security/plugins/org.argeo.security.ui.rap/src/main/java/org/argeo/security/ui/rap/SecureEntryPoint.java

   1 package org.argeo.security.ui.rap;
   2
   3 import java.security.PrivilegedAction;
   4
   5 import javax.security.auth.Subject;
   6 import javax.security.auth.login.LoginException;
   7
   8 import org.apache.commons.logging.Log;
   9 import org.apache.commons.logging.LogFactory;
  10 import org.eclipse.equinox.security.auth.ILoginContext;
  11 import org.eclipse.rwt.RWT;
  12 import org.eclipse.rwt.lifecycle.IEntryPoint;
  13 import org.eclipse.rwt.service.SessionStoreEvent;
  14 import org.eclipse.rwt.service.SessionStoreListener;
  15 import org.eclipse.swt.widgets.Display;
  16 import org.eclipse.ui.PlatformUI;
  17 import org.eclipse.ui.application.IWorkbenchWindowConfigurer;
  18 import org.eclipse.ui.application.WorkbenchAdvisor;
  19 import org.eclipse.ui.application.WorkbenchWindowAdvisor;
  20
  21 public class SecureEntryPoint implements IEntryPoint, SessionStoreListener {
  22         private final static Log log = LogFactory.getLog(SecureEntryPoint.class);
  23
  24         @Override
  25         public int createUI() {
  26                 // 15 mins session timeout
  27                 RWT.getRequest().getSession().setMaxInactiveInterval(15 * 60);
  28
  29                 if (log.isDebugEnabled())
  30                         log.debug("THREAD=" + Thread.currentThread().getId()
  31                                         + ", sessionStore=" + RWT.getSessionStore().getId());
  32
  33                 final ILoginContext loginContext = SecureRapActivator
  34                                 .createLoginContext();
  35                 Integer returnCode = null;
  36                 Display display = PlatformUI.createDisplay();
  37
  38                 Subject subject = null;
  39                 try {
  40                         loginContext.login();
  41                         subject = loginContext.getSubject();
  42                 } catch (LoginException e) {
  43                         log.error("Error when logging in.", e);
  44                         display.dispose();
  45                         RWT.getRequest().getSession().setMaxInactiveInterval(1);
  46                         try {
  47                                 Thread.sleep(2000);
  48                         } catch (InterruptedException e1) {
  49                                 // silent
  50                         }
  51                         return -1;
  52                 }
  53
  54                 // identify after successful login
  55                 if (log.isDebugEnabled())
  56                         log.debug("subject=" + subject);
  57                 final String username = subject.getPrincipals().iterator().next()
  58                                 .getName();
  59                 if (log.isDebugEnabled())
  60                         log.debug(username + " logged in");
  61                 display.disposeExec(new Runnable() {
  62                         public void run() {
  63                                 log.debug("Display disposed");
  64                                 logout(loginContext, username);
  65                                 // invalidate session
  66                                 RWT.getRequest().getSession().setMaxInactiveInterval(1);
  67                                 try {
  68                                         Thread.sleep(2000);
  69                                 } catch (InterruptedException e1) {
  70                                         // silent
  71                                 }
  72                         }
  73                 });
  74
  75                 try {
  76                         returnCode = (Integer) Subject.doAs(subject, getRunAction(display));
  77                         loginContext.logout();
  78                         return processReturnCode(returnCode);
  79                 } catch (Exception e) {
  80                         if (subject != null)
  81                                 logout(loginContext, username);
  82                         // RWT.getRequest().getSession().setMaxInactiveInterval(1);
  83                         log.error("Unexpected error", e);
  84                         // throw new ArgeoException("Cannot login", e);
  85                 } finally {
  86                         display.dispose();
  87                 }
  88                 return -1;
  89         }
  90
  91         static void logout(ILoginContext secureContext, String username) {
  92                 try {
  93                         secureContext.logout();
  94                         log.info("Logged out " + (username != null ? username : "")
  95                                         + " (THREAD=" + Thread.currentThread().getId() + ")");
  96                 } catch (LoginException e) {
  97                         log.error("Erorr when logging out", e);
  98                 }
  99         }
 100
 101         // static void closeWorkbench() {
 102         // final IWorkbench workbench;
 103         // try {
 104         // workbench = PlatformUI.getWorkbench();
 105         // } catch (Exception e) {
 106         // return;
 107         // }
 108         // if (workbench == null)
 109         // return;
 110         // final Display display = workbench.getDisplay();
 111         // if (display != null && !display.isDisposed())
 112         // display.syncExec(new Runnable() {
 113         //
 114         // public void run() {
 115         // if (!display.isDisposed())
 116         // workbench.close();
 117         // }
 118         // });
 119         //
 120         // if (log.isDebugEnabled())
 121         // log.debug("Workbench closed");
 122         // }
 123
 124         @SuppressWarnings("rawtypes")
 125         private PrivilegedAction getRunAction(final Display display) {
 126                 return new PrivilegedAction() {
 127                         public Object run() {
 128                                 int result = createAndRunWorkbench(display);
 129                                 return new Integer(result);
 130                         }
 131                 };
 132         }
 133
 134         protected Integer createAndRunWorkbench(Display display) {
 135                 return PlatformUI.createAndRunWorkbench(display,
 136                                 createWorkbenchAdvisor());
 137         }
 138
 139         protected Integer processReturnCode(Integer returnCode) {
 140                 return returnCode;
 141         }
 142
 143         protected WorkbenchAdvisor createWorkbenchAdvisor() {
 144                 return new SecureWorkbenchAdvisor() {
 145                         public WorkbenchWindowAdvisor createWorkbenchWindowAdvisor(
 146                                         IWorkbenchWindowConfigurer configurer) {
 147                                 return new RapSecureWorkbenchWindowAdvisor(configurer);
 148                         }
 149
 150                 };
 151         }
 152
 153         @Override
 154         public void beforeDestroy(SessionStoreEvent event) {
 155                 if (log.isDebugEnabled())
 156                         log.debug("RWT session " + event.getSessionStore().getId()
 157                                         + " about to be destroyed. THREAD="
 158                                         + Thread.currentThread().getId());
 159
 160         }
 161
 162 }