Make CMS production ready

[lgpl/argeo-commons.git] / org.argeo.security.jackrabbit / src / org / argeo / security / jackrabbit / SystemJackrabbitLoginModule.java

diff --git a/org.argeo.security.jackrabbit/src/org/argeo/security/jackrabbit/SystemJackrabbitLoginModule.java b/org.argeo.security.jackrabbit/src/org/argeo/security/jackrabbit/SystemJackrabbitLoginModule.java
index 9977938eccb4029dc6ec683a4e1796a4e0370452..c041d276dc1535ae086a8a045b6a62223d894619 100644 (file)
--- a/org.argeo.security.jackrabbit/src/org/argeo/security/jackrabbit/SystemJackrabbitLoginModule.java
+++ b/org.argeo.security.jackrabbit/src/org/argeo/security/jackrabbit/SystemJackrabbitLoginModule.java
@@ -11,7 +11,7 @@ import javax.security.auth.x500.X500Principal;
 
 import org.apache.jackrabbit.core.security.SecurityConstants;
 import org.apache.jackrabbit.core.security.principal.AdminPrincipal;
-import org.argeo.security.SystemAuth;
+import org.argeo.node.DataAdminPrincipal;
 
 public class SystemJackrabbitLoginModule implements LoginModule {
 
@@ -30,8 +30,8 @@ public class SystemJackrabbitLoginModule implements LoginModule {
 
        @Override
        public boolean commit() throws LoginException {
-               Set<SystemAuth> initPrincipal = subject
-                               .getPrincipals(SystemAuth.class);
+               Set<DataAdminPrincipal> initPrincipal = subject
+                               .getPrincipals(DataAdminPrincipal.class);
                if (!initPrincipal.isEmpty()) {
                        subject.getPrincipals().add(
                                        new AdminPrincipal(SecurityConstants.ADMIN_ID));
@@ -47,34 +47,6 @@ public class SystemJackrabbitLoginModule implements LoginModule {
                                        + userPrincipal);
 
                return true;
-
-               // Set<Principal> principals = subject.getPrincipals();
-               // if (principals.isEmpty()) {// system
-               // throw new LoginException("Subject must be pre-authenticated");
-               // // subject.getPrincipals().add(new AdminPrincipal("admin"));
-               // // return true;
-               // }
-               // boolean isAdmin = false;
-               // boolean isAnonymous = false;
-               // // FIXME make it more generic
-               // for (Principal principal : principals) {
-               // if (principal.getName().equalsIgnoreCase(
-               // "cn=admin,ou=roles,ou=node"))
-               // isAdmin = true;
-               // else if (principal.getName().equalsIgnoreCase(
-               // "cn=anonymous,ou=roles,ou=node"))
-               // isAnonymous = true;
-               // }
-               //
-               // if (isAnonymous && isAdmin)
-               // throw new LoginException("Cannot be admin and anonymous");
-               //
-               // // Add special Jackrabbit roles
-               // if (isAdmin)
-               // principals.add(new AdminPrincipal(SecurityConstants.ADMIN_ID));
-               // if (isAnonymous)// anonymous
-               // principals.add(new AnonymousPrincipal());
-               // return true;
        }
 
        @Override
@@ -84,14 +56,12 @@ public class SystemJackrabbitLoginModule implements LoginModule {
 
        @Override
        public boolean logout() throws LoginException {
-               Set<SystemAuth> initPrincipal = subject
-                               .getPrincipals(SystemAuth.class);
+               Set<DataAdminPrincipal> initPrincipal = subject
+                               .getPrincipals(DataAdminPrincipal.class);
                if (!initPrincipal.isEmpty()) {
                        subject.getPrincipals(AdminPrincipal.class);
                        return true;
                }
-               // subject.getPrincipals().removeAll(
-               // subject.getPrincipals(AdminPrincipal.class));
                return true;
        }
 }