- ClassLoader currentContextCl = Thread.currentThread().getContextClassLoader();
- Thread.currentThread().setContextClassLoader(RemoteAuthUtils.class.getClassLoader());
- try {
- return Subject.doAs(
- Subject.getSubject((AccessControlContext) req.getAttribute(AccessControlContext.class.getName())),
- new PrivilegedAction<T>() {
-
- @Override
- public T run() {
- return supplier.get();
- }
-
- });
- } finally {
- Thread.currentThread().setContextClassLoader(currentContextCl);
- }
- }
-
- public final static void configureRequestSecurity(RemoteAuthRequest req) {
- if (req.getAttribute(AccessControlContext.class.getName()) != null)
- throw new IllegalStateException("Request already authenticated.");
- AccessControlContext acc = AccessController.getContext();
- req.setAttribute(REMOTE_USER, CurrentUser.getUsername());
- req.setAttribute(AccessControlContext.class.getName(), acc);
- }
-
- public final static void clearRequestSecurity(RemoteAuthRequest req) {
- if (req.getAttribute(AccessControlContext.class.getName()) == null)
- throw new IllegalStateException("Cannot clear non-authenticated request.");
- req.setAttribute(REMOTE_USER, null);
- req.setAttribute(AccessControlContext.class.getName(), null);
+ CmsSession cmsSession = getCmsSession(req);
+ return CurrentSubject.callAs(cmsSession.getSubject(), () -> supplier.get());