security/plugins/org.argeo.security.ui.rap/src/main/java/org/argeo/security/ui/rap/AnonymousEntryPoint.java

   1 /*
   2  * Copyright (C) 2007-2012 Mathieu Baudier
   3  *
   4  * Licensed under the Apache License, Version 2.0 (the "License");
   5  * you may not use this file except in compliance with the License.
   6  * You may obtain a copy of the License at
   7  *
   8  *         http://www.apache.org/licenses/LICENSE-2.0
   9  *
  10  * Unless required by applicable law or agreed to in writing, software
  11  * distributed under the License is distributed on an "AS IS" BASIS,
  12  * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
  13  * See the License for the specific language governing permissions and
  14  * limitations under the License.
  15  */
  16 package org.argeo.security.ui.rap;
  17
  18 import java.security.PrivilegedAction;
  19
  20 import javax.security.auth.Subject;
  21 import javax.security.auth.login.LoginException;
  22
  23 import org.apache.commons.logging.Log;
  24 import org.apache.commons.logging.LogFactory;
  25 import org.argeo.ArgeoException;
  26 import org.eclipse.equinox.security.auth.ILoginContext;
  27 import org.eclipse.rwt.RWT;
  28 import org.eclipse.rwt.lifecycle.IEntryPoint;
  29 import org.eclipse.swt.widgets.Display;
  30 import org.eclipse.ui.PlatformUI;
  31
  32 /**
  33  * RAP entry point which authenticates the subject as anonymous, for public
  34  * unauthenticated access.
  35  */
  36 public class AnonymousEntryPoint implements IEntryPoint {
  37         private final static Log log = LogFactory.getLog(AnonymousEntryPoint.class);
  38
  39         /**
  40          * How many seconds to wait before invalidating the session if the user has
  41          * not yet logged in.
  42          */
  43         private Integer loginTimeout = 1 * 60;
  44         private Integer sessionTimeout = 15 * 60;
  45
  46         @Override
  47         public int createUI() {
  48                 // Short login timeout so that the modal dialog login doesn't hang
  49                 // around too long
  50                 RWT.getRequest().getSession().setMaxInactiveInterval(loginTimeout);
  51
  52                 if (log.isDebugEnabled())
  53                         log.debug("Anonymous THREAD=" + Thread.currentThread().getId()
  54                                         + ", sessionStore=" + RWT.getSessionStore().getId());
  55
  56                 // create display
  57                 final Display display = PlatformUI.createDisplay();
  58
  59                 // log in
  60                 final ILoginContext loginContext = SecureRapActivator
  61                                 .createLoginContext(SecureRapActivator.CONTEXT_SPRING_ANONYMOUS);
  62                 Subject subject = null;
  63                 try {
  64                         loginContext.login();
  65                         subject = loginContext.getSubject();
  66                 } catch (LoginException e) {
  67                         throw new ArgeoException(
  68                                         "Unexpected exception during authentication", e);
  69                 }
  70
  71                 // identify after successful login
  72                 if (log.isDebugEnabled())
  73                         log.debug("Authenticated " + subject);
  74                 final String username = subject.getPrincipals().iterator().next()
  75                                 .getName();
  76
  77                 // Once the user is logged in, she can have a longer session timeout
  78                 RWT.getRequest().getSession().setMaxInactiveInterval(sessionTimeout);
  79
  80                 // Logout callback when the display is disposed
  81                 display.disposeExec(new Runnable() {
  82                         public void run() {
  83                                 log.debug("Display disposed");
  84                                 logout(loginContext, username);
  85                         }
  86                 });
  87
  88                 //
  89                 // RUN THE WORKBENCH
  90                 //
  91                 Integer returnCode = null;
  92                 try {
  93                         returnCode = Subject.doAs(subject, new PrivilegedAction<Integer>() {
  94                                 public Integer run() {
  95                                         RapWorkbenchAdvisor workbenchAdvisor = new RapWorkbenchAdvisor(
  96                                                         null);
  97                                         int result = PlatformUI.createAndRunWorkbench(display,
  98                                                         workbenchAdvisor);
  99                                         return new Integer(result);
 100                                 }
 101                         });
 102                         logout(loginContext, username);
 103                 } finally {
 104                         display.dispose();
 105                 }
 106                 return returnCode;
 107         }
 108
 109         private void logout(ILoginContext secureContext, String username) {
 110                 try {
 111                         secureContext.logout();
 112                         log.info("Logged out " + (username != null ? username : "")
 113                                         + " (THREAD=" + Thread.currentThread().getId() + ")");
 114                 } catch (LoginException e) {
 115                         log.error("Erorr when logging out", e);
 116                 }
 117         }
 118 }