X-Git-Url: http://git.argeo.org/?a=blobdiff_plain;f=org.argeo.cms%2Fsrc%2Forg%2Fargeo%2Fcms%2Fauth%2FHttpSessionLoginModule.java;h=d2f0fe738d751957b684925d67dfaf895403f829;hb=35507e18257f2e9f59842ba5120fcd3f19c4cf4d;hp=dd01e4b53d50e2653486b2b49a32cc85d0edd4bd;hpb=d66d81530f1da58e2e2c5d25e0a5dc30ad32b848;p=lgpl%2Fargeo-commons.git diff --git a/org.argeo.cms/src/org/argeo/cms/auth/HttpSessionLoginModule.java b/org.argeo.cms/src/org/argeo/cms/auth/HttpSessionLoginModule.java index dd01e4b53..d2f0fe738 100644 --- a/org.argeo.cms/src/org/argeo/cms/auth/HttpSessionLoginModule.java +++ b/org.argeo.cms/src/org/argeo/cms/auth/HttpSessionLoginModule.java @@ -14,6 +14,7 @@ import javax.security.auth.login.LoginException; import javax.security.auth.spi.LoginModule; import javax.servlet.http.HttpServletRequest; import javax.servlet.http.HttpServletResponse; +import javax.servlet.http.HttpSession; import org.apache.commons.codec.binary.Base64; import org.apache.commons.logging.Log; @@ -68,7 +69,14 @@ public class HttpSessionLoginModule implements LoginModule { return false; authorization = (Authorization) request.getAttribute(HttpContext.AUTHORIZATION); if (authorization == null) {// search by session ID - String httpSessionId = request.getSession(false).getId(); + HttpSession httpSession = request.getSession(false); + if (httpSession == null) { + // TODO make sure this is always safe + if (log.isTraceEnabled()) + log.trace("Create http session"); + httpSession = request.getSession(true); + } + String httpSessionId = httpSession.getId(); // authorization = (Authorization) // request.getSession().getAttribute(HttpContext.AUTHORIZATION); // if (authorization == null) { @@ -167,14 +175,23 @@ public class HttpSessionLoginModule implements LoginModule { } } } + + // auth token + // String mail = request.getParameter(LdapAttrs.mail.name()); + // String authPassword = request.getParameter(LdapAttrs.authPassword.name()); + // if (authPassword != null) { + // sharedState.put(CmsAuthUtils.SHARED_STATE_PWD, authPassword); + // if (mail != null) + // sharedState.put(CmsAuthUtils.SHARED_STATE_NAME, mail); + // } } - private X509Certificate[] extractClientCertificate(HttpServletRequest req) { + private void extractClientCertificate(HttpServletRequest req) { X509Certificate[] certs = (X509Certificate[]) req.getAttribute("javax.servlet.request.X509Certificate"); if (null != certs && certs.length > 0) { - return certs; + sharedState.put(CmsAuthUtils.SHARED_STATE_NAME, certs[0].getSubjectX500Principal().getName()); + sharedState.put(CmsAuthUtils.SHARED_STATE_CERTIFICATE_CHAIN, certs); } - return null; } }