X-Git-Url: http://git.argeo.org/?a=blobdiff_plain;ds=inline;f=legacy%2Forg.argeo.slc.spring%2Fsrc%2Forg%2Fargeo%2Fslc%2Fspring%2Fauth%2FAbstractSystemExecution.java;fp=legacy%2Forg.argeo.slc.spring%2Fsrc%2Forg%2Fargeo%2Fslc%2Fspring%2Fauth%2FAbstractSystemExecution.java;h=eb1d73155db6fdc360815b9d8a7cfa7346d98739;hb=6fc94d69efe089414ac9e63bde3efab1cbf7b7ca;hp=0000000000000000000000000000000000000000;hpb=b36c62642bd0db11b3133b369cc026fd4b7a1ec6;p=gpl%2Fargeo-slc.git

diff --git a/legacy/org.argeo.slc.spring/src/org/argeo/slc/spring/auth/AbstractSystemExecution.java b/legacy/org.argeo.slc.spring/src/org/argeo/slc/spring/auth/AbstractSystemExecution.java
new file mode 100644
index 000000000..eb1d73155
--- /dev/null
+++ b/legacy/org.argeo.slc.spring/src/org/argeo/slc/spring/auth/AbstractSystemExecution.java
@@ -0,0 +1,49 @@
+package org.argeo.slc.spring.auth;
+
+import javax.security.auth.Subject;
+import javax.security.auth.login.LoginContext;
+import javax.security.auth.login.LoginException;
+
+import org.apache.commons.logging.Log;
+import org.apache.commons.logging.LogFactory;
+import org.argeo.api.NodeConstants;
+import org.argeo.slc.SlcException;
+
+/** Provides base method for executing code with system authorization. */
+abstract class AbstractSystemExecution {
+	private final static Log log = LogFactory.getLog(AbstractSystemExecution.class);
+	private final Subject subject = new Subject();
+
+	/** Authenticate the calling thread */
+	protected void authenticateAsSystem() {
+		ClassLoader origClassLoader = Thread.currentThread().getContextClassLoader();
+		Thread.currentThread().setContextClassLoader(getClass().getClassLoader());
+		try {
+			LoginContext lc = new LoginContext(NodeConstants.LOGIN_CONTEXT_DATA_ADMIN, subject);
+			lc.login();
+		} catch (LoginException e) {
+			throw new SlcException("Cannot login as system", e);
+		} finally {
+			Thread.currentThread().setContextClassLoader(origClassLoader);
+		}
+		if (log.isTraceEnabled())
+			log.trace("System authenticated");
+	}
+
+	protected void deauthenticateAsSystem() {
+		ClassLoader origClassLoader = Thread.currentThread().getContextClassLoader();
+		Thread.currentThread().setContextClassLoader(getClass().getClassLoader());
+		try {
+			LoginContext lc = new LoginContext(NodeConstants.LOGIN_CONTEXT_DATA_ADMIN, subject);
+			lc.logout();
+		} catch (LoginException e) {
+			throw new SlcException("Cannot logout as system", e);
+		} finally {
+			Thread.currentThread().setContextClassLoader(origClassLoader);
+		}
+	}
+
+	protected Subject getSubject() {
+		return subject;
+	}
+}