Move OS to a dedicated package.

[lgpl/argeo-commons.git] / org.argeo.cms / src / org / argeo / cms / auth / DataAdminLoginModule.java

diff --git a/org.argeo.cms/src/org/argeo/cms/auth/DataAdminLoginModule.java b/org.argeo.cms/src/org/argeo/cms/auth/DataAdminLoginModule.java
index 5c7b64377cd80422c952f9b3e4d2662251d43e9a..50a8788344abc533eebace5cce92239bb7c0428a 100644 (file)
--- a/org.argeo.cms/src/org/argeo/cms/auth/DataAdminLoginModule.java
+++ b/org.argeo.cms/src/org/argeo/cms/auth/DataAdminLoginModule.java
@@ -7,14 +7,15 @@ import javax.security.auth.callback.CallbackHandler;
 import javax.security.auth.login.LoginException;
 import javax.security.auth.spi.LoginModule;
 
-import org.argeo.node.DataAdminPrincipal;
+import org.argeo.node.security.DataAdminPrincipal;
 
+/** Logs a system process as data admin */
 public class DataAdminLoginModule implements LoginModule {
        private Subject subject;
 
        @Override
-       public void initialize(Subject subject, CallbackHandler callbackHandler,
-                       Map<String, ?> sharedState, Map<String, ?> options) {
+       public void initialize(Subject subject, CallbackHandler callbackHandler, Map<String, ?> sharedState,
+                       Map<String, ?> options) {
                this.subject = subject;
        }
 
@@ -37,9 +38,7 @@ public class DataAdminLoginModule implements LoginModule {
 
        @Override
        public boolean logout() throws LoginException {
-               // remove ALL credentials (e.g. additional Jackrabbit credentials)
-               subject.getPrincipals().clear();
+               subject.getPrincipals().removeAll(subject.getPrincipals(DataAdminPrincipal.class));
                return true;
        }
-
 }