X-Git-Url: http://git.argeo.org/?a=blobdiff_plain;f=org.argeo.cms%2Fsrc%2Forg%2Fargeo%2Fcms%2Finternal%2Fhttp%2FCmsSessionProvider.java;h=37ba5cdb15332a440e1dac222ecaf7ed16d1db28;hb=34ba1b915e1d406f6574c0be93e1e9da3eab1978;hp=e398fc95641e18927fe1ed5cbdc0b192c1948005;hpb=ebd927da42511bb5959000c50a39974c6cfa5f49;p=lgpl%2Fargeo-commons.git diff --git a/org.argeo.cms/src/org/argeo/cms/internal/http/CmsSessionProvider.java b/org.argeo.cms/src/org/argeo/cms/internal/http/CmsSessionProvider.java index e398fc956..37ba5cdb1 100644 --- a/org.argeo.cms/src/org/argeo/cms/internal/http/CmsSessionProvider.java +++ b/org.argeo.cms/src/org/argeo/cms/internal/http/CmsSessionProvider.java @@ -1,24 +1,19 @@ package org.argeo.cms.internal.http; import java.io.Serializable; -import java.security.PrivilegedExceptionAction; import java.util.LinkedHashMap; import javax.jcr.Repository; import javax.jcr.RepositoryException; import javax.jcr.Session; -import javax.security.auth.Subject; -import javax.security.auth.login.LoginContext; import javax.servlet.ServletException; import javax.servlet.http.HttpServletRequest; import org.apache.commons.logging.Log; import org.apache.commons.logging.LogFactory; import org.apache.jackrabbit.server.SessionProvider; -import org.argeo.cms.CmsException; import org.argeo.cms.auth.CmsSession; import org.argeo.jcr.JcrUtils; -import org.argeo.node.NodeConstants; /** * Implements an open session in view patter: a new JCR session is created for @@ -41,8 +36,8 @@ class CmsSessionProvider implements SessionProvider, Serializable { throws javax.jcr.LoginException, ServletException, RepositoryException { CmsSession cmsSession = WebCmsSessionImpl.getCmsSession(request); - if (cmsSession == null) - return anonymousSession(request, rep, workspace); +// if (cmsSession == null) +// return anonymousSession(request, rep, workspace); if (log.isTraceEnabled()) { log.debug("Get JCR session from " + cmsSession); } @@ -51,32 +46,32 @@ class CmsSessionProvider implements SessionProvider, Serializable { return session; } - private synchronized Session anonymousSession(HttpServletRequest request, Repository repository, String workspace) { - // TODO rather log in here as anonymous? - LoginContext lc = (LoginContext) request.getAttribute(NodeConstants.LOGIN_CONTEXT_USER); - if (lc == null) - throw new CmsException("No login context available"); - // optimize - Session session; - try { - session = Subject.doAs(lc.getSubject(), new PrivilegedExceptionAction() { - @Override - public Session run() throws Exception { - return repository.login(workspace); - } - }); - } catch (Exception e) { - throw new CmsException("Cannot log in to JCR", e); - } - return session; - } +// private synchronized Session anonymousSession(HttpServletRequest request, Repository repository, String workspace) { +// // TODO rather log in here as anonymous? +// LoginContext lc = (LoginContext) request.getAttribute(NodeConstants.LOGIN_CONTEXT_ANONYMOUS); +// if (lc == null) +// throw new CmsException("No login context available"); +// // optimize +// Session session; +// try { +// session = Subject.doAs(lc.getSubject(), new PrivilegedExceptionAction() { +// @Override +// public Session run() throws Exception { +// return repository.login(workspace); +// } +// }); +// } catch (Exception e) { +// throw new CmsException("Cannot log in to JCR", e); +// } +// return session; +// } public synchronized void releaseSession(Session session) { if (cmsSessions.containsKey(session)) { CmsSession cmsSession = cmsSessions.get(session); cmsSession.releaseDataSession(alias, session); } else { - // anonymous + log.warn("JCR session "+session+" not found in CMS session list. Logging it out..."); JcrUtils.logoutQuietly(session); } }