X-Git-Url: http://git.argeo.org/?a=blobdiff_plain;ds=sidebyside;f=cms%2Forg.argeo.cms.integration%2Fsrc%2Forg%2Fargeo%2Fcms%2Fwebsocket%2FCmsWebSocketConfigurator.java;h=747afa4c10a1fe40dfb3b74024d22a1acd7372fd;hb=1795c9fbcacccf8289a573a787067f831bd7d1ee;hp=fc100e0e46475fdff2b085974229a64eb45e6c44;hpb=85b0dba06831dfca60d634b4591aec21d5d9f1af;p=gpl%2Fargeo-slc.git diff --git a/cms/org.argeo.cms.integration/src/org/argeo/cms/websocket/CmsWebSocketConfigurator.java b/cms/org.argeo.cms.integration/src/org/argeo/cms/websocket/CmsWebSocketConfigurator.java index fc100e0e4..747afa4c1 100644 --- a/cms/org.argeo.cms.integration/src/org/argeo/cms/websocket/CmsWebSocketConfigurator.java +++ b/cms/org.argeo.cms.integration/src/org/argeo/cms/websocket/CmsWebSocketConfigurator.java @@ -1,116 +1,86 @@ package org.argeo.cms.websocket; -import java.security.AccessController; -import java.security.PrivilegedAction; -import java.util.List; - -import javax.security.auth.Subject; -import javax.security.auth.login.LoginContext; -import javax.websocket.Extension; -import javax.websocket.HandshakeResponse; -import javax.websocket.server.HandshakeRequest; -import javax.websocket.server.ServerEndpointConfig; -import javax.websocket.server.ServerEndpointConfig.Configurator; - -import org.apache.commons.logging.Log; -import org.apache.commons.logging.LogFactory; -import org.argeo.api.NodeConstants; -import org.argeo.cms.auth.HttpRequestCallbackHandler; -import org.argeo.cms.auth.HttpSession; -import org.argeo.cms.servlet.ServletHttpSession; -import org.osgi.service.http.context.ServletContextHelper; - -/** Customises the initialisation of a new web socket. */ -public class CmsWebSocketConfigurator extends Configurator { - public final static String WEBSOCKET_SUBJECT = "org.argeo.cms.websocket.subject"; - - private final static Log log = LogFactory.getLog(CmsWebSocketConfigurator.class); - final static String HEADER_WWW_AUTHENTICATE = "WWW-Authenticate"; - - @Override - public boolean checkOrigin(String originHeaderValue) { - return true; - } - - @Override - public T getEndpointInstance(Class endpointClass) throws InstantiationException { - try { - return endpointClass.getDeclaredConstructor().newInstance(); - } catch (Exception e) { - throw new IllegalArgumentException("Cannot get endpoint instance", e); - } - } - - @Override - public List getNegotiatedExtensions(List installed, List requested) { - return requested; - } - - @Override - public String getNegotiatedSubprotocol(List supported, List requested) { - if ((requested == null) || (requested.size() == 0)) - return ""; - if ((supported == null) || (supported.isEmpty())) - return ""; - for (String possible : requested) { - if (possible == null) - continue; - if (supported.contains(possible)) - return possible; - } - return ""; - } - - @Override - public void modifyHandshake(ServerEndpointConfig sec, HandshakeRequest request, HandshakeResponse response) { - - HttpSession httpSession = new ServletHttpSession((javax.servlet.http.HttpSession) request.getHttpSession()); - if (log.isDebugEnabled() && httpSession != null) - log.debug("Web socket HTTP session id: " + httpSession.getId()); - - if (httpSession == null) { - rejectResponse(response, null); - } - try { - LoginContext lc = new LoginContext(NodeConstants.LOGIN_CONTEXT_USER, - new HttpRequestCallbackHandler(httpSession)); - lc.login(); - if (log.isDebugEnabled()) - log.debug("Web socket logged-in as " + lc.getSubject()); - Subject.doAs(lc.getSubject(), new PrivilegedAction() { - - @Override - public Void run() { - sec.getUserProperties().put(ServletContextHelper.REMOTE_USER, AccessController.getContext()); - return null; - } - - }); - } catch (Exception e) { - rejectResponse(response, e); - } - } - - /** - * Behaviour when the web socket could not be authenticated. Throws an - * {@link IllegalStateException} by default. - * - * @param e can be null - */ - protected void rejectResponse(HandshakeResponse response, Exception e) { - // violent implementation, as suggested in - // https://stackoverflow.com/questions/21763829/jsr-356-how-to-abort-a-websocket-connection-during-the-handshake -// throw new IllegalStateException("Web socket cannot be authenticated"); - } -} - -//if (!webServerConfig.isEmpty()) { -//webServerConfig.put("customizer.class", KernelConstants.CMS_JETTY_CUSTOMIZER_CLASS); +/** Disabled until third party issues are solved.. Customises the initialisation of a new web socket. */ +public class CmsWebSocketConfigurator { +//extends Configurator { +// public final static String WEBSOCKET_SUBJECT = "org.argeo.cms.websocket.subject"; +// +// private final static CmsLog log = CmsLog.getLog(CmsWebSocketConfigurator.class); +// final static String HEADER_WWW_AUTHENTICATE = "WWW-Authenticate"; +// +// @Override +// public boolean checkOrigin(String originHeaderValue) { +// return true; +// } +// +// @Override +// public T getEndpointInstance(Class endpointClass) throws InstantiationException { +// try { +// return endpointClass.getDeclaredConstructor().newInstance(); +// } catch (Exception e) { +// throw new IllegalArgumentException("Cannot get endpoint instance", e); +// } +// } +// +// @Override +// public List getNegotiatedExtensions(List installed, List requested) { +// return requested; +// } +// +// @Override +// public String getNegotiatedSubprotocol(List supported, List requested) { +// if ((requested == null) || (requested.size() == 0)) +// return ""; +// if ((supported == null) || (supported.isEmpty())) +// return ""; +// for (String possible : requested) { +// if (possible == null) +// continue; +// if (supported.contains(possible)) +// return possible; +// } +// return ""; +// } // -//// TODO centralise with Jetty extender -//Object webSocketEnabled = webServerConfig.get(InternalHttpConstants.WEBSOCKET_ENABLED); -//if (webSocketEnabled != null && webSocketEnabled.toString().equals("true")) { -// bc.registerService(ServerEndpointConfig.Configurator.class, new CmsWebSocketConfigurator(), null); -// webServerConfig.put(InternalHttpConstants.WEBSOCKET_ENABLED, "true"); -//} -//} +// @Override +// public void modifyHandshake(ServerEndpointConfig sec, HandshakeRequest request, HandshakeResponse response) { +// +// RemoteAuthSession httpSession = new ServletHttpSession((javax.servlet.http.HttpSession) request.getHttpSession()); +// if (log.isDebugEnabled() && httpSession != null) +// log.debug("Web socket HTTP session id: " + httpSession.getId()); +// +// if (httpSession == null) { +// rejectResponse(response, null); +// } +// try { +// LoginContext lc = new LoginContext(CmsAuth.LOGIN_CONTEXT_USER, +// new RemoteAuthCallbackHandler(httpSession)); +// lc.login(); +// if (log.isDebugEnabled()) +// log.debug("Web socket logged-in as " + lc.getSubject()); +// Subject.doAs(lc.getSubject(), new PrivilegedAction() { +// +// @Override +// public Void run() { +// sec.getUserProperties().put(ServletContextHelper.REMOTE_USER, AccessController.getContext()); +// return null; +// } +// +// }); +// } catch (Exception e) { +// rejectResponse(response, e); +// } +// } +// +// /** +// * Behaviour when the web socket could not be authenticated. Throws an +// * {@link IllegalStateException} by default. +// * +// * @param e can be null +// */ +// protected void rejectResponse(HandshakeResponse response, Exception e) { +// // violent implementation, as suggested in +// // https://stackoverflow.com/questions/21763829/jsr-356-how-to-abort-a-websocket-connection-during-the-handshake +//// throw new IllegalStateException("Web socket cannot be authenticated"); +// } +}