X-Git-Url: http://git.argeo.org/?a=blobdiff_plain;ds=sidebyside;f=org.argeo.security.ui.rap%2Fsrc%2Forg%2Fargeo%2Fsecurity%2Fui%2Frap%2FSecureEntryPoint.java;h=a42fc2a8fff90356bd47e81f6f4b42da1b9ab0e0;hb=a1d862e4ef6221ebc91fcccea688d66504020365;hp=c27fbc70e4dda02e09b089cf764dad9588d945fe;hpb=86140b8db15a11cfd942892eface6a4f90329a41;p=lgpl%2Fargeo-commons.git diff --git a/org.argeo.security.ui.rap/src/org/argeo/security/ui/rap/SecureEntryPoint.java b/org.argeo.security.ui.rap/src/org/argeo/security/ui/rap/SecureEntryPoint.java index c27fbc70e..a42fc2a8f 100644 --- a/org.argeo.security.ui.rap/src/org/argeo/security/ui/rap/SecureEntryPoint.java +++ b/org.argeo.security.ui.rap/src/org/argeo/security/ui/rap/SecureEntryPoint.java @@ -15,14 +15,12 @@ */ package org.argeo.security.ui.rap; -import static org.argeo.cms.KernelHeader.ACCESS_CONTROL_CONTEXT; - import java.security.AccessControlContext; import java.security.AccessController; import java.security.PrivilegedAction; import javax.security.auth.Subject; -import javax.security.auth.callback.CallbackHandler; +import javax.security.auth.login.CredentialNotFoundException; import javax.security.auth.login.FailedLoginException; import javax.security.auth.login.LoginContext; import javax.security.auth.login.LoginException; @@ -33,11 +31,10 @@ import javax.servlet.http.HttpSession; import org.apache.commons.logging.Log; import org.apache.commons.logging.LogFactory; import org.argeo.ArgeoException; -import org.argeo.cms.KernelHeader; -import org.argeo.cms.auth.ArgeoLoginContext; +import org.argeo.cms.auth.AuthConstants; +import org.argeo.cms.auth.ThreadDeathLoginException; import org.argeo.cms.widgets.auth.DefaultLoginDialog; import org.argeo.eclipse.ui.dialogs.ErrorFeedback; -import org.argeo.util.LocaleUtils; import org.eclipse.jface.dialogs.MessageDialog; import org.eclipse.rap.rwt.RWT; import org.eclipse.rap.rwt.application.EntryPoint; @@ -50,6 +47,7 @@ import org.eclipse.ui.PlatformUI; * subject. */ public class SecureEntryPoint implements EntryPoint { + final static String ACCESS_CONTROL_CONTEXT = "org.argeo.node.accessControlContext"; private final static Log log = LogFactory.getLog(SecureEntryPoint.class); /** @@ -78,7 +76,7 @@ public class SecureEntryPoint implements EntryPoint { HttpServletRequest httpRequest = RWT.getRequest(); final HttpSession httpSession = httpRequest.getSession(); AccessControlContext acc = (AccessControlContext) httpSession - .getAttribute(KernelHeader.ACCESS_CONTROL_CONTEXT); + .getAttribute(ACCESS_CONTROL_CONTEXT); final Subject subject; if (acc != null @@ -89,11 +87,12 @@ public class SecureEntryPoint implements EntryPoint { subject = new Subject(); final LoginContext loginContext; + DefaultLoginDialog callbackHandler; try { - CallbackHandler callbackHandler = new DefaultLoginDialog( + callbackHandler = new DefaultLoginDialog( display.getActiveShell()); - loginContext = new ArgeoLoginContext( - KernelHeader.LOGIN_CONTEXT_USER, subject, + loginContext = new LoginContext( + AuthConstants.LOGIN_CONTEXT_USER, subject, callbackHandler); } catch (LoginException e1) { throw new ArgeoException("Cannot initialize login context", e1); @@ -106,9 +105,9 @@ public class SecureEntryPoint implements EntryPoint { throw new ArgeoException("Login succeeded but no auth");// fatal // add thread locale to RWT session - if (log.isTraceEnabled()) - log.trace("Locale " + LocaleUtils.threadLocale.get()); - RWT.setLocale(LocaleUtils.threadLocale.get()); + // if (log.isTraceEnabled()) + // log.trace("Locale " + LocaleUtils.threadLocale.get()); + // RWT.setLocale(LocaleUtils.threadLocale.get()); // once the user is logged in, longer session timeout RWT.getRequest().getSession() @@ -121,7 +120,13 @@ public class SecureEntryPoint implements EntryPoint { "Bad Credentials", e.getMessage()); // retry login continue tryLogin; + } catch (CredentialNotFoundException e) { + MessageDialog.openInformation(display.getActiveShell(), + "No Credentials", e.getMessage()); + // retry login + continue tryLogin; } catch (LoginException e) { + callbackHandler.getShell().dispose(); return processLoginDeath(display, e); } } @@ -134,8 +139,8 @@ public class SecureEntryPoint implements EntryPoint { if (log.isTraceEnabled()) log.trace("Display disposed"); try { - LoginContext loginContext = new ArgeoLoginContext( - KernelHeader.LOGIN_CONTEXT_USER, subject); + LoginContext loginContext = new LoginContext( + AuthConstants.LOGIN_CONTEXT_USER, subject); loginContext.logout(); } catch (LoginException e) { log.error("Error when logging out", e); @@ -169,7 +174,7 @@ public class SecureEntryPoint implements EntryPoint { return returnCode; } - private Integer processLoginDeath(Display display, LoginException e) { + private Integer processLoginDeath(Display display, Throwable e) { // check thread death ThreadDeath td = wasCausedByThreadDeath(e); if (td != null) { @@ -196,7 +201,8 @@ public class SecureEntryPoint implements EntryPoint { protected ThreadDeath wasCausedByThreadDeath(Throwable t) { if (t instanceof ThreadDeath) return (ThreadDeath) t; - + if (t instanceof ThreadDeathLoginException) + return ((ThreadDeathLoginException) t).getThreadDeath(); if (t.getCause() != null) return wasCausedByThreadDeath(t.getCause()); else @@ -205,8 +211,8 @@ public class SecureEntryPoint implements EntryPoint { private void fullLogout(Subject subject, String username) { try { - LoginContext loginContext = new ArgeoLoginContext( - KernelHeader.LOGIN_CONTEXT_USER, subject); + LoginContext loginContext = new LoginContext( + AuthConstants.LOGIN_CONTEXT_USER, subject); loginContext.logout(); HttpServletRequest httpRequest = RWT.getRequest(); HttpSession httpSession = httpRequest.getSession();