package org.argeo.cms.internal.auth;
import java.io.Serializable;
-import java.security.AccessControlContext;
-import java.security.AccessController;
-import java.security.PrivilegedAction;
import java.time.ZonedDateTime;
import java.util.ArrayList;
import java.util.Collections;
import java.util.Locale;
import java.util.Map;
import java.util.Objects;
-import java.util.Set;
import java.util.UUID;
import java.util.function.Consumer;
-import javax.crypto.SecretKey;
import javax.security.auth.Subject;
import javax.security.auth.login.LoginContext;
import javax.security.auth.login.LoginException;
import org.argeo.api.cms.CmsConstants;
import org.argeo.api.cms.CmsLog;
import org.argeo.api.cms.CmsSession;
+import org.argeo.api.uuid.UuidIdentified;
import org.argeo.cms.internal.runtime.CmsContextImpl;
-import org.osgi.framework.ServiceRegistration;
import org.osgi.service.useradmin.Authorization;
/** Default CMS session implementation. */
-public class CmsSessionImpl implements CmsSession, Serializable {
+public class CmsSessionImpl implements CmsSession, Serializable, UuidIdentified {
private static final long serialVersionUID = 1867719354246307225L;
-// private final static BundleContext bc = FrameworkUtil.getBundle(CmsSessionImpl.class).getBundleContext();
private final static CmsLog log = CmsLog.getLog(CmsSessionImpl.class);
- // private final Subject initialSubject;
- private transient AccessControlContext accessControlContext;
+ private transient Subject subject;
private final UUID uuid;
private final String localSessionId;
private Authorization authorization;
private ZonedDateTime end;
private final Locale locale;
- private ServiceRegistration<CmsSession> serviceRegistration;
-
private Map<String, Object> views = new HashMap<>();
private List<Consumer<CmsSession>> onCloseCallbacks = Collections.synchronizedList(new ArrayList<>());
this.creationTime = ZonedDateTime.now();
this.locale = locale;
- this.accessControlContext = Subject.doAs(initialSubject, new PrivilegedAction<AccessControlContext>() {
-
- @Override
- public AccessControlContext run() {
- return AccessController.getContext();
- }
-
- });
- // this.initialSubject = initialSubject;
+ this.subject = initialSubject;
this.localSessionId = localSessionId;
this.authorization = authorization;
if (authorization.getName() != null) {
try {
LoginContext lc;
if (isAnonymous()) {
- lc = new LoginContext(CmsAuth.LOGIN_CONTEXT_ANONYMOUS, getSubject());
+ lc = CmsAuth.ANONYMOUS.newLoginContext(getSubject());
} else {
- lc = new LoginContext(CmsAuth.LOGIN_CONTEXT_USER, getSubject());
+ lc = CmsAuth.USER.newLoginContext(getSubject());
}
lc.logout();
} catch (LoginException e) {
log.warn("Could not logout " + getSubject() + ": " + e);
} finally {
- accessControlContext = null;
+ subject = null;
}
log.debug("Closed " + this);
}
}
public Subject getSubject() {
- return Subject.getSubject(accessControlContext);
+ return subject;
}
- public Set<SecretKey> getSecretKeys() {
- checkValid();
- return getSubject().getPrivateCredentials(SecretKey.class);
- }
+// public Set<SecretKey> getSecretKeys() {
+// checkValid();
+// return getSubject().getPrivateCredentials(SecretKey.class);
+// }
@Override
public boolean isValid() {
}
@Override
- public UUID getUuid() {
+ public UUID uuid() {
return uuid;
}
views.put(uid, view);
}
+ /*
+ * OBJECT METHODS
+ */
+
+ @Override
+ public boolean equals(Object o) {
+ return UuidIdentified.equals(this, o);
+ }
+
+ @Override
+ public int hashCode() {
+ return UuidIdentified.hashCode(this);
+ }
+
+ @Override
public String toString() {
return "CMS Session " + userDn + " localId=" + localSessionId + ", uuid=" + uuid;
}