package org.argeo.cms.util;
+import static org.argeo.cms.KernelHeader.ACCESS_CONTROL_CONTEXT;
+import static org.argeo.cms.KernelHeader.LOGIN_CONTEXT_ANONYMOUS;
+import static org.argeo.cms.KernelHeader.LOGIN_CONTEXT_USER;
+
import java.io.IOException;
+import java.security.AccessController;
+import java.security.PrivilegedAction;
import javax.security.auth.Subject;
import javax.security.auth.callback.Callback;
import javax.security.auth.callback.UnsupportedCallbackException;
import javax.security.auth.login.LoginContext;
import javax.security.auth.login.LoginException;
+import javax.servlet.http.HttpServletRequest;
+import javax.servlet.http.HttpSession;
import org.argeo.cms.CmsException;
import org.argeo.cms.CmsMsg;
//
// LOGIN
//
- new ArgeoLoginContext(KernelHeader.LOGIN_CONTEXT_ANONYMOUS, subject)
- .logout();
+ new ArgeoLoginContext(LOGIN_CONTEXT_ANONYMOUS, subject).logout();
LoginContext loginContext = new ArgeoLoginContext(
- KernelHeader.LOGIN_CONTEXT_USER, subject, this);
+ LOGIN_CONTEXT_USER, subject, this);
loginContext.login();
+
+ // save context in session
+ final HttpSession httpSession = RWT.getRequest().getSession();
+ Subject.doAs(subject, new PrivilegedAction<Void>() {
+
+ @Override
+ public Void run() {
+ httpSession.setAttribute(ACCESS_CONTROL_CONTEXT,
+ AccessController.getContext());
+ return null;
+ }
+ });
} catch (LoginException e1) {
try {
- new ArgeoLoginContext(KernelHeader.LOGIN_CONTEXT_ANONYMOUS,
- subject).login();
+ new ArgeoLoginContext(LOGIN_CONTEXT_ANONYMOUS, subject).login();
} catch (LoginException e) {
throw new CmsException("Cannot authenticate anonymous", e1);
}
//
// LOGOUT
//
- new ArgeoLoginContext(KernelHeader.LOGIN_CONTEXT_USER, subject)
- .logout();
- new ArgeoLoginContext(KernelHeader.LOGIN_CONTEXT_ANONYMOUS, subject)
- .login();
+ new ArgeoLoginContext(LOGIN_CONTEXT_USER, subject).logout();
+ new ArgeoLoginContext(LOGIN_CONTEXT_ANONYMOUS, subject).login();
+
+ HttpServletRequest httpRequest = RWT.getRequest();
+ HttpSession httpSession = httpRequest.getSession();
+ httpSession.setAttribute(ACCESS_CONTROL_CONTEXT, null);
} catch (LoginException e1) {
throw new CmsException("Cannot authenticate anonymous", e1);
}