1 package org
.argeo
.cms
.spring
;
3 import java
.security
.AccessController
;
4 import java
.security
.PrivilegedAction
;
5 import java
.util
.ArrayList
;
8 import javax
.security
.auth
.Subject
;
10 import org
.eclipse
.gemini
.blueprint
.context
.DependencyInitializationAwareBeanPostProcessor
;
11 import org
.springframework
.beans
.BeansException
;
12 import org
.springframework
.beans
.factory
.support
.AbstractBeanFactory
;
13 import org
.springframework
.beans
.factory
.support
.SecurityContextProvider
;
14 import org
.springframework
.beans
.factory
.support
.SimpleSecurityContextProvider
;
15 import org
.springframework
.context
.ApplicationContext
;
16 import org
.springframework
.context
.ApplicationContextAware
;
19 * Executes with a system authentication the instantiation and initialization
20 * methods of the application context where it has been defined.
22 public class AuthenticatedApplicationContextInitialization
extends
23 AbstractSystemExecution
implements
24 DependencyInitializationAwareBeanPostProcessor
, ApplicationContextAware
{
25 /** If non empty, restricts to these beans */
26 private List
<String
> beanNames
= new ArrayList
<String
>();
28 public Object
postProcessBeforeInitialization(Object bean
, String beanName
)
29 throws BeansException
{
30 if (beanNames
.size() == 0 || beanNames
.contains(beanName
))
31 authenticateAsSystem();
35 public Object
postProcessAfterInitialization(Object bean
, String beanName
)
36 throws BeansException
{
37 if (beanNames
.size() == 0 || beanNames
.contains(beanName
))
38 deauthenticateAsSystem();
42 public void setBeanNames(List
<String
> beanNames
) {
43 this.beanNames
= beanNames
;
47 public void setApplicationContext(ApplicationContext applicationContext
)
48 throws BeansException
{
49 if (applicationContext
.getAutowireCapableBeanFactory() instanceof AbstractBeanFactory
) {
50 final AbstractBeanFactory beanFactory
= ((AbstractBeanFactory
) applicationContext
51 .getAutowireCapableBeanFactory());
52 // retrieve subject's access control context
53 // and set it as the bean factory security context
54 Subject
.doAs(getSubject(), new PrivilegedAction
<Void
>() {
57 SecurityContextProvider scp
= new SimpleSecurityContextProvider(
58 AccessController
.getContext());
59 beanFactory
.setSecurityContextProvider(scp
);