cms/org.argeo.slc.spring/src/org/argeo/slc/spring/auth/AbstractSystemExecution.java

   1 package org.argeo.slc.spring.auth;
   2
   3 import javax.security.auth.Subject;
   4 import javax.security.auth.login.LoginContext;
   5 import javax.security.auth.login.LoginException;
   6
   7 import org.apache.commons.logging.Log;
   8 import org.apache.commons.logging.LogFactory;
   9 import org.argeo.api.NodeConstants;
  10 import org.argeo.slc.SlcException;
  11
  12 /** Provides base method for executing code with system authorization. */
  13 abstract class AbstractSystemExecution {
  14         private final static Log log = LogFactory.getLog(AbstractSystemExecution.class);
  15         private final Subject subject = new Subject();
  16
  17         /** Authenticate the calling thread */
  18         protected void authenticateAsSystem() {
  19                 ClassLoader origClassLoader = Thread.currentThread().getContextClassLoader();
  20                 Thread.currentThread().setContextClassLoader(getClass().getClassLoader());
  21                 try {
  22                         LoginContext lc = new LoginContext(NodeConstants.LOGIN_CONTEXT_DATA_ADMIN, subject);
  23                         lc.login();
  24                 } catch (LoginException e) {
  25                         throw new SlcException("Cannot login as system", e);
  26                 } finally {
  27                         Thread.currentThread().setContextClassLoader(origClassLoader);
  28                 }
  29                 if (log.isTraceEnabled())
  30                         log.trace("System authenticated");
  31         }
  32
  33         protected void deauthenticateAsSystem() {
  34                 ClassLoader origClassLoader = Thread.currentThread().getContextClassLoader();
  35                 Thread.currentThread().setContextClassLoader(getClass().getClassLoader());
  36                 try {
  37                         LoginContext lc = new LoginContext(NodeConstants.LOGIN_CONTEXT_DATA_ADMIN, subject);
  38                         lc.logout();
  39                 } catch (LoginException e) {
  40                         throw new SlcException("Cannot logout as system", e);
  41                 } finally {
  42                         Thread.currentThread().setContextClassLoader(origClassLoader);
  43                 }
  44         }
  45
  46         protected Subject getSubject() {
  47                 return subject;
  48         }
  49 }