package org.argeo.cms;
-import java.security.AccessControlContext;
import java.security.PrivilegedAction;
import java.util.HashMap;
-import java.util.Locale;
import java.util.Map;
-import java.util.ResourceBundle;
import javax.jcr.Node;
import javax.jcr.Property;
import javax.jcr.Session;
import javax.jcr.nodetype.NodeType;
import javax.security.auth.Subject;
+import javax.security.auth.login.CredentialNotFoundException;
+import javax.security.auth.login.LoginContext;
import javax.security.auth.login.LoginException;
-import javax.security.auth.x500.X500Principal;
-import javax.servlet.http.HttpServletRequest;
-import javax.servlet.http.HttpSession;
import org.apache.commons.logging.Log;
import org.apache.commons.logging.LogFactory;
import org.argeo.ArgeoException;
-import org.argeo.cms.auth.ArgeoLoginContext;
-import org.argeo.cms.auth.LoginRequiredException;
-import org.argeo.cms.i18n.Msg;
+import org.argeo.cms.auth.AuthConstants;
+import org.argeo.cms.auth.HttpRequestCallbackHandler;
+import org.argeo.eclipse.ui.specific.UiContext;
import org.argeo.jcr.JcrUtils;
import org.eclipse.rap.rwt.RWT;
import org.eclipse.rap.rwt.application.AbstractEntryPoint;
private final Log log = LogFactory.getLog(AbstractCmsEntryPoint.class);
private final Subject subject;
+ private LoginContext loginContext;
private final Repository repository;
private final String workspace;
this.workspace = workspace;
this.defaultPath = defaultPath;
this.factoryProperties = new HashMap<String, String>(factoryProperties);
-
- // load context from session
- HttpServletRequest httpRequest = RWT.getRequest();
- final HttpSession httpSession = httpRequest.getSession();
- AccessControlContext acc = (AccessControlContext) httpSession
- .getAttribute(KernelHeader.ACCESS_CONTROL_CONTEXT);
- if (acc != null
- && Subject.getSubject(acc).getPrincipals(X500Principal.class)
- .size() == 1)
- subject = Subject.getSubject(acc);
- else
- subject = new Subject();
+ subject = new Subject();
// Initial login
try {
- new ArgeoLoginContext(KernelHeader.LOGIN_CONTEXT_USER, subject)
- .login();
- } catch (LoginException e) {
- // if (log.isTraceEnabled())
- // log.trace("Cannot authenticate user", e);
+ loginContext = new LoginContext(AuthConstants.LOGIN_CONTEXT_USER,
+ subject, new HttpRequestCallbackHandler(
+ UiContext.getHttpRequest()));
+ loginContext.login();
+ } catch (CredentialNotFoundException e) {
try {
- new ArgeoLoginContext(KernelHeader.LOGIN_CONTEXT_ANONYMOUS,
- subject).login();
- } catch (LoginException eAnonymous) {
- throw new ArgeoException("Cannot initialize subject",
- eAnonymous);
+ loginContext = new LoginContext(
+ AuthConstants.LOGIN_CONTEXT_ANONYMOUS, subject);
+ loginContext.login();
+ } catch (LoginException e1) {
+ throw new ArgeoException("Cannot log as anonymous", e);
}
+ } catch (LoginException e) {
+ throw new ArgeoException("Cannot initialize subject", e);
}
- authChange();
+ authChange(loginContext);
jsExecutor = RWT.getClient().getService(JavaScriptExecutor.class);
browserNavigation = RWT.getClient().getService(BrowserNavigation.class);
@Override
protected final void createContents(final Composite parent) {
- getShell().getDisplay().setData(CmsView.KEY, this);
+ UiContext.setData(CmsView.KEY, this);
Subject.doAs(subject, new PrivilegedAction<Void>() {
@Override
public Void run() {
try {
- createUi(parent);
+ initUi(parent);
} catch (Exception e) {
throw new CmsException("Cannot create entrypoint contents",
e);
}
/** Create UI */
- protected abstract void createUi(Composite parent);
+ protected abstract void initUi(Composite parent);
/** Recreate UI after navigation or auth change */
protected abstract void refresh();
*/
protected Node getDefaultNode(Session session) throws RepositoryException {
if (!session.hasPermission(defaultPath, "read")) {
- if (session.getUserID().equals("anonymous"))
- throw new LoginRequiredException();
+ if (session.getUserID().equals(AuthConstants.ROLE_ANONYMOUS))
+ // TODO throw a special exception
+ throw new CmsException("Login required");
else
throw new CmsException("Unauthorized");
}
}
@Override
- public void authChange() {
+ public void logout() {
+ if (loginContext == null)
+ throw new CmsException("Login context should not be null");
+ try {
+ loginContext.logout();
+ LoginContext anonymousLc = new LoginContext(
+ AuthConstants.LOGIN_CONTEXT_ANONYMOUS, subject);
+ anonymousLc.login();
+ authChange(anonymousLc);
+ } catch (LoginException e) {
+ throw new CmsException("Cannot logout", e);
+ }
+ }
+
+ @Override
+ public void authChange(LoginContext loginContext) {
+ if (loginContext == null)
+ throw new CmsException("Login context cannot be null");
+ this.loginContext = loginContext;
Subject.doAs(subject, new PrivilegedAction<Void>() {
@Override
try {
node = session.getNode(currentPath);
} catch (Exception e) {
- try {
- // TODO find a less hacky way to log out
- new ArgeoLoginContext(
- KernelHeader.LOGIN_CONTEXT_ANONYMOUS,
- subject).logout();
- new ArgeoLoginContext(
- KernelHeader.LOGIN_CONTEXT_ANONYMOUS,
- subject).login();
- } catch (LoginException eAnonymous) {
- throw new ArgeoException(
- "Cannot reset to anonymous", eAnonymous);
- }
- JcrUtils.logoutQuietly(session);
+ logout();
session = repository.login(workspace);
navigateTo("~");
throw e;
});
}
-// @Override
-// public Object local(Msg msg) {
-// String key = msg.getId();
-// int lastDot = key.lastIndexOf('.');
-// String className = key.substring(0, lastDot);
-// String fieldName = key.substring(lastDot + 1);
-// Locale locale = RWT.getLocale();
-// ResourceBundle rb = ResourceBundle.getBundle(className, locale,
-// msg.getClassLoader());
-// return rb.getString(fieldName);
-// }
+ // @Override
+ // public Object local(Msg msg) {
+ // String key = msg.getId();
+ // int lastDot = key.lastIndexOf('.');
+ // String className = key.substring(0, lastDot);
+ // String fieldName = key.substring(lastDot + 1);
+ // Locale locale = RWT.getLocale();
+ // ResourceBundle rb = ResourceBundle.getBundle(className, locale,
+ // msg.getClassLoader());
+ // return rb.getString(fieldName);
+ // }
/** Sets the state of the entry point and retrieve the related JCR node. */
protected synchronized String setState(String newState) {