X-Git-Url: http://git.argeo.org/?a=blobdiff_plain;f=org.argeo.cms%2Fsrc%2Forg%2Fargeo%2Fcms%2Fauth%2FUserAdminLoginModule.java;h=ea2a6dedf6ea2877c3dcf487999420118aa9aa31;hb=cba35caa1a083661c8e113f5295b2dbfc90a16cd;hp=ea8821185d78d4badf8c4ea20d1c13a98f04e76d;hpb=86db10fcb2299ebf71d5599a80dc54444b26f893;p=lgpl%2Fargeo-commons.git diff --git a/org.argeo.cms/src/org/argeo/cms/auth/UserAdminLoginModule.java b/org.argeo.cms/src/org/argeo/cms/auth/UserAdminLoginModule.java index ea8821185..ea2a6dedf 100644 --- a/org.argeo.cms/src/org/argeo/cms/auth/UserAdminLoginModule.java +++ b/org.argeo.cms/src/org/argeo/cms/auth/UserAdminLoginModule.java @@ -2,16 +2,19 @@ package org.argeo.cms.auth; import java.io.IOException; import java.util.Iterator; +import java.util.Locale; import java.util.Map; import java.util.Set; import javax.security.auth.Subject; import javax.security.auth.callback.Callback; import javax.security.auth.callback.CallbackHandler; +import javax.security.auth.callback.LanguageCallback; import javax.security.auth.callback.NameCallback; import javax.security.auth.callback.PasswordCallback; import javax.security.auth.callback.UnsupportedCallbackException; import javax.security.auth.login.CredentialNotFoundException; +import javax.security.auth.login.FailedLoginException; import javax.security.auth.login.LoginException; import javax.security.auth.spi.LoginModule; import javax.servlet.http.HttpServletRequest; @@ -19,6 +22,7 @@ import javax.servlet.http.HttpSession; import org.argeo.ArgeoException; import org.argeo.cms.internal.kernel.Activator; +import org.argeo.eclipse.ui.specific.UiContext; import org.osgi.framework.BundleContext; import org.osgi.service.http.HttpContext; import org.osgi.service.useradmin.Authorization; @@ -60,12 +64,16 @@ public class UserAdminLoginModule implements LoginModule, AuthConstants { NameCallback nameCallback = new NameCallback("User"); PasswordCallback passwordCallback = new PasswordCallback( "Password", false); + LanguageCallback langCallback = new LanguageCallback(); try { callbackHandler.handle(new Callback[] { httpCallback, - nameCallback, passwordCallback }); + nameCallback, passwordCallback, langCallback }); } catch (IOException e) { throw new LoginException("Cannot handle http callback: " + e.getMessage()); + } catch (ThreadDeath e) { + throw new ThreadDeathLoginException( + "Callbackhandler thread died", e); } catch (UnsupportedCallbackException e) { return false; } @@ -77,20 +85,12 @@ public class UserAdminLoginModule implements LoginModule, AuthConstants { authorization = (Authorization) request.getSession() .getAttribute(HttpContext.AUTHORIZATION); } - // if (authorization == null || authorization.getName() == null) - // if (!isAnonymous) { - // // ask for username and password - // NameCallback nameCallback = new NameCallback("User"); - // PasswordCallback passwordCallback = new PasswordCallback( - // "Password", false); - // - // // handle callbacks - // try { - // callbackHandler.handle(new Callback[] { nameCallback, - // passwordCallback }); - // } catch (Exception e) { - // throw new ArgeoException("Cannot handle callbacks", e); - // } + + // i18n + Locale locale = langCallback.getLocale(); + if (locale == null) + locale = Locale.getDefault(); + UiContext.setLocale(locale); if (authorization == null) { // create credentials @@ -109,9 +109,10 @@ public class UserAdminLoginModule implements LoginModule, AuthConstants { User user = userAdmin.getUser(null, username); if (user == null) - return false; + throw new FailedLoginException("Invalid credentials"); if (!user.hasCredential(null, password)) - return false; + throw new FailedLoginException("Invalid credentials"); + // return false; authorization = userAdmin.getAuthorization(user); } } @@ -127,7 +128,7 @@ public class UserAdminLoginModule implements LoginModule, AuthConstants { public boolean commit() throws LoginException { Authorization authorization = subject .getPrivateCredentials(Authorization.class).iterator().next(); - if (request != null) { + if (request != null && authorization.getName() != null) { request.setAttribute(HttpContext.REMOTE_USER, authorization.getName()); request.setAttribute(HttpContext.AUTHORIZATION, authorization);