- public void doFilter(HttpSession httpSession,
- final HttpServletRequest request,
- final HttpServletResponse response,
- final FilterChain filterChain) throws IOException,
- ServletException {
-
- // Process basic auth
- String basicAuth = request.getHeader(HEADER_AUTHORIZATION);
- if (basicAuth != null) {
- CallbackHandler token = basicAuth(basicAuth);
- // FIXME Login
- // Authentication auth =
- // authenticationManager.authenticate(token);
- // SecurityContextHolder.getContext().setAuthentication(auth);
- // filterChain.doFilter(request, response);
- Subject subject;
- try {
- LoginContext lc = new LoginContext(
- KernelHeader.LOGIN_CONTEXT_USER, token);
- lc.login();
- subject = lc.getSubject();
- } catch (LoginException e) {
- throw new CmsException("Could not login", e);
- }
- try {
- Subject.doAs(subject,
- new PrivilegedExceptionAction<Void>() {
- public Void run() throws IOException,
- ServletException {
- filterChain.doFilter(request, response);
- return null;
- }
- });
- } catch (PrivilegedActionException e) {
- if (e.getCause() instanceof ServletException)
- throw (ServletException) e.getCause();
- else if (e.getCause() instanceof IOException)
- throw (IOException) e.getCause();
- else
- throw new CmsException("Unexpected exception",
- e.getCause());
- }
- return;
- }