]> git.argeo.org Git - lgpl/argeo-commons.git/blobdiff - org.argeo.security.ui.rap/src/org/argeo/security/ui/rap/AnonymousEntryPoint.java
Improve and simplify OSGi Boot
[lgpl/argeo-commons.git] / org.argeo.security.ui.rap / src / org / argeo / security / ui / rap / AnonymousEntryPoint.java
index 16d24897c7970f0d073bc227f2600c6af568af4f..04b6f0a9d38c08a9b02c854d82750a5a21df2ede 100644 (file)
@@ -18,14 +18,15 @@ package org.argeo.security.ui.rap;
 import java.security.PrivilegedAction;
 
 import javax.security.auth.Subject;
+import javax.security.auth.login.LoginContext;
 import javax.security.auth.login.LoginException;
 
 import org.apache.commons.logging.Log;
 import org.apache.commons.logging.LogFactory;
-import org.argeo.ArgeoException;
-import org.eclipse.equinox.security.auth.ILoginContext;
+import org.argeo.cms.CmsException;
+import org.argeo.cms.auth.AuthConstants;
 import org.eclipse.rap.rwt.RWT;
-import org.eclipse.rap.rwt.application.IEntryPoint;
+import org.eclipse.rap.rwt.application.EntryPoint;
 import org.eclipse.swt.widgets.Display;
 import org.eclipse.ui.PlatformUI;
 
@@ -33,39 +34,33 @@ import org.eclipse.ui.PlatformUI;
  * RAP entry point which authenticates the subject as anonymous, for public
  * unauthenticated access.
  */
-public class AnonymousEntryPoint implements IEntryPoint {
+public class AnonymousEntryPoint implements EntryPoint {
        private final static Log log = LogFactory.getLog(AnonymousEntryPoint.class);
 
        /**
         * How many seconds to wait before invalidating the session if the user has
         * not yet logged in.
         */
-       private Integer loginTimeout = 1 * 60;
-       private Integer sessionTimeout = 15 * 60;
+       private Integer sessionTimeout = 5 * 60;
 
        @Override
        public int createUI() {
-               // Short login timeout so that the modal dialog login doesn't hang
-               // around too long
-               RWT.getRequest().getSession().setMaxInactiveInterval(loginTimeout);
+               RWT.getRequest().getSession().setMaxInactiveInterval(sessionTimeout);
 
-               if (log.isDebugEnabled())
-                       log.debug("Anonymous THREAD=" + Thread.currentThread().getId()
-                                       + ", sessionStore=" + RWT.getSessionStore().getId());
+               // if (log.isDebugEnabled())
+               // log.debug("Anonymous THREAD=" + Thread.currentThread().getId()
+               // + ", sessionStore=" + RWT.getSessionStore().getId());
 
-               // create display
                final Display display = PlatformUI.createDisplay();
+               Subject subject = new Subject();
 
-               // log in
-               final ILoginContext loginContext = SecureRapActivator
-                               .createLoginContext(SecureRapActivator.CONTEXT_SPRING_ANONYMOUS);
-               Subject subject = null;
+               final LoginContext loginContext;
                try {
+                       loginContext = new LoginContext(AuthConstants.LOGIN_CONTEXT_ANONYMOUS,
+                                       subject);
                        loginContext.login();
-                       subject = loginContext.getSubject();
-               } catch (LoginException e) {
-                       throw new ArgeoException(
-                                       "Unexpected exception during authentication", e);
+               } catch (LoginException e1) {
+                       throw new CmsException("Cannot initialize login context", e1);
                }
 
                // identify after successful login
@@ -74,9 +69,6 @@ public class AnonymousEntryPoint implements IEntryPoint {
                final String username = subject.getPrincipals().iterator().next()
                                .getName();
 
-               // Once the user is logged in, she can have a longer session timeout
-               RWT.getRequest().getSession().setMaxInactiveInterval(sessionTimeout);
-
                // Logout callback when the display is disposed
                display.disposeExec(new Runnable() {
                        public void run() {
@@ -100,15 +92,17 @@ public class AnonymousEntryPoint implements IEntryPoint {
                                }
                        });
                        logout(loginContext, username);
+                       if (log.isTraceEnabled())
+                               log.trace("Return code " + returnCode);
                } finally {
                        display.dispose();
                }
-               return returnCode;
+               return 1;
        }
 
-       private void logout(ILoginContext secureContext, String username) {
+       private void logout(LoginContext loginContext, String username) {
                try {
-                       secureContext.logout();
+                       loginContext.logout();
                        log.info("Logged out " + (username != null ? username : "")
                                        + " (THREAD=" + Thread.currentThread().getId() + ")");
                } catch (LoginException e) {