- Improve CMS login (HTTP session now supported)

[lgpl/argeo-commons.git] / org.argeo.cms / src / org / argeo / cms / AbstractCmsEntryPoint.java

diff --git a/org.argeo.cms/src/org/argeo/cms/AbstractCmsEntryPoint.java b/org.argeo.cms/src/org/argeo/cms/AbstractCmsEntryPoint.java
index 6722d7b86291051c61b39fc286f88d136ebc3a55..1e04bc050ac46922516c429f0c4c326fd50c5026 100644 (file)
--- a/org.argeo.cms/src/org/argeo/cms/AbstractCmsEntryPoint.java
+++ b/org.argeo.cms/src/org/argeo/cms/AbstractCmsEntryPoint.java
@@ -8,9 +8,14 @@ import javax.jcr.Repository;
 import javax.jcr.RepositoryException;
 import javax.jcr.Session;
 import javax.jcr.nodetype.NodeType;
+import javax.security.auth.Subject;
+import javax.security.auth.login.LoginException;
 
 import org.apache.commons.logging.Log;
 import org.apache.commons.logging.LogFactory;
+import org.argeo.ArgeoException;
+import org.argeo.cms.auth.ArgeoLoginContext;
+import org.argeo.cms.i18n.Msg;
 import org.argeo.jcr.JcrUtils;
 import org.eclipse.rap.rwt.RWT;
 import org.eclipse.rap.rwt.application.AbstractEntryPoint;
@@ -19,14 +24,13 @@ import org.eclipse.rap.rwt.client.service.BrowserNavigationEvent;
 import org.eclipse.rap.rwt.client.service.BrowserNavigationListener;
 import org.eclipse.swt.widgets.Display;
 import org.eclipse.swt.widgets.Shell;
-import org.springframework.security.core.context.SecurityContext;
-import org.springframework.security.core.context.SecurityContextHolder;
 
 /** Manages history and navigation */
-public abstract class AbstractCmsEntryPoint extends AbstractEntryPoint
-               implements CmsSession {
+abstract class AbstractCmsEntryPoint extends AbstractEntryPoint implements
+               CmsSession {
        private final Log log = LogFactory.getLog(AbstractCmsEntryPoint.class);
-       private static final String SPRING_SECURITY_CONTEXT_KEY = "SPRING_SECURITY_CONTEXT";
+
+       private Subject subject = new Subject();
 
        private Repository repository;
        private String workspace;
@@ -41,18 +45,25 @@ public abstract class AbstractCmsEntryPoint extends AbstractEntryPoint
        private BrowserNavigation history;
 
        public AbstractCmsEntryPoint(Repository repository, String workspace) {
-               if (SecurityContextHolder.getContext().getAuthentication() == null) {
-                       SecurityContext contextFromSessionObject = (SecurityContext) RWT
-                                       .getRequest().getSession()
-                                       .getAttribute(SPRING_SECURITY_CONTEXT_KEY);
-                       if (contextFromSessionObject != null)
-                               SecurityContextHolder.setContext(contextFromSessionObject);
-                       else
-                               logAsAnonymous();
-               }
-
                this.repository = repository;
                this.workspace = workspace;
+
+               // Initial login
+               Subject subject = new Subject();
+               try {
+                       new ArgeoLoginContext(KernelHeader.LOGIN_CONTEXT_USER, subject)
+                                       .login();
+               } catch (LoginException e) {
+                       if (log.isTraceEnabled())
+                               log.trace("Cannot authenticate user", e);
+                       try {
+                               new ArgeoLoginContext(KernelHeader.LOGIN_CONTEXT_ANONYMOUS,
+                                               subject).login();
+                       } catch (LoginException eAnonymous) {
+                               throw new ArgeoException("Cannot initialize subject",
+                                               eAnonymous);
+                       }
+               }
                authChange();
 
                history = RWT.getClient().getService(BrowserNavigation.class);
@@ -84,9 +95,6 @@ public abstract class AbstractCmsEntryPoint extends AbstractEntryPoint
        /** Recreate body UI */
        protected abstract void refreshBody();
 
-       /** Log as anonymous */
-       protected abstract void logAsAnonymous();
-
        /**
         * The node to return when no node was found (for authenticated users and
         * anonymous)
@@ -116,6 +124,11 @@ public abstract class AbstractCmsEntryPoint extends AbstractEntryPoint
                        history.pushState(state, state);
        }
 
+       @Override
+       public Subject getSubject() {
+               return subject;
+       }
+
        @Override
        public void authChange() {
                try {
@@ -124,8 +137,6 @@ public abstract class AbstractCmsEntryPoint extends AbstractEntryPoint
                                currentPath = node.getPath();
                        JcrUtils.logoutQuietly(session);
 
-                       if (SecurityContextHolder.getContext().getAuthentication() == null)
-                               logAsAnonymous();
                        session = repository.login(workspace);
                        if (currentPath != null)
                                node = session.getNode(currentPath);
@@ -209,15 +220,12 @@ public abstract class AbstractCmsEntryPoint extends AbstractEntryPoint
                                page = prefix;
                        } else {
                                node = getDefaultNode(session);
-                               if (state.equals("~"))
-                                       page = "";
-                               else
-                                       page = state;
+                               page = state;
                        }
 
                        if (log.isTraceEnabled())
-                               log.trace("page=" + page + ", node=" + node + ", state="
-                                               + state);
+                               log.trace("node=" + node + ", state=" + state + " (page="
+                                               + page);
 
                } catch (RepositoryException e) {
                        throw new CmsException("Cannot retrieve node", e);
@@ -240,9 +248,9 @@ public abstract class AbstractCmsEntryPoint extends AbstractEntryPoint
                return state;
        }
 
-       protected String getPage() {
-               return page;
-       }
+       // String getPage() {
+       // return page;
+       // }
 
        protected Throwable getException() {
                return exception;