1 package org
.argeo
.cms
.servlet
;
3 import java
.io
.IOException
;
7 import javax
.security
.auth
.login
.LoginContext
;
8 import javax
.security
.auth
.login
.LoginException
;
9 import javax
.servlet
.http
.HttpServletRequest
;
10 import javax
.servlet
.http
.HttpServletResponse
;
12 import org
.apache
.commons
.logging
.Log
;
13 import org
.apache
.commons
.logging
.LogFactory
;
14 import org
.argeo
.api
.NodeConstants
;
15 import org
.argeo
.cms
.auth
.HttpRequestCallbackHandler
;
16 import org
.argeo
.cms
.internal
.http
.HttpUtils
;
17 import org
.osgi
.framework
.Bundle
;
18 import org
.osgi
.framework
.FrameworkUtil
;
19 import org
.osgi
.service
.http
.context
.ServletContextHelper
;
22 * Default servlet context degrading to anonymous if the the sesison is not
25 public class CmsServletContext
extends ServletContextHelper
{
26 private final static Log log
= LogFactory
.getLog(CmsServletContext
.class);
27 // use CMS bundle for resources
28 private Bundle bundle
= FrameworkUtil
.getBundle(getClass());
30 public void init(Map
<String
, String
> properties
) {
34 public void destroy() {
39 public boolean handleSecurity(HttpServletRequest request
, HttpServletResponse response
) throws IOException
{
40 if (log
.isTraceEnabled())
41 HttpUtils
.logRequestHeaders(log
, request
);
44 lc
= new LoginContext(NodeConstants
.LOGIN_CONTEXT_USER
, new HttpRequestCallbackHandler(request
, response
));
46 } catch (LoginException e
) {
47 lc
= processUnauthorized(request
, response
);
48 if (log
.isTraceEnabled())
49 HttpUtils
.logResponseHeaders(log
, response
);
56 protected LoginContext
processUnauthorized(HttpServletRequest request
, HttpServletResponse response
) {
59 LoginContext lc
= new LoginContext(NodeConstants
.LOGIN_CONTEXT_ANONYMOUS
,
60 new HttpRequestCallbackHandler(request
, response
));
63 } catch (LoginException e1
) {
64 if (log
.isDebugEnabled())
65 log
.error("Cannot log in as anonymous", e1
);
71 public URL
getResource(String name
) {
72 return bundle
.getResource(name
);