- Improve CMS login (HTTP session now supported)

[lgpl/argeo-commons.git] / org.argeo.cms / src / org / argeo / cms / AbstractCmsEntryPoint.java

diff --git a/org.argeo.cms/src/org/argeo/cms/AbstractCmsEntryPoint.java b/org.argeo.cms/src/org/argeo/cms/AbstractCmsEntryPoint.java
index 49a7b98dfc4fe635665f608e67eaccefa21b209b..1e04bc050ac46922516c429f0c4c326fd50c5026 100644 (file)
--- a/org.argeo.cms/src/org/argeo/cms/AbstractCmsEntryPoint.java
+++ b/org.argeo.cms/src/org/argeo/cms/AbstractCmsEntryPoint.java
@@ -1,7 +1,5 @@
 package org.argeo.cms;
 
-import static org.argeo.cms.internal.kernel.KernelConstants.SPRING_SECURITY_CONTEXT_KEY;
-
 import java.util.Locale;
 import java.util.ResourceBundle;
 
@@ -10,10 +8,13 @@ import javax.jcr.Repository;
 import javax.jcr.RepositoryException;
 import javax.jcr.Session;
 import javax.jcr.nodetype.NodeType;
-import javax.servlet.http.HttpSession;
+import javax.security.auth.Subject;
+import javax.security.auth.login.LoginException;
 
 import org.apache.commons.logging.Log;
 import org.apache.commons.logging.LogFactory;
+import org.argeo.ArgeoException;
+import org.argeo.cms.auth.ArgeoLoginContext;
 import org.argeo.cms.i18n.Msg;
 import org.argeo.jcr.JcrUtils;
 import org.eclipse.rap.rwt.RWT;
@@ -23,14 +24,14 @@ import org.eclipse.rap.rwt.client.service.BrowserNavigationEvent;
 import org.eclipse.rap.rwt.client.service.BrowserNavigationListener;
 import org.eclipse.swt.widgets.Display;
 import org.eclipse.swt.widgets.Shell;
-import org.springframework.security.core.context.SecurityContext;
-import org.springframework.security.core.context.SecurityContextHolder;
 
 /** Manages history and navigation */
 abstract class AbstractCmsEntryPoint extends AbstractEntryPoint implements
                CmsSession {
        private final Log log = LogFactory.getLog(AbstractCmsEntryPoint.class);
 
+       private Subject subject = new Subject();
+
        private Repository repository;
        private String workspace;
        private Session session;
@@ -38,25 +39,31 @@ abstract class AbstractCmsEntryPoint extends AbstractEntryPoint implements
        // current state
        private Node node;
        private String state;
-       // private String page;
+       private String page;
        private Throwable exception;
 
        private BrowserNavigation history;
 
        public AbstractCmsEntryPoint(Repository repository, String workspace) {
-               if (SecurityContextHolder.getContext().getAuthentication() == null) {
-                       HttpSession httpSession = RWT.getRequest().getSession();
-                       // log.debug("Session: " + httpSession.getId());
-                       SecurityContext contextFromSessionObject = (SecurityContext) httpSession
-                                       .getAttribute(SPRING_SECURITY_CONTEXT_KEY);
-                       if (contextFromSessionObject != null)
-                               SecurityContextHolder.setContext(contextFromSessionObject);
-                       else
-                               logAsAnonymous();
-               }
-
                this.repository = repository;
                this.workspace = workspace;
+
+               // Initial login
+               Subject subject = new Subject();
+               try {
+                       new ArgeoLoginContext(KernelHeader.LOGIN_CONTEXT_USER, subject)
+                                       .login();
+               } catch (LoginException e) {
+                       if (log.isTraceEnabled())
+                               log.trace("Cannot authenticate user", e);
+                       try {
+                               new ArgeoLoginContext(KernelHeader.LOGIN_CONTEXT_ANONYMOUS,
+                                               subject).login();
+                       } catch (LoginException eAnonymous) {
+                               throw new ArgeoException("Cannot initialize subject",
+                                               eAnonymous);
+                       }
+               }
                authChange();
 
                history = RWT.getClient().getService(BrowserNavigation.class);
@@ -88,9 +95,6 @@ abstract class AbstractCmsEntryPoint extends AbstractEntryPoint implements
        /** Recreate body UI */
        protected abstract void refreshBody();
 
-       /** Log as anonymous */
-       protected abstract void logAsAnonymous();
-
        /**
         * The node to return when no node was found (for authenticated users and
         * anonymous)
@@ -120,6 +124,11 @@ abstract class AbstractCmsEntryPoint extends AbstractEntryPoint implements
                        history.pushState(state, state);
        }
 
+       @Override
+       public Subject getSubject() {
+               return subject;
+       }
+
        @Override
        public void authChange() {
                try {
@@ -128,8 +137,6 @@ abstract class AbstractCmsEntryPoint extends AbstractEntryPoint implements
                                currentPath = node.getPath();
                        JcrUtils.logoutQuietly(session);
 
-                       if (SecurityContextHolder.getContext().getAuthentication() == null)
-                               logAsAnonymous();
                        session = repository.login(workspace);
                        if (currentPath != null)
                                node = session.getNode(currentPath);
@@ -167,7 +174,7 @@ abstract class AbstractCmsEntryPoint extends AbstractEntryPoint implements
                String previousState = this.state;
 
                node = null;
-               // page = null;
+               page = null;
                this.state = newState;
 
                try {
@@ -177,7 +184,7 @@ abstract class AbstractCmsEntryPoint extends AbstractEntryPoint implements
                                        node = addNode(session, state, null);
                                else
                                        node = session.getNode(state);
-                               // page = "";
+                               page = "";
                        } else if (firstSlash > 0) {
                                String prefix = state.substring(0, firstSlash);
                                String path = state.substring(firstSlash);
@@ -210,19 +217,15 @@ abstract class AbstractCmsEntryPoint extends AbstractEntryPoint implements
                                                throw new CmsException("Data " + path
                                                                + " does not exist");
                                }
-                               throw new CmsException("Unsupported state prefix '" + prefix
-                                               + "'");
-                               // page = prefix;
+                               page = prefix;
                        } else {
                                node = getDefaultNode(session);
-                               // if (state.equals("~"))
-                               // page = "";
-                               // else
-                               // page = state;
+                               page = state;
                        }
 
                        if (log.isTraceEnabled())
-                               log.trace("node=" + node + ", state=" + state);
+                               log.trace("node=" + node + ", state=" + state + " (page="
+                                               + page);
 
                } catch (RepositoryException e) {
                        throw new CmsException("Cannot retrieve node", e);
@@ -245,7 +248,7 @@ abstract class AbstractCmsEntryPoint extends AbstractEntryPoint implements
                return state;
        }
 
-       // protected String getPage() {
+       // String getPage() {
        // return page;
        // }