Continue finalising security. Fix issues with login in web.

[lgpl/argeo-commons.git] / org.argeo.cms / src / org / argeo / cms / auth / CurrentUser.java

diff --git a/org.argeo.cms/src/org/argeo/cms/auth/CurrentUser.java b/org.argeo.cms/src/org/argeo/cms/auth/CurrentUser.java
index bc438a255a6bcd445846c09c38cad8818b370fee..68848f7df7bc7b658efbd1b14fcb17f215f5a4ba 100644 (file)
--- a/org.argeo.cms/src/org/argeo/cms/auth/CurrentUser.java
+++ b/org.argeo.cms/src/org/argeo/cms/auth/CurrentUser.java
@@ -26,8 +26,8 @@ import javax.security.auth.x500.X500Principal;
 
 import org.argeo.cms.CmsException;
 import org.argeo.eclipse.ui.specific.UiContext;
-import org.argeo.node.NodeAuthenticated;
 import org.argeo.node.NodeConstants;
+import org.argeo.node.security.NodeAuthenticated;
 import org.osgi.service.useradmin.Authorization;
 
 /** Static utilities */
@@ -49,15 +49,16 @@ public final class CurrentUser {
        }
 
        public static boolean isAnonymous(Subject subject) {
+               if (subject == null)
+                       return true;
                String username = getUsername(subject);
-               return username == null
-                               || username.equalsIgnoreCase(NodeConstants.ROLE_ANONYMOUS);
+               return username == null || username.equalsIgnoreCase(NodeConstants.ROLE_ANONYMOUS);
        }
 
        private static Subject currentSubject() {
                NodeAuthenticated cmsView = getNodeAuthenticated();
                if (cmsView != null)
-                       return cmsView.getSubject();
+                       return cmsView.getLoginContext().getSubject();
                Subject subject = Subject.getSubject(AccessController.getContext());
                if (subject != null)
                        return subject;
@@ -73,10 +74,11 @@ public final class CurrentUser {
        }
 
        public final static String getUsername(Subject subject) {
+               if (subject == null)
+                       throw new CmsException("Subject cannot be null");
                if (subject.getPrincipals(X500Principal.class).size() != 1)
-                       return null;
-               Principal principal = subject.getPrincipals(X500Principal.class)
-                               .iterator().next();
+                       return NodeConstants.ROLE_ANONYMOUS;
+               Principal principal = subject.getPrincipals(X500Principal.class).iterator().next();
                return principal.getName();
        }
 
@@ -85,8 +87,7 @@ public final class CurrentUser {
        }
 
        private static Authorization getAuthorization(Subject subject) {
-               return subject.getPrivateCredentials(Authorization.class).iterator()
-                               .next();
+               return subject.getPrivateCredentials(Authorization.class).iterator().next();
        }
 
        public final static Set<String> roles() {
@@ -95,9 +96,7 @@ public final class CurrentUser {
 
        public final static Set<String> roles(Subject subject) {
                Set<String> roles = new HashSet<String>();
-               X500Principal userPrincipal = subject
-                               .getPrincipals(X500Principal.class).iterator().next();
-               roles.add(userPrincipal.getName());
+               roles.add(getUsername(subject));
                for (Principal group : subject.getPrincipals(Group.class)) {
                        roles.add(group.getName());
                }