package org.argeo.cms;
+import java.security.AccessControlContext;
+import java.security.PrivilegedAction;
import java.util.HashMap;
import java.util.Locale;
import java.util.Map;
import javax.jcr.nodetype.NodeType;
import javax.security.auth.Subject;
import javax.security.auth.login.LoginException;
+import javax.servlet.http.HttpServletRequest;
+import javax.servlet.http.HttpSession;
import org.apache.commons.logging.Log;
import org.apache.commons.logging.LogFactory;
implements CmsSession {
private final Log log = LogFactory.getLog(AbstractCmsEntryPoint.class);
- private final Subject subject = new Subject();
+ private final Subject subject;
private final Repository repository;
private final String workspace;
this.defaultPath = defaultPath;
this.factoryProperties = new HashMap<String, String>(factoryProperties);
+ // load context from session
+ HttpServletRequest httpRequest = RWT.getRequest();
+ final HttpSession httpSession = httpRequest.getSession();
+ AccessControlContext acc = (AccessControlContext) httpSession
+ .getAttribute(KernelHeader.ACCESS_CONTROL_CONTEXT);
+ if (acc != null)
+ subject = Subject.getSubject(acc);
+ else
+ subject = new Subject();
+
// Initial login
try {
new ArgeoLoginContext(KernelHeader.LOGIN_CONTEXT_USER, subject)
.login();
} catch (LoginException e) {
- if (log.isTraceEnabled())
- log.trace("Cannot authenticate user", e);
+ // if (log.isTraceEnabled())
+ // log.trace("Cannot authenticate user", e);
try {
new ArgeoLoginContext(KernelHeader.LOGIN_CONTEXT_ANONYMOUS,
subject).login();
}
@Override
- protected final void createContents(Composite parent) {
- try {
- getShell().getDisplay().setData(CmsSession.KEY, this);
-
- createUi(parent);
- } catch (Exception e) {
- throw new CmsException("Cannot create entrypoint contents", e);
- }
+ protected final void createContents(final Composite parent) {
+ getShell().getDisplay().setData(CmsSession.KEY, this);
+ Subject.doAs(subject, new PrivilegedAction<Void>() {
+ @Override
+ public Void run() {
+ try {
+ createUi(parent);
+ } catch (Exception e) {
+ throw new CmsException("Cannot create entrypoint contents",
+ e);
+ }
+ return null;
+ }
+ });
}
/** Create UI */
public void navigateTo(String state) {
exception = null;
String title = setState(state);
- refresh();
+ doRefresh();
if (browserNavigation != null)
browserNavigation.pushState(state, title);
}
@Override
public void authChange() {
- try {
- String currentPath = null;
- if (node != null)
- currentPath = node.getPath();
- JcrUtils.logoutQuietly(session);
+ Subject.doAs(subject, new PrivilegedAction<Void>() {
- session = repository.login(workspace);
- if (currentPath != null)
+ @Override
+ public Void run() {
try {
- node = session.getNode(currentPath);
- } catch (Exception e) {
- try {
- // TODO find a less hacky way to log out
- new ArgeoLoginContext(
- KernelHeader.LOGIN_CONTEXT_ANONYMOUS, subject)
- .logout();
- new ArgeoLoginContext(
- KernelHeader.LOGIN_CONTEXT_ANONYMOUS, subject)
- .login();
- } catch (LoginException eAnonymous) {
- throw new ArgeoException("Cannot reset to anonymous",
- eAnonymous);
- }
+ String currentPath = null;
+ if (node != null)
+ currentPath = node.getPath();
JcrUtils.logoutQuietly(session);
+
session = repository.login(workspace);
- navigateTo("~");
- throw e;
+ if (currentPath != null)
+ try {
+ node = session.getNode(currentPath);
+ } catch (Exception e) {
+ try {
+ // TODO find a less hacky way to log out
+ new ArgeoLoginContext(
+ KernelHeader.LOGIN_CONTEXT_ANONYMOUS,
+ subject).logout();
+ new ArgeoLoginContext(
+ KernelHeader.LOGIN_CONTEXT_ANONYMOUS,
+ subject).login();
+ } catch (LoginException eAnonymous) {
+ throw new ArgeoException(
+ "Cannot reset to anonymous", eAnonymous);
+ }
+ JcrUtils.logoutQuietly(session);
+ session = repository.login(workspace);
+ navigateTo("~");
+ throw e;
+ }
+
+ // refresh UI
+ doRefresh();
+ } catch (RepositoryException e) {
+ throw new CmsException("Cannot perform auth change", e);
}
+ return null;
+ }
- // refresh UI
- refresh();
- } catch (RepositoryException e) {
- throw new CmsException("Cannot perform auth change", e);
- }
+ });
}
@Override
- public void exception(Throwable e) {
- this.exception = e;
+ public void exception(final Throwable e) {
+ AbstractCmsEntryPoint.this.exception = e;
log.error("Unexpected exception in CMS", e);
- refresh();
+ doRefresh();
+ }
+
+ protected void doRefresh() {
+ Subject.doAs(subject, new PrivilegedAction<Void>() {
+ @Override
+ public Void run() {
+ refresh();
+ return null;
+ }
+ });
}
@Override