2 * Copyright (C) 2007-2012 Argeo GmbH
4 * Licensed under the Apache License, Version 2.0 (the "License");
5 * you may not use this file except in compliance with the License.
6 * You may obtain a copy of the License at
8 * http://www.apache.org/licenses/LICENSE-2.0
10 * Unless required by applicable law or agreed to in writing, software
11 * distributed under the License is distributed on an "AS IS" BASIS,
12 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
13 * See the License for the specific language governing permissions and
14 * limitations under the License.
16 package org
.argeo
.security
.core
;
18 import javax
.security
.auth
.Subject
;
19 import javax
.security
.auth
.login
.LoginContext
;
20 import javax
.security
.auth
.login
.LoginException
;
22 import org
.apache
.commons
.logging
.Log
;
23 import org
.apache
.commons
.logging
.LogFactory
;
24 import org
.argeo
.ArgeoException
;
25 import org
.springframework
.security
.authentication
.AuthenticationManager
;
27 /** Provides base method for executing code with system authorization. */
28 public abstract class AbstractSystemExecution
{
29 private final static Log log
= LogFactory
30 .getLog(AbstractSystemExecution
.class);
31 // private AuthenticationManager authenticationManager;
32 private final Subject subject
= new Subject();
33 // private String systemAuthenticationKey;
35 private final String loginModule
= "SYSTEM";
37 /** Whether the current thread was authenticated by this component. */
38 // private ThreadLocal<Boolean> authenticatedBySelf = new
39 // ThreadLocal<Boolean>() {
40 // protected Boolean initialValue() {
46 * Authenticate the calling thread to the underlying
47 * {@link AuthenticationManager}
49 protected void authenticateAsSystem() {
51 LoginContext lc
= new LoginContext(loginModule
, subject
);
53 } catch (LoginException e
) {
54 throw new ArgeoException("Cannot login as system", e
);
56 // if (authenticatedBySelf.get())
58 // SecurityContext securityContext = SecurityContextHolder.getContext();
59 // Authentication currentAuth = securityContext.getAuthentication();
60 // if (currentAuth != null) {
61 // if (!(currentAuth instanceof SystemAuthentication))
62 // throw new ArgeoException(
63 // "System execution on an already authenticated thread: "
64 // + currentAuth + ", THREAD="
65 // + Thread.currentThread().getId());
69 // String key = systemAuthenticationKey != null ?
70 // systemAuthenticationKey
71 // : System.getProperty(
72 // SystemAuthentication.SYSTEM_KEY_PROPERTY,
73 // InternalAuthentication.SYSTEM_KEY_DEFAULT);
75 // throw new ArgeoException("No system key defined");
76 // if (authenticationManager == null)
77 // throw new ArgeoException("Authentication manager cannot be null.");
78 // Authentication auth = authenticationManager
79 // .authenticate(new InternalAuthentication(key));
80 // securityContext.setAuthentication(auth);
82 // authenticatedBySelf.set(true);
83 if (log
.isTraceEnabled())
84 log
.trace("System authenticated");
87 protected void deauthenticateAsSystem() {
89 LoginContext lc
= new LoginContext(loginModule
, subject
);
91 } catch (LoginException e
) {
92 throw new ArgeoException("Cannot logout as system", e
);
96 protected Subject
getSubject() {
101 // * Whether the current thread was authenticated by this component or a
104 // protected Boolean isAuthenticatedBySelf() {
105 // return authenticatedBySelf.get();
108 public void setAuthenticationManager(
109 AuthenticationManager authenticationManager
) {
110 log
.warn("Use of authenticationManager is deprecated, remove this property from the configuration.");
113 public void setSystemAuthenticationKey(String systemAuthenticationKey
) {
114 log
.warn("Use of systemAuthenticationKey is deprecated, remove this property from the configuration.");
115 // this.systemAuthenticationKey = systemAuthenticationKey;