import javax.persistence.EntityManagerFactory;
  
+import org.collectionspace.authentication.AuthN;
  import org.collectionspace.services.authorization.AuthZ;
  import org.collectionspace.services.authorization.perms.Permission;
  import org.collectionspace.services.authorization.PermissionRole;
@@ -175,7 +176,7 @@ public class AuthorizationSeedDriver {
  
      private void login() {
          //GrantedAuthority cspace_admin = new SimpleGrantedAuthority("ROLE_ADMINISTRATOR");
-        GrantedAuthority spring_security_admin = new SimpleGrantedAuthority("ROLE_SPRING_ADMIN"); //NOTE: Must match with value in applicationContext-authorization-test.xml (aka SPRING_SECURITY_METADATA)
+        GrantedAuthority spring_security_admin = new SimpleGrantedAuthority(AuthN.ROLE_SPRING_ADMIN_NAME); //NOTE: Must match with value in applicationContext-authorization-test.xml (aka SPRING_SECURITY_METADATA)
          HashSet<GrantedAuthority> gauths = new HashSet<GrantedAuthority>();
          //gauths.add(cspace_admin);
          gauths.add(spring_security_admin);
diff --git a/services/authorization-mgt/import/src/main/java/org/collectionspace/services/authorization/importer/AuthorizationGen.java b/services/authorization-mgt/import/src/main/java/org/collectionspace/services/authorization/importer/AuthorizationGen.java

index 892ffbacf31501d833d626e7314bdad6a9cf6c78..b2ec4ed954d82deb19fe9a311cae36d7c6fceef5 100644 (file)
--- a/services/authorization-mgt/import/src/main/java/org/collectionspace/services/authorization/importer/AuthorizationGen.java
+++ b/services/authorization-mgt/import/src/main/java/org/collectionspace/services/authorization/importer/AuthorizationGen.java
@@ -32,6 +32,7 @@ import java.util.List;
  import javax.xml.bind.JAXBContext;
  import javax.xml.bind.Marshaller;
  import org.collectionspace.services.authorization.perms.Permission;
+import org.collectionspace.authentication.AuthN;
  import org.collectionspace.services.authorization.PermissionRole;
  import org.collectionspace.services.authorization.PermissionValue;
  import org.collectionspace.services.authorization.perms.PermissionsList;
@@ -408,11 +409,11 @@ public class AuthorizationGen {
          Role role = new Role();
          
          role.setDescription("A generated super role that has permissions to manage tenants.");
-        role.setDisplayName(AuthorizationCommon.ROLE_ALL_TENANTS_MANAGER);
+        role.setDisplayName(AuthN.ROLE_ALL_TENANTS_MANAGER);
          role.setRoleName(AuthorizationCommon.getQualifiedRoleName(
-                       AuthorizationCommon.ALL_TENANTS_MANAGER_TENANT_ID, role.getDisplayName()));
-        role.setCsid(AuthorizationCommon.ROLE_ALL_TENANTS_MANAGER_ID);
-        role.setTenantId(AuthorizationCommon.ALL_TENANTS_MANAGER_TENANT_ID);
+                       AuthN.ALL_TENANTS_MANAGER_TENANT_ID, role.getDisplayName()));
+        role.setCsid(AuthN.ROLE_ALL_TENANTS_MANAGER_ID);
+        role.setTenantId(AuthN.ALL_TENANTS_MANAGER_TENANT_ID);
          
          return role;
      }
diff --git a/services/authorization/service/src/main/java/org/collectionspace/services/authorization/AuthZ.java b/services/authorization/service/src/main/java/org/collectionspace/services/authorization/AuthZ.java

index 9dd09df36a19416b5290e17af981acde3f1650e0..71c9ee302d2d1fffbd22647e108fa0461d909b96 100644 (file)
--- a/services/authorization/service/src/main/java/org/collectionspace/services/authorization/AuthZ.java
+++ b/services/authorization/service/src/main/java/org/collectionspace/services/authorization/AuthZ.java
@@ -28,6 +28,10 @@ import java.util.HashSet;
  
  import org.apache.commons.logging.Log;
  import org.apache.commons.logging.LogFactory;
+import org.collectionspace.authentication.AuthN;
+import org.collectionspace.authentication.CSpaceTenant;
+import org.collectionspace.authentication.CSpaceUser;
+import org.collectionspace.authentication.spi.AuthNContext;
  import org.collectionspace.services.authorization.perms.ActionType;
  import org.collectionspace.services.authorization.spi.CSpaceAuthorizationProvider;
  import org.springframework.context.support.ClassPathXmlApplicationContext;
@@ -215,17 +219,42 @@ public class AuthZ {
          return provider.getPermissionEvaluator().hasPermission(res, action);
      }
      
+    //
+    // Login as the admin of no specific tenant
+    //
      public void login() {
-       String user = "SPRING_ADMIN";
-       String password = "SPRING_ADMIN";
-        GrantedAuthority spring_security_admin = new SimpleGrantedAuthority("ROLE_SPRING_ADMIN"); //NOTE: Must match with value in applicationContext-authorization-test.xml (aka SPRING_SECURITY_METADATA)
+       String user = AuthN.SPRING_ADMIN_USER;
+       String password = AuthN.SPRING_ADMIN_PASSWORD;
+       
          HashSet<GrantedAuthority> gauths = new HashSet<GrantedAuthority>();
-        gauths.add(spring_security_admin);
+        gauths.add(new SimpleGrantedAuthority(AuthN.ROLE_SPRING_ADMIN_NAME)); //NOTE: Must match with value in applicationContext-authorization-test.xml (aka SPRING_SECURITY_METADATA));
+        
          Authentication authRequest = new UsernamePasswordAuthenticationToken(user, password, gauths);
          SecurityContextHolder.getContext().setAuthentication(authRequest);
          if (logger.isDebugEnabled()) {
              logger.debug("Spring Security login successful for user=" + user);
          }
      }
+    
+    //
+    // Login as the admin for a specific tenant
+    //
+    public void login(CSpaceTenant tenant) {
+       String user = AuthN.SPRING_ADMIN_USER;
+       String password = AuthN.SPRING_ADMIN_PASSWORD;
+               
+       HashSet<GrantedAuthority> grantedAuthorities = new HashSet<GrantedAuthority>();
+       grantedAuthorities.add(new SimpleGrantedAuthority(AuthN.ROLE_SPRING_ADMIN_NAME));
+       
+       HashSet<CSpaceTenant> tenantSet = new HashSet<CSpaceTenant>();
+       tenantSet.add(tenant);
+       CSpaceUser principal = new CSpaceUser(user, password, tenantSet, grantedAuthorities);
+       
+        Authentication authRequest = new UsernamePasswordAuthenticationToken(principal, password, grantedAuthorities);
+        SecurityContextHolder.getContext().setAuthentication(authRequest);
+        if (logger.isDebugEnabled()) {
+            logger.debug("Spring Security login successful for user=" + user);
+        }
+    }
  
  }
diff --git a/services/common/src/main/java/org/collectionspace/services/common/ServiceMain.java b/services/common/src/main/java/org/collectionspace/services/common/ServiceMain.java

index 303cb116337dcde0137d697a9665e16cd5e54879..0eeda956a7aff5975ba73ceb70573cd434a0a48d 100644 (file)
--- a/services/common/src/main/java/org/collectionspace/services/common/ServiceMain.java
+++ b/services/common/src/main/java/org/collectionspace/services/common/ServiceMain.java
@@ -99,7 +99,7 @@ public class ServiceMain {
      private ServiceMain() {
         // Intentionally blank
      }
-    
+        
      /*
       * 
       * Set this singletons ServletContext without any call to initialize
@@ -231,6 +231,12 @@ public class ServiceMain {
                                         e.getLocalizedMessage(), e);
                         throw e;
                 }
+               
+               //
+               // Ensure default vocabulary and authority instances and their corresponding terms exist.
+               //
+//             initializeVocabularies();
+//             initializeAuthorities();
          
          /*
           * This might be useful for something, but the reader grants are better handled in the ReportPostInitHandler.
@@ -243,7 +249,7 @@ public class ServiceMain {
                 showTenantStatus();
      }
          
-    /**
+       /**
       * Returns the primary repository name for a tenant -there's usually just one.
       * @param tenantBinding
       * @return
diff --git a/services/common/src/main/java/org/collectionspace/services/common/authorization_mgt/AuthorizationCommon.java b/services/common/src/main/java/org/collectionspace/services/common/authorization_mgt/AuthorizationCommon.java

index 5b246462804f0b48b5e668777dd1b3b5b628be6b..17f00e974271c25a7aa2600772c8aa3c1a5c4922 100644 (file)
--- a/services/common/src/main/java/org/collectionspace/services/common/authorization_mgt/AuthorizationCommon.java
+++ b/services/common/src/main/java/org/collectionspace/services/common/authorization_mgt/AuthorizationCommon.java
@@ -87,13 +87,6 @@ public class AuthorizationCommon {
         
      final static Logger logger = LoggerFactory.getLogger(AuthorizationCommon.class);
  
-    //
-    // The "super" role has a predefined ID of "0" and a tenant ID of "0";
-    //
-    final public static String ROLE_ALL_TENANTS_MANAGER = "ALL_TENANTS_MANAGER";
-    final public static String ROLE_ALL_TENANTS_MANAGER_ID = "0";
-    final public static String ALL_TENANTS_MANAGER_TENANT_ID = "0";
-
      final public static String ROLE_TENANT_ADMINISTRATOR = "TENANT_ADMINISTRATOR";
      final public static String ROLE_TENANT_READER = "TENANT_READER";
         
@@ -105,14 +98,10 @@ public class AuthorizationCommon {
      public static final String TENANT_ADMIN_ACCT_PREFIX = "admin@"; 
      public static final String TENANT_READER_ACCT_PREFIX = "reader@"; 
      public static final String ROLE_PREFIX = "ROLE_"; 
-    public static final String SPRING_ADMIN_ROLE = "ROLE_SPRING_ADMIN"; 
      public static final String TENANT_ADMIN_ROLE_SUFFIX = "_TENANT_ADMINISTRATOR"; 
      public static final String TENANT_READER_ROLE_SUFFIX = "_TENANT_READER"; 
      public static final String DEFAULT_ADMIN_PASSWORD = "Administrator";
      public static final String DEFAULT_READER_PASSWORD = "reader";
-
-    public static final String ROLE_SPRING_ADMIN_ID = "-1";
-    public static final String ROLE_SPRING_ADMIN_NAME = "ROLE_SPRING_ADMIN";
      
      // SQL for init tasks
         final private static String INSERT_ACCOUNT_ROLE_SQL_MYSQL = 
@@ -135,7 +124,7 @@ public class AuthorizationCommon {
         final private static String QUERY_TENANT_MGR_USER_SQL = 
                 "SELECT username FROM users WHERE username = '"+TENANT_MANAGER_USER+"'";
         final private static String GET_TENANT_MGR_ROLE_SQL =
-                       "SELECT csid from roles WHERE tenant_id='"+ALL_TENANTS_MANAGER_TENANT_ID+"' and rolename=?";
+                       "SELECT csid from roles WHERE tenant_id='" + AuthN.ALL_TENANTS_MANAGER_TENANT_ID + "' and rolename=?";
  
      public static Role getRole(String tenantId, String displayName) {
         Role role = null;
@@ -685,7 +674,7 @@ public class AuthorizationCommon {
         PreparedStatement pstmt = null;
         try {
                 final String querySpringRole = 
-                               "SELECT csid from roles WHERE rolename='"+SPRING_ADMIN_ROLE+"'";
+                               "SELECT csid from roles WHERE rolename='"+AuthN.ROLE_SPRING_ADMIN_NAME+"'";
                 stmt = conn.createStatement();
                 ResultSet rs = stmt.executeQuery(querySpringRole);
                 if(rs.next()) {
@@ -761,8 +750,8 @@ public class AuthorizationCommon {
                 String tenantMgrRoleCSID = null;
         PreparedStatement pstmt = null;
         try {
-               String rolename = getQualifiedRoleName(ALL_TENANTS_MANAGER_TENANT_ID, 
-                                                                                               ROLE_ALL_TENANTS_MANAGER);              
+               String rolename = getQualifiedRoleName(AuthN.ALL_TENANTS_MANAGER_TENANT_ID, 
+                               AuthN.ROLE_ALL_TENANTS_MANAGER);                
                 pstmt = conn.prepareStatement(GET_TENANT_MGR_ROLE_SQL); // create a statement
                 ResultSet rs = null;
                 pstmt.setString(1, rolename);   // set rolename param
@@ -826,7 +815,7 @@ public class AuthorizationCommon {
                                 pstmt.executeUpdate();
                                 // Now add the Spring Admin Role to the admin accounts
                                 pstmt.setString(3, springAdminRoleCSID);        // set role_id param
-                               pstmt.setString(4, SPRING_ADMIN_ROLE);          // set rolename param
+                               pstmt.setString(4, AuthN.ROLE_SPRING_ADMIN_NAME);               // set rolename param
                                 if (logger.isDebugEnabled()) {
                                         logger.debug("createDefaultAccounts binding account: "
                                                         +adminUserId+" to Spring Admin role: "+springAdminRoleCSID);
@@ -952,7 +941,7 @@ public class AuthorizationCommon {
                         String tenantManagerRoleCSID = findTenantManagerRole(conn);
                         bindTenantManagerAccountRole(conn, databaseProductType, 
                                         TENANT_MANAGER_USER, AuthN.TENANT_MANAGER_ACCT_ID, 
-                                       tenantManagerRoleCSID, ROLE_ALL_TENANTS_MANAGER);
+                                       tenantManagerRoleCSID, AuthN.ROLE_ALL_TENANTS_MANAGER);
                 }
          } catch (Exception e) {
                         logger.debug("Exception in createDefaultAccounts: " + e.getLocalizedMessage());
diff --git a/services/common/src/main/java/org/collectionspace/services/common/authorization_mgt/AuthorizationRoleRel.java b/services/common/src/main/java/org/collectionspace/services/common/authorization_mgt/AuthorizationRoleRel.java

index c61560505cafa71f79f20b233ecc09d6dba6df63..80759dead51bb5246f48565e5d647777f61fbe6c 100644 (file)
--- a/services/common/src/main/java/org/collectionspace/services/common/authorization_mgt/AuthorizationRoleRel.java
+++ b/services/common/src/main/java/org/collectionspace/services/common/authorization_mgt/AuthorizationRoleRel.java
@@ -2,6 +2,7 @@ package org.collectionspace.services.common.authorization_mgt;
  
  import org.collectionspace.services.authorization.AccountValue;
  import org.collectionspace.services.authorization.PermissionRoleRel;
+import org.collectionspace.authentication.AuthN;
  import org.collectionspace.services.authorization.AccountRoleRel;
  import org.collectionspace.services.authorization.PermissionValue;
  import org.collectionspace.services.authorization.RoleValue;
@@ -30,7 +31,7 @@ public class AuthorizationRoleRel {
       */
      static public RoleValue buildRoleValue(AccountRoleRel arr) {
         RoleValue rv = null;
-       if (arr.getRoleId().equals(AuthorizationCommon.ROLE_SPRING_ADMIN_ID) == false) {
+       if (arr.getRoleId().equals(AuthN.ROLE_SPRING_ADMIN_ID) == false) {
                 rv = new RoleValue();
                 rv.setRoleId(arr.getRoleId());
                 rv.setRoleName(arr.getRoleName());
diff --git a/services/common/src/main/java/org/collectionspace/services/common/context/AbstractServiceContextImpl.java b/services/common/src/main/java/org/collectionspace/services/common/context/AbstractServiceContextImpl.java

index 24e37fbf6dfa3c84caa79220cedbbf1623d9ad49..7bbd0bc86290d52973c2c7771c64c6f10260903c 100644 (file)
--- a/services/common/src/main/java/org/collectionspace/services/common/context/AbstractServiceContextImpl.java
+++ b/services/common/src/main/java/org/collectionspace/services/common/context/AbstractServiceContextImpl.java
@@ -33,6 +33,7 @@ import javax.ws.rs.core.MultivaluedMap;
  import javax.ws.rs.core.Request;
  import javax.ws.rs.core.UriInfo;
  
+import org.collectionspace.authentication.AuthN;
  import org.collectionspace.authentication.spi.AuthNContext;
  import org.collectionspace.services.client.AuthorityClient;
  import org.collectionspace.services.client.CollectionSpaceClient;
@@ -141,8 +142,8 @@ public abstract class AbstractServiceContextImpl<IT, OT>
          checkTenantContext();
  
          String tenantId = securityContext.getCurrentTenantId();
-        if (AuthorizationCommon.ALL_TENANTS_MANAGER_TENANT_ID.equals(tenantId) ||
-                       AuthNContext.ANONYMOUS_TENANT_ID.equals(tenantId)) {
+        if (AuthN.ALL_TENANTS_MANAGER_TENANT_ID.equals(tenantId) ||
+                       AuthN.ANONYMOUS_TENANT_ID.equals(tenantId)) {
                 // Tenant Manager has no tenant binding, so don't bother...
                 tenantBinding = null;
                 serviceBinding = null;
diff --git a/services/common/src/main/java/org/collectionspace/services/common/publicitem/PublicItemResource.java b/services/common/src/main/java/org/collectionspace/services/common/publicitem/PublicItemResource.java

index 7d61387019a17317b86e89cd87b66f609b11b536..082cb3341a0ca2fc653dfa8efc7a138e752a9068 100644 (file)
--- a/services/common/src/main/java/org/collectionspace/services/common/publicitem/PublicItemResource.java
+++ b/services/common/src/main/java/org/collectionspace/services/common/publicitem/PublicItemResource.java
@@ -26,6 +26,7 @@ package org.collectionspace.services.common.publicitem;
  import java.io.InputStream;
  import java.lang.reflect.Method;
  
+import org.collectionspace.authentication.AuthN;
  import org.collectionspace.authentication.spi.AuthNContext;
  import org.collectionspace.services.publicitem.PublicitemsCommon;
  import org.collectionspace.services.client.PublicItemClient;
@@ -87,7 +88,7 @@ public class PublicItemResource extends NuxeoBasedResource {
              @Context Request request,
              @Context UriInfo uriInfo,
              @PathParam("csid") String csid,
-            @PathParam(AuthNContext.TENANT_ID_PATH_PARAM) String tenantId) {
+            @PathParam(AuthN.TENANT_ID_PATH_PARAM) String tenantId) {
         Response result = null;
  
          try {
diff --git a/services/common/src/main/java/org/collectionspace/services/common/security/SecurityContextImpl.java b/services/common/src/main/java/org/collectionspace/services/common/security/SecurityContextImpl.java

index 7c6896f8ad3b8dc3c8decdc642182030b49e22b9..057b28bb061019021ecba0b8041bae5c2577e1da 100644 (file)
--- a/services/common/src/main/java/org/collectionspace/services/common/security/SecurityContextImpl.java
+++ b/services/common/src/main/java/org/collectionspace/services/common/security/SecurityContextImpl.java
@@ -49,7 +49,7 @@ public class SecurityContextImpl implements SecurityContext {
         String result = AuthN.get().getCurrentTenantId();
         
         String userId = AuthN.get().getUserId();
-        if (userId.equals(AuthNContext.ANONYMOUS_USER) == true) {
+        if (userId.equals(AuthN.ANONYMOUS_USER) == true) {
              //
              // If anonymous access is being attempted, then a tenant ID needs to be set as a query param
              //         
@@ -60,7 +60,7 @@ public class SecurityContextImpl implements SecurityContext {
                 }
                 
  //             String tenantId = uriInfo.getQueryParameters().getFirst(AuthNContext.TENANT_ID_QUERY_PARAM);
-               String tenantId = uriInfo.getPathParameters().getFirst(AuthNContext.TENANT_ID_PATH_PARAM);
+               String tenantId = uriInfo.getPathParameters().getFirst(AuthN.TENANT_ID_PATH_PARAM);
                 if (tenantId == null) {
                         String errMsg = String.format("Anonymous access to '%s' attempted without a valid tenant ID query paramter.",
                                         uriInfo.getPath());
diff --git a/services/common/src/main/java/org/collectionspace/services/common/security/SecurityUtils.java b/services/common/src/main/java/org/collectionspace/services/common/security/SecurityUtils.java

index 1c4e6f25fcc1af35c7478772231586a0a2b01061..ba942436a0e2259c201b877e168fa08ac753f593 100644 (file)
--- a/services/common/src/main/java/org/collectionspace/services/common/security/SecurityUtils.java
+++ b/services/common/src/main/java/org/collectionspace/services/common/security/SecurityUtils.java
@@ -36,12 +36,11 @@ import org.collectionspace.services.client.CollectionSpaceClient;
  import org.collectionspace.services.client.index.IndexClient;
  import org.collectionspace.services.client.workflow.WorkflowClient;
  import org.collectionspace.services.config.service.ServiceBindingType;
+import org.collectionspace.authentication.AuthN;
  
  import javax.ws.rs.core.MultivaluedMap;
  import javax.ws.rs.core.UriInfo;
  
-import org.collectionspace.authentication.AuthN;
-import org.collectionspace.authentication.spi.AuthNContext;
  import org.slf4j.Logger;
  import org.slf4j.LoggerFactory;
  import org.jboss.crypto.digest.DigestCallback;
@@ -55,7 +54,6 @@ import org.jboss.security.Base64Utils;
   */
  public class SecurityUtils {
  
-       private static final String ADMIN_TENANT_ID = "0";
      private static final Logger logger = LoggerFactory.getLogger(SecurityUtils.class);
      public static final String URI_PATH_SEPARATOR = "/";
      public static final int MIN_PASSWORD_LENGTH = 8;
@@ -293,12 +291,12 @@ public class SecurityUtils {
         try {
                 tenantId = AuthN.get().getCurrentTenantId();
         } catch (Throwable e) {
-               tenantId = ADMIN_TENANT_ID;
+               tenantId = AuthN.ADMIN_TENANT_ID;
         }
         
          if (tenantId != null) {
-            if (ADMIN_TENANT_ID.equals(tenantId) == true ||
-                       AuthNContext.ANONYMOUS_TENANT_ID.equals(tenantId)) {
+            if (AuthN.ADMIN_TENANT_ID.equals(tenantId) == true ||
+                       AuthN.ANONYMOUS_TENANT_ID.equals(tenantId)) {
                  result = true;
              }
          }
diff --git a/services/common/src/main/java/org/collectionspace/services/nuxeo/client/java/RemoteDocumentModelHandlerImpl.java b/services/common/src/main/java/org/collectionspace/services/nuxeo/client/java/RemoteDocumentModelHandlerImpl.java

index 8e09b2b2aba4e7360a6f3b9f23c496aaad21406c..d6b11a094cb0cce3817ec0e2dc14cd7558296d72 100644 (file)
--- a/services/common/src/main/java/org/collectionspace/services/nuxeo/client/java/RemoteDocumentModelHandlerImpl.java
+++ b/services/common/src/main/java/org/collectionspace/services/nuxeo/client/java/RemoteDocumentModelHandlerImpl.java
@@ -39,7 +39,7 @@ import javax.ws.rs.core.Response;
  import javax.ws.rs.core.UriInfo;
  import javax.xml.bind.JAXBElement;
  
-import org.collectionspace.authentication.spi.AuthNContext;
+import org.collectionspace.authentication.AuthN;
  import org.collectionspace.services.authorization.AccountPermission;
  import org.collectionspace.services.jaxb.AbstractCommonList;
  import org.collectionspace.services.lifecycle.TransitionDef;
@@ -65,7 +65,6 @@ import org.collectionspace.services.common.document.BadRequestException;
  import org.collectionspace.services.common.document.DocumentException;
  import org.collectionspace.services.common.document.DocumentUtils;
  import org.collectionspace.services.common.document.DocumentWrapper;
-import org.collectionspace.services.common.document.DocumentHandler.Action;
  import org.collectionspace.services.common.document.DocumentFilter;
  import org.collectionspace.services.client.IRelationsManager;
  import org.collectionspace.services.common.relation.RelationResource;
@@ -77,7 +76,6 @@ import org.collectionspace.services.common.api.RefNameUtils;
  import org.collectionspace.services.common.api.Tools;
  import org.collectionspace.services.common.vocabulary.RefNameServiceUtils;
  import org.collectionspace.services.common.vocabulary.RefNameServiceUtils.AuthRefConfigInfo;
-import org.collectionspace.services.common.vocabulary.RefNameServiceUtils.AuthorityItemSpecifier;
  import org.collectionspace.services.config.service.DocHandlerParams;
  import org.collectionspace.services.config.service.ListResultField;
  import org.collectionspace.services.config.service.ObjectPartType;
@@ -86,10 +84,10 @@ import org.collectionspace.services.relation.RelationsCommon;
  import org.collectionspace.services.relation.RelationsCommonList;
  import org.collectionspace.services.relation.RelationsDocListItem;
  import org.collectionspace.services.relation.RelationshipType;
+
  import org.dom4j.Element;
  import org.nuxeo.ecm.core.api.DocumentModel;
  import org.nuxeo.ecm.core.api.DocumentModelList;
-import org.nuxeo.ecm.core.api.DocumentNotFoundException;
  import org.nuxeo.ecm.core.api.impl.DataModelImpl;
  import org.nuxeo.ecm.core.api.model.DocumentPart;
  import org.nuxeo.ecm.core.api.model.Property;
@@ -367,7 +365,7 @@ public abstract class   RemoteDocumentModelHandlerImpl<T, TL>
          }
          
          String currentUser = ctx.getUserId();
-        if (currentUser.equalsIgnoreCase(AuthNContext.ANONYMOUS_USER) == false) {
+        if (currentUser.equalsIgnoreCase(AuthN.ANONYMOUS_USER) == false) {
                 addAccountPermissionsPart();
          }
      }
diff --git a/services/config/src/main/resources/instance1.xml b/services/config/src/main/resources/instance1.xml

index 5bfbcbe8118630dcd8a63b764b3419ea65f6e1f5..88781295acc5ab91f89459494ea49211030ef5c5 100644 (file)
--- a/services/config/src/main/resources/instance1.xml
+++ b/services/config/src/main/resources/instance1.xml
@@ -1,323 +1,453 @@
  <?xml version="1.0" encoding="UTF-8"?>
-<tenant:TenantBindingConfig xmlns:types="http://collectionspace.org/services/config/types"
+<service:cow xmlns:types="http://collectionspace.org/services/config/types"
   xmlns:service="http://collectionspace.org/services/config/service"
- xmlns:remoteclientconfig="http://collectionspace.org/services/config/remoteclientconfig"
- xmlns:tenant="http://collectionspace.org/services/config/tenant"
   xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
- xsi:schemaLocation="http://collectionspace.org/services/config/tenant file:/C:/dev/src/cspace/services/services/config/src/main/resources/tenant.xsd">
-       <tenant:tenantBinding id="ID000" name="name0" displayName="displayName0" version="0.1" createDisabled="false">
-               <tenant:repositoryDomain name="name1" storageName="storageName0" repositoryName="default" repositoryClient="nuxeo-java"/>
-               <tenant:repositoryDomain name="name2" storageName="storageName1" repositoryName="default" repositoryClient="nuxeo-java"/>
-               <tenant:binaryStorePath>123</tenant:binaryStorePath>
-               <tenant:properties>
-                       <types:item>
-                               <types:key>123</types:key>
-                               <types:value>123</types:value>
-                       </types:item>
-                       <types:item>
-                               <types:key>123</types:key>
-                               <types:value>123</types:value>
-                       </types:item>
-               </tenant:properties>
-               <tenant:properties>
-                       <types:item>
-                               <types:key>123</types:key>
-                               <types:value>123</types:value>
-                       </types:item>
-                       <types:item>
-                               <types:key>123</types:key>
-                               <types:value>123</types:value>
-                       </types:item>
-               </tenant:properties>
-               <tenant:remoteClientConfigurations>
-                       <tenant:remoteClientConfig>
-                               <tenant:name>123</tenant:name>
-                               <tenant:url>123</tenant:url>
-                               <tenant:user>123</tenant:user>
-                               <tenant:password>123</tenant:password>
-                               <tenant:tenantId>123</tenant:tenantId>
-                               <tenant:tenantName>123</tenant:tenantName>
-                               <tenant:ssl>123</tenant:ssl>
-                               <tenant:auth>123</tenant:auth>
-                       </tenant:remoteClientConfig>
-                       <tenant:remoteClientConfig>
-                               <tenant:name>123</tenant:name>
-                               <tenant:url>123</tenant:url>
-                               <tenant:user>123</tenant:user>
-                               <tenant:password>123</tenant:password>
-                               <tenant:tenantId>123</tenant:tenantId>
-                               <tenant:tenantName>123</tenant:tenantName>
-                               <tenant:ssl>123</tenant:ssl>
-                               <tenant:auth>123</tenant:auth>
-                       </tenant:remoteClientConfig>
-               </tenant:remoteClientConfigurations>
-               <tenant:serviceBindings name="name3" type="type0" version="0.1" supportsReplicating="false" requiresUniqueShortId="false">
-                       <service:uriPath>123</service:uriPath>
-                       <service:uriPath>123</service:uriPath>
-                       <service:object name="name4" version="0.1">
-                               <service:property>
-                                       <types:item>
-                                               <types:key>123</types:key>
-                                               <types:value>123</types:value>
-                                       </types:item>
-                                       <types:item>
-                                               <types:key>123</types:key>
-                                               <types:value>123</types:value>
-                                       </types:item>
-                               </service:property>
-                               <service:property>
-                                       <types:item>
-                                               <types:key>123</types:key>
-                                               <types:value>123</types:value>
-                                       </types:item>
-                                       <types:item>
-                                               <types:key>123</types:key>
-                                               <types:value>123</types:value>
-                                       </types:item>
-                               </service:property>
-                               <service:part id="ID001" control_group="External" versionable="false" auditable="false" label="label0" updated="2006-05-04T18:13:51.0" order="0">
-                                       <service:properties>
-                                       </service:properties>
-                                       <service:properties>
-                                       </service:properties>
-                                       <service:content contentType="contentType0">
-<!--                                           <service:xmlContent schemaLocation="schemaLocation0" namespaceURI="namespaceURI0">
-                                               </service:xmlContent>-->
-<!--                                           <service:contentLocation type="internalId" ref="http://www.oxygenxml.com/"/>-->
-                                               <service:binaryContent>123</service:binaryContent>
-                                       </service:content>
-                               </service:part>
-                               <service:part id="ID002" control_group="External" versionable="false" auditable="false" label="label1" updated="2006-05-04T18:13:51.0" order="0">
-                                       <service:properties>
-                                       </service:properties>
-                                       <service:properties>
-                                       </service:properties>
-                                       <service:content contentType="contentType1">
-<!--                                           <service:xmlContent schemaLocation="schemaLocation1" namespaceURI="namespaceURI1">
-                                               </service:xmlContent>-->
-                                               <service:contentLocation type="internalId" ref="http://www.oxygenxml.com/"/>
-<!--                                           <service:binaryContent>123</service:binaryContent>-->
-                                       </service:content>
-                               </service:part>
-                               <service:serviceHandler>123</service:serviceHandler>
-                       </service:object>
-                       <service:documentHandler>123</service:documentHandler>
-                       <service:DocHandlerParams>
-                               <service:classname>123</service:classname>
-                               <service:params>
-                                       <service:SchemaName>123</service:SchemaName>
-                                       <service:RefnameDisplayNameField>
-                                               <service:setter>123</service:setter>
-                                               <service:element>123</service:element>
-                                               <service:schema>123</service:schema>
-                                               <service:xpath>123</service:xpath>
-                                       </service:RefnameDisplayNameField>
-                                       <service:SupportsHierarchy>123</service:SupportsHierarchy>
-                                       <service:SupportsVersioning>123</service:SupportsVersioning>
-                                       <service:DublinCoreTitle>123</service:DublinCoreTitle>
-                                       <service:SummaryFields>123</service:SummaryFields>
-                                       <service:AbstractCommonListClassname>123</service:AbstractCommonListClassname>
-                                       <service:CommonListItemClassname>123</service:CommonListItemClassname>
-                                       <service:ListResultsItemMethodName>123</service:ListResultsItemMethodName>
-                                       <service:ListResultsFields>
-                                               <service:Extended>123</service:Extended>
-                                       </service:ListResultsFields>
-                               </service:params>
-                       </service:DocHandlerParams>
-                       <service:validatorHandler>123</service:validatorHandler>
-                       <service:validatorHandler>123</service:validatorHandler>
-                       <service:clientHandler>123</service:clientHandler>
-                       <service:disableAsserts>123</service:disableAsserts>
-                       <service:initHandler>
-                               <service:classname>123</service:classname>
-                               <service:params>
-                                       <service:field>
-                                       </service:field>
-                                       <service:field>
-                                       </service:field>
-                                       <service:property>
-                                               <service:key>123</service:key>
-                                               <service:value>123</service:value>
-                                       </service:property>
-                                       <service:property>
-                                               <service:key>123</service:key>
-                                               <service:value>123</service:value>
-                                       </service:property>
-                               </service:params>
-                       </service:initHandler>
-                       <service:initHandler>
-                               <service:classname>123</service:classname>
-                               <service:params>
-                                       <service:field>
-                                       </service:field>
-                                       <service:field>
-                                       </service:field>
-                                       <service:property>
-                                               <service:key>123</service:key>
-                                               <service:value>123</service:value>
-                                       </service:property>
-                                       <service:property>
-                                               <service:key>123</service:key>
-                                               <service:value>123</service:value>
-                                       </service:property>
-                               </service:params>
-                       </service:initHandler>
-                       <service:repositoryDomain>123</service:repositoryDomain>
-                       <service:repositoryWorkspaceId>123</service:repositoryWorkspaceId>
-                       <service:properties>
-                               <types:item>
-                                       <types:key>123</types:key>
-                                       <types:value>123</types:value>
-                               </types:item>
-                               <types:item>
-                                       <types:key>123</types:key>
-                                       <types:value>123</types:value>
-                               </types:item>
-                       </service:properties>
-                       <service:properties>
-                               <types:item>
-                                       <types:key>123</types:key>
-                                       <types:value>123</types:value>
-                               </types:item>
-                               <types:item>
-                                       <types:key>123</types:key>
-                                       <types:value>123</types:value>
-                               </types:item>
-                       </service:properties>
-               </tenant:serviceBindings>
-               <tenant:serviceBindings name="name5" type="type3" version="0.1" supportsReplicating="false" requiresUniqueShortId="false">
-                       <service:uriPath>123</service:uriPath>
-                       <service:uriPath>123</service:uriPath>
-                       <service:object name="name6" version="0.1">
-                               <service:property>
-                                       <types:item>
-                                               <types:key>123</types:key>
-                                               <types:value>123</types:value>
-                                       </types:item>
-                                       <types:item>
-                                               <types:key>123</types:key>
-                                               <types:value>123</types:value>
-                                       </types:item>
-                               </service:property>
-                               <service:property>
-                                       <types:item>
-                                               <types:key>123</types:key>
-                                               <types:value>123</types:value>
-                                       </types:item>
-                                       <types:item>
-                                               <types:key>123</types:key>
-                                               <types:value>123</types:value>
-                                       </types:item>
-                               </service:property>
-                               <service:part id="ID003" control_group="External" versionable="false" auditable="false" label="label2" updated="2006-05-04T18:13:51.0" order="0">
-                                       <service:properties>
-                                       </service:properties>
-                                       <service:properties>
-                                       </service:properties>
-                                       <service:content contentType="contentType2">
-<!--                                           <service:xmlContent schemaLocation="schemaLocation2" namespaceURI="namespaceURI2">
-                                               </service:xmlContent>-->
-<!--                                           <service:contentLocation type="internalId" ref="http://www.oxygenxml.com/"/>-->
-                                               <service:binaryContent>123</service:binaryContent>
-                                       </service:content>
-                               </service:part>
-                               <service:part id="ID004" control_group="External" versionable="false" auditable="false" label="label3" updated="2006-05-04T18:13:51.0" order="0">
-                                       <service:properties>
-                                       </service:properties>
-                                       <service:properties>
-                                       </service:properties>
-                                       <service:content contentType="contentType3">
-                                               <service:xmlContent schemaLocation="schemaLocation3" namespaceURI="namespaceURI3">
-                                               </service:xmlContent>
-<!--                                           <service:contentLocation type="internalId" ref="http://www.oxygenxml.com/"/>-->
-<!--                                           <service:binaryContent>123</service:binaryContent>-->
-                                       </service:content>
-                               </service:part>
-                               <service:serviceHandler>123</service:serviceHandler>
-                       </service:object>
-                       <service:documentHandler>123</service:documentHandler>
-                       <service:DocHandlerParams>
-                               <service:classname>123</service:classname>
-                               <service:params>
-                                       <service:SchemaName>123</service:SchemaName>
-                                       <service:RefnameDisplayNameField>
-                                               <service:setter>123</service:setter>
-                                               <service:element>123</service:element>
-                                               <service:schema>123</service:schema>
-                                               <service:xpath>123</service:xpath>
-                                       </service:RefnameDisplayNameField>
-                                       <service:SupportsHierarchy>123</service:SupportsHierarchy>
-                                       <service:SupportsVersioning>123</service:SupportsVersioning>
-                                       <service:DublinCoreTitle>123</service:DublinCoreTitle>
-                                       <service:SummaryFields>123</service:SummaryFields>
-                                       <service:AbstractCommonListClassname>123</service:AbstractCommonListClassname>
-                                       <service:CommonListItemClassname>123</service:CommonListItemClassname>
-                                       <service:ListResultsItemMethodName>123</service:ListResultsItemMethodName>
-                                       <service:ListResultsFields>
-                                               <service:Extended>123</service:Extended>
-                                       </service:ListResultsFields>
-                               </service:params>
-                       </service:DocHandlerParams>
-                       <service:validatorHandler>123</service:validatorHandler>
-                       <service:validatorHandler>123</service:validatorHandler>
-                       <service:clientHandler>123</service:clientHandler>
-                       <service:disableAsserts>123</service:disableAsserts>
-                       <service:initHandler>
-                               <service:classname>123</service:classname>
-                               <service:params>
-                                       <service:field>
-                                       </service:field>
-                                       <service:field>
-                                       </service:field>
-                                       <service:property>
-                                               <service:key>123</service:key>
-                                               <service:value>123</service:value>
-                                       </service:property>
-                                       <service:property>
-                                               <service:key>123</service:key>
-                                               <service:value>123</service:value>
-                                       </service:property>
-                               </service:params>
-                       </service:initHandler>
-                       <service:initHandler>
-                               <service:classname>123</service:classname>
-                               <service:params>
-                                       <service:field>
-                                       </service:field>
-                                       <service:field>
-                                       </service:field>
-                                       <service:property>
-                                               <service:key>123</service:key>
-                                               <service:value>123</service:value>
-                                       </service:property>
-                                       <service:property>
-                                               <service:key>123</service:key>
-                                               <service:value>123</service:value>
-                                       </service:property>
-                               </service:params>
-                       </service:initHandler>
-                       <service:repositoryDomain>123</service:repositoryDomain>
-                       <service:repositoryWorkspaceId>123</service:repositoryWorkspaceId>
-                       <service:properties>
-                               <types:item>
-                                       <types:key>123</types:key>
-                                       <types:value>123</types:value>
-                               </types:item>
-                               <types:item>
-                                       <types:key>123</types:key>
-                                       <types:value>123</types:value>
-                               </types:item>
-                       </service:properties>
-                       <service:properties>
-                               <types:item>
-                                       <types:key>123</types:key>
-                                       <types:value>123</types:value>
-                               </types:item>
-                               <types:item>
-                                       <types:key>123</types:key>
-                                       <types:value>123</types:value>
-                               </types:item>
-                       </service:properties>
-               </tenant:serviceBindings>
-       </tenant:tenantBinding>
-</tenant:TenantBindingConfig>
+ xsi:schemaLocation="http://collectionspace.org/services/config/service file:/C:/dev/src/cspace/services/services/config/src/main/resources/service.xsd" name="name0" type="type0" version="0.1" supportsReplicating="false" remoteClientConfigName="remoteClientConfigName0" requiresUniqueShortId="false">
+    <service:uriPath>123</service:uriPath>
+    <service:uriPath>123</service:uriPath>
+    <service:uriPath>123</service:uriPath>
+    <service:object name="name1" version="0.1">
+        <service:property>
+            <types:item>
+                <types:key>123</types:key>
+                <types:value>123</types:value>
+            </types:item>
+            <types:item>
+                <types:key>123</types:key>
+                <types:value>123</types:value>
+            </types:item>
+            <types:item>
+                <types:key>123</types:key>
+                <types:value>123</types:value>
+            </types:item>
+        </service:property>
+        <service:property>
+            <types:item>
+                <types:key>123</types:key>
+                <types:value>123</types:value>
+            </types:item>
+            <types:item>
+                <types:key>123</types:key>
+                <types:value>123</types:value>
+            </types:item>
+            <types:item>
+                <types:key>123</types:key>
+                <types:value>123</types:value>
+            </types:item>
+        </service:property>
+        <service:property>
+            <types:item>
+                <types:key>123</types:key>
+                <types:value>123</types:value>
+            </types:item>
+            <types:item>
+                <types:key>123</types:key>
+                <types:value>123</types:value>
+            </types:item>
+            <types:item>
+                <types:key>123</types:key>
+                <types:value>123</types:value>
+            </types:item>
+        </service:property>
+        <service:part id="ID000" control_group="External" versionable="false" auditable="false" label="label0" updated="2006-05-04T18:13:51.0" order="0">
+            <service:properties>
+                <types:item>
+                    <types:key>123</types:key>
+                    <types:value>123</types:value>
+                </types:item>
+                <types:item>
+                    <types:key>123</types:key>
+                    <types:value>123</types:value>
+                </types:item>
+                <types:item>
+                    <types:key>123</types:key>
+                    <types:value>123</types:value>
+                </types:item>
+            </service:properties>
+            <service:properties>
+                <types:item>
+                    <types:key>123</types:key>
+                    <types:value>123</types:value>
+                </types:item>
+                <types:item>
+                    <types:key>123</types:key>
+                    <types:value>123</types:value>
+                </types:item>
+                <types:item>
+                    <types:key>123</types:key>
+                    <types:value>123</types:value>
+                </types:item>
+            </service:properties>
+            <service:properties>
+                <types:item>
+                    <types:key>123</types:key>
+                    <types:value>123</types:value>
+                </types:item>
+                <types:item>
+                    <types:key>123</types:key>
+                    <types:value>123</types:value>
+                </types:item>
+                <types:item>
+                    <types:key>123</types:key>
+                    <types:value>123</types:value>
+                </types:item>
+            </service:properties>
+            <service:content contentType="contentType0">
+                <service:contentDigest algorithm="MD5" value="value0"/>
+                <service:contentLocation type="internalId" ref="http://www.oxygenxml.com/"/>
+                <service:partHandler>123</service:partHandler>
+            </service:content>
+        </service:part>
+        <service:part id="ID001" control_group="External" versionable="false" auditable="false" label="label1" updated="2006-05-04T18:13:51.0" order="0">
+            <service:properties>
+                <types:item>
+                    <types:key>123</types:key>
+                    <types:value>123</types:value>
+                </types:item>
+                <types:item>
+                    <types:key>123</types:key>
+                    <types:value>123</types:value>
+                </types:item>
+                <types:item>
+                    <types:key>123</types:key>
+                    <types:value>123</types:value>
+                </types:item>
+            </service:properties>
+            <service:properties>
+                <types:item>
+                    <types:key>123</types:key>
+                    <types:value>123</types:value>
+                </types:item>
+                <types:item>
+                    <types:key>123</types:key>
+                    <types:value>123</types:value>
+                </types:item>
+                <types:item>
+                    <types:key>123</types:key>
+                    <types:value>123</types:value>
+                </types:item>
+            </service:properties>
+            <service:properties>
+                <types:item>
+                    <types:key>123</types:key>
+                    <types:value>123</types:value>
+                </types:item>
+                <types:item>
+                    <types:key>123</types:key>
+                    <types:value>123</types:value>
+                </types:item>
+                <types:item>
+                    <types:key>123</types:key>
+                    <types:value>123</types:value>
+                </types:item>
+            </service:properties>
+            <service:content contentType="contentType1">
+                <service:contentDigest algorithm="MD5" value="value1"/>
+                <service:xmlContent schemaLocation="schemaLocation0" namespaceURI="namespaceURI0">
+                </service:xmlContent>
+                <service:partHandler>123</service:partHandler>
+            </service:content>
+        </service:part>
+        <service:part id="ID002" control_group="External" versionable="false" auditable="false" label="label2" updated="2006-05-04T18:13:51.0" order="0">
+            <service:properties>
+                <types:item>
+                    <types:key>123</types:key>
+                    <types:value>123</types:value>
+                </types:item>
+                <types:item>
+                    <types:key>123</types:key>
+                    <types:value>123</types:value>
+                </types:item>
+                <types:item>
+                    <types:key>123</types:key>
+                    <types:value>123</types:value>
+                </types:item>
+            </service:properties>
+            <service:properties>
+                <types:item>
+                    <types:key>123</types:key>
+                    <types:value>123</types:value>
+                </types:item>
+                <types:item>
+                    <types:key>123</types:key>
+                    <types:value>123</types:value>
+                </types:item>
+                <types:item>
+                    <types:key>123</types:key>
+                    <types:value>123</types:value>
+                </types:item>
+            </service:properties>
+            <service:properties>
+                <types:item>
+                    <types:key>123</types:key>
+                    <types:value>123</types:value>
+                </types:item>
+                <types:item>
+                    <types:key>123</types:key>
+                    <types:value>123</types:value>
+                </types:item>
+                <types:item>
+                    <types:key>123</types:key>
+                    <types:value>123</types:value>
+                </types:item>
+            </service:properties>
+            <service:content contentType="contentType2">
+                <service:contentDigest algorithm="MD5" value="value2"/>
+                <service:xmlContent schemaLocation="schemaLocation1" namespaceURI="namespaceURI1">
+                </service:xmlContent>
+                <service:partHandler>123</service:partHandler>
+            </service:content>
+        </service:part>
+        <service:serviceHandler>123</service:serviceHandler>
+    </service:object>
+    <service:documentHandler>123</service:documentHandler>
+    <service:DocHandlerParams>
+        <service:classname>123</service:classname>
+        <service:params>
+            <service:CacheControlConfigElement>
+                <service:CacheControlConfigList>
+                    <service:key>123</service:key>
+                    <service:private>123</service:private>
+                    <service:public>123</service:public>
+                    <service:noCache>123</service:noCache>
+                    <service:mustRevalidate>123</service:mustRevalidate>
+                    <service:proxyRevalidate>123</service:proxyRevalidate>
+                    <service:noStore>123</service:noStore>
+                    <service:noTransform>123</service:noTransform>
+                    <service:maxAge>123</service:maxAge>
+                    <service:sMaxAge>123</service:sMaxAge>
+                </service:CacheControlConfigList>
+                <service:CacheControlConfigList>
+                    <service:key>123</service:key>
+                    <service:private>123</service:private>
+                    <service:public>123</service:public>
+                    <service:noCache>123</service:noCache>
+                    <service:mustRevalidate>123</service:mustRevalidate>
+                    <service:proxyRevalidate>123</service:proxyRevalidate>
+                    <service:noStore>123</service:noStore>
+                    <service:noTransform>123</service:noTransform>
+                    <service:maxAge>123</service:maxAge>
+                    <service:sMaxAge>123</service:sMaxAge>
+                </service:CacheControlConfigList>
+                <service:CacheControlConfigList>
+                    <service:key>123</service:key>
+                    <service:private>123</service:private>
+                    <service:public>123</service:public>
+                    <service:noCache>123</service:noCache>
+                    <service:mustRevalidate>123</service:mustRevalidate>
+                    <service:proxyRevalidate>123</service:proxyRevalidate>
+                    <service:noStore>123</service:noStore>
+                    <service:noTransform>123</service:noTransform>
+                    <service:maxAge>123</service:maxAge>
+                    <service:sMaxAge>123</service:sMaxAge>
+                </service:CacheControlConfigList>
+            </service:CacheControlConfigElement>
+            <service:SchemaName>123</service:SchemaName>
+            <service:RefnameDisplayNameField>
+                <service:setter>123</service:setter>
+                <service:element>123</service:element>
+                <service:schema>123</service:schema>
+                <service:xpath>123</service:xpath>
+            </service:RefnameDisplayNameField>
+            <service:SupportsHierarchy>123</service:SupportsHierarchy>
+            <service:SupportsVersioning>123</service:SupportsVersioning>
+            <service:DublinCoreTitle>123</service:DublinCoreTitle>
+            <service:SummaryFields>123</service:SummaryFields>
+            <service:AbstractCommonListClassname>123</service:AbstractCommonListClassname>
+            <service:CommonListItemClassname>123</service:CommonListItemClassname>
+            <service:ListResultsItemMethodName>123</service:ListResultsItemMethodName>
+            <service:ListResultsFields>
+                <service:Extended>123</service:Extended>
+                <service:ListResultField>
+                    <service:setter>123</service:setter>
+                    <service:element>123</service:element>
+                    <service:schema>123</service:schema>
+                    <service:xpath>123</service:xpath>
+                </service:ListResultField>
+                <service:ListResultField>
+                    <service:setter>123</service:setter>
+                    <service:element>123</service:element>
+                    <service:schema>123</service:schema>
+                    <service:xpath>123</service:xpath>
+                </service:ListResultField>
+                <service:ListResultField>
+                    <service:setter>123</service:setter>
+                    <service:element>123</service:element>
+                    <service:schema>123</service:schema>
+                    <service:xpath>123</service:xpath>
+                </service:ListResultField>
+            </service:ListResultsFields>
+        </service:params>
+    </service:DocHandlerParams>
+    <service:AuthorityInstanceList>
+        <service:AuthorityInstance>
+            <service:web-url>123</service:web-url>
+            <service:title-ref>123</service:title-ref>
+            <service:title>123</service:title>
+        </service:AuthorityInstance>
+        <service:AuthorityInstance>
+            <service:web-url>123</service:web-url>
+            <service:title-ref>123</service:title-ref>
+            <service:title>123</service:title>
+        </service:AuthorityInstance>
+        <service:AuthorityInstance>
+            <service:web-url>123</service:web-url>
+            <service:title-ref>123</service:title-ref>
+            <service:title>123</service:title>
+        </service:AuthorityInstance>
+    </service:AuthorityInstanceList>
+    <service:validatorHandler>123</service:validatorHandler>
+    <service:validatorHandler>123</service:validatorHandler>
+    <service:validatorHandler>123</service:validatorHandler>
+    <service:clientHandler>123</service:clientHandler>
+    <service:disableAsserts>123</service:disableAsserts>
+    <service:initHandler>
+        <service:classname>123</service:classname>
+        <service:params>
+            <service:field>
+                <service:table>123</service:table>
+                <service:col>123</service:col>
+                <service:type>123</service:type>
+                <service:param>123</service:param>
+            </service:field>
+            <service:field>
+                <service:table>123</service:table>
+                <service:col>123</service:col>
+                <service:type>123</service:type>
+                <service:param>123</service:param>
+            </service:field>
+            <service:field>
+                <service:table>123</service:table>
+                <service:col>123</service:col>
+                <service:type>123</service:type>
+                <service:param>123</service:param>
+            </service:field>
+            <service:property>
+                <service:key>123</service:key>
+                <service:value>123</service:value>
+            </service:property>
+            <service:property>
+                <service:key>123</service:key>
+                <service:value>123</service:value>
+            </service:property>
+            <service:property>
+                <service:key>123</service:key>
+                <service:value>123</service:value>
+            </service:property>
+        </service:params>
+    </service:initHandler>
+    <service:initHandler>
+        <service:classname>123</service:classname>
+        <service:params>
+            <service:field>
+                <service:table>123</service:table>
+                <service:col>123</service:col>
+                <service:type>123</service:type>
+                <service:param>123</service:param>
+            </service:field>
+            <service:field>
+                <service:table>123</service:table>
+                <service:col>123</service:col>
+                <service:type>123</service:type>
+                <service:param>123</service:param>
+            </service:field>
+            <service:field>
+                <service:table>123</service:table>
+                <service:col>123</service:col>
+                <service:type>123</service:type>
+                <service:param>123</service:param>
+            </service:field>
+            <service:property>
+                <service:key>123</service:key>
+                <service:value>123</service:value>
+            </service:property>
+            <service:property>
+                <service:key>123</service:key>
+                <service:value>123</service:value>
+            </service:property>
+            <service:property>
+                <service:key>123</service:key>
+                <service:value>123</service:value>
+            </service:property>
+        </service:params>
+    </service:initHandler>
+    <service:initHandler>
+        <service:classname>123</service:classname>
+        <service:params>
+            <service:field>
+                <service:table>123</service:table>
+                <service:col>123</service:col>
+                <service:type>123</service:type>
+                <service:param>123</service:param>
+            </service:field>
+            <service:field>
+                <service:table>123</service:table>
+                <service:col>123</service:col>
+                <service:type>123</service:type>
+                <service:param>123</service:param>
+            </service:field>
+            <service:field>
+                <service:table>123</service:table>
+                <service:col>123</service:col>
+                <service:type>123</service:type>
+                <service:param>123</service:param>
+            </service:field>
+            <service:property>
+                <service:key>123</service:key>
+                <service:value>123</service:value>
+            </service:property>
+            <service:property>
+                <service:key>123</service:key>
+                <service:value>123</service:value>
+            </service:property>
+            <service:property>
+                <service:key>123</service:key>
+                <service:value>123</service:value>
+            </service:property>
+        </service:params>
+    </service:initHandler>
+    <service:repositoryDomain>123</service:repositoryDomain>
+    <service:repositoryWorkspaceId>123</service:repositoryWorkspaceId>
+    <service:properties>
+        <types:item>
+            <types:key>123</types:key>
+            <types:value>123</types:value>
+        </types:item>
+        <types:item>
+            <types:key>123</types:key>
+            <types:value>123</types:value>
+        </types:item>
+        <types:item>
+            <types:key>123</types:key>
+            <types:value>123</types:value>
+        </types:item>
+    </service:properties>
+    <service:properties>
+        <types:item>
+            <types:key>123</types:key>
+            <types:value>123</types:value>
+        </types:item>
+        <types:item>
+            <types:key>123</types:key>
+            <types:value>123</types:value>
+        </types:item>
+        <types:item>
+            <types:key>123</types:key>
+            <types:value>123</types:value>
+        </types:item>
+    </service:properties>
+    <service:properties>
+        <types:item>
+            <types:key>123</types:key>
+            <types:value>123</types:value>
+        </types:item>
+        <types:item>
+            <types:key>123</types:key>
+            <types:value>123</types:value>
+        </types:item>
+        <types:item>
+            <types:key>123</types:key>
+            <types:value>123</types:value>
+        </types:item>
+    </service:properties>
+</service:cow>
diff --git a/services/config/src/main/resources/service.xsd b/services/config/src/main/resources/service.xsd

index 6d46597503f27757c08c9fcfbd12353a8e18c9c5..8b63a326f430925896746d188333d8640a8234e2 100644 (file)
--- a/services/config/src/main/resources/service.xsd
+++ b/services/config/src/main/resources/service.xsd
@@ -29,17 +29,31 @@
      >
  
      <xs:import namespace="http://collectionspace.org/services/config/types" schemaLocation="types.xsd" />
+    
+    
+    <xs:element name="root" type="ServiceBindingType"></xs:element>
+    
  
      <xs:complexType name="ServiceBindingType">
          <xs:sequence>
              <!-- other URI paths using which this service binding could be accessed -->
              <xs:element name="uriPath" type="xs:string" minOccurs="0" maxOccurs="unbounded"/>
+            
              <!-- object representation served by the service -->
              <xs:element name="object" type="ServiceObjectType" minOccurs="1" maxOccurs="1"/>
+            
              <!-- document handler to be used to process the content (need to be in classpath) -->
              <xs:element name="documentHandler" type="xs:string" minOccurs="1" maxOccurs="1"/>
-
              <xs:element name="DocHandlerParams" type="DocHandlerParams" minOccurs="0" maxOccurs="1"/>
+            
+            <!-- optional instances definitions -->
+            <xs:element name="AuthorityInstanceList">
+                <xs:complexType>
+                    <xs:sequence>
+                        <xs:element name="AuthorityInstance" type="AuthorityInstanceType" minOccurs="1" maxOccurs="unbounded"></xs:element>
+                    </xs:sequence>
+                </xs:complexType>
+            </xs:element>
  
              <!-- validator handler(s) to be used to validate the content (need to be in classpath) -->
              <!-- validator handler is called for create (POST) and update (PUT) requests only -->
@@ -56,6 +70,7 @@
              <xs:element name="repositoryWorkspaceId" type="xs:string" minOccurs="0" maxOccurs="1"/>
              <xs:element name="properties" type="types:PropertyType" minOccurs="0" maxOccurs="unbounded"/>
          </xs:sequence>
+        
          <!-- name of the service, this is also the default URI path to access this service binding -->
          <xs:attribute name="name" type="xs:string" use="required"/>
          <xs:attribute name="type" type="xs:string" use="optional"/>
@@ -65,6 +80,31 @@
          <xs:attribute name="requiresUniqueShortId" type="xs:boolean" default="false"/>
      </xs:complexType>
  
+    <!-- Used for defining a vocabulary or authority instance and its terms -->
+    <xs:complexType name="AuthorityInstanceType">
+        <xs:sequence>
+            <xs:element name="web-url" type="xs:string" minOccurs="1" maxOccurs="1"></xs:element>
+            <xs:element name="title-ref" type="xs:string" minOccurs="1" maxOccurs="1"></xs:element>
+            <xs:element name="title" type="xs:string" minOccurs="1" maxOccurs="1"></xs:element>
+<!--            <xs:element ref="termList"/> -->
+        </xs:sequence>
+    </xs:complexType>
+        
+<!--
+    <xs:element name="termList">
+        <xs:complexType>
+            <xs:sequence>
+                <xs:element maxOccurs="unbounded" ref="term"/>
+            </xs:sequence>
+        </xs:complexType>
+    </xs:element>
+    <xs:element name="term">
+        <xs:complexType mixed="true">
+            <xs:attribute name="id" use="required" type="xs:NCName"/>
+        </xs:complexType>
+    </xs:element>
+-->
+    
      <!--
          ServiceObjectType defines the manifest for a collectionspace
          object.  includes properties of the object as well as manifests
author	remillet <remillet@yahoo.com>
	Sat, 28 Oct 2017 00:06:49 +0000 (17:06 -0700)
committer	remillet <remillet@yahoo.com>
	Sat, 28 Oct 2017 00:06:49 +0000 (17:06 -0700)
services/JaxRsServiceProvider/pom.xml		patch \| blob \| history
services/JaxRsServiceProvider/src/main/java/org/collectionspace/services/jaxrs/CSpaceResteasyBootstrap.java		patch \| blob \| history
services/account/service/pom.xml		patch \| blob \| history
services/account/service/src/main/java/org/collectionspace/services/account/AccountRoleSubResource.java		patch \| blob \| history
services/authentication/service/src/main/java/org/collectionspace/authentication/AuthN.java		patch \| blob \| history
services/authentication/service/src/main/java/org/collectionspace/authentication/spi/AuthNContext.java		patch \| blob \| history
services/authentication/service/src/main/java/org/collectionspace/authentication/spring/SpringAuthNContext.java		patch \| blob \| history
services/authorization-mgt/import/src/main/java/org/collectionspace/services/authorization/driver/AuthorizationSeedDriver.java		patch \| blob \| history
services/authorization-mgt/import/src/main/java/org/collectionspace/services/authorization/importer/AuthorizationGen.java		patch \| blob \| history
services/authorization/service/src/main/java/org/collectionspace/services/authorization/AuthZ.java		patch \| blob \| history
services/common/src/main/java/org/collectionspace/services/common/ServiceMain.java		patch \| blob \| history
services/common/src/main/java/org/collectionspace/services/common/authorization_mgt/AuthorizationCommon.java		patch \| blob \| history
services/common/src/main/java/org/collectionspace/services/common/authorization_mgt/AuthorizationRoleRel.java		patch \| blob \| history
services/common/src/main/java/org/collectionspace/services/common/context/AbstractServiceContextImpl.java		patch \| blob \| history
services/common/src/main/java/org/collectionspace/services/common/publicitem/PublicItemResource.java		patch \| blob \| history
services/common/src/main/java/org/collectionspace/services/common/security/SecurityContextImpl.java		patch \| blob \| history
services/common/src/main/java/org/collectionspace/services/common/security/SecurityUtils.java		patch \| blob \| history
services/common/src/main/java/org/collectionspace/services/nuxeo/client/java/RemoteDocumentModelHandlerImpl.java		patch \| blob \| history
services/config/src/main/resources/instance1.xml		patch \| blob \| history
services/config/src/main/resources/service.xsd		patch \| blob \| history