X-Git-Url: http://git.argeo.org/?a=blobdiff_plain;f=org.argeo.cms%2Fsrc%2Forg%2Fargeo%2Fcms%2Futil%2FUserMenu.java;h=3fef6792b610a4c48a0f66fd518ba2c73fbd6454;hb=2b3904582518de706357fd2a8216a47ca77dfc39;hp=1c35600012d9c47e33d031e376bb1d98d627310f;hpb=93a457cf047cebb0170abd0f37a9b4291a2ae3e9;p=lgpl%2Fargeo-commons.git

diff --git a/org.argeo.cms/src/org/argeo/cms/util/UserMenu.java b/org.argeo.cms/src/org/argeo/cms/util/UserMenu.java
index 1c3560001..3fef6792b 100644
--- a/org.argeo.cms/src/org/argeo/cms/util/UserMenu.java
+++ b/org.argeo.cms/src/org/argeo/cms/util/UserMenu.java
@@ -1,6 +1,12 @@
 package org.argeo.cms.util;
 
+import static org.argeo.cms.KernelHeader.ACCESS_CONTROL_CONTEXT;
+import static org.argeo.cms.KernelHeader.LOGIN_CONTEXT_ANONYMOUS;
+import static org.argeo.cms.KernelHeader.LOGIN_CONTEXT_USER;
+
 import java.io.IOException;
+import java.security.AccessController;
+import java.security.PrivilegedAction;
 
 import javax.security.auth.Subject;
 import javax.security.auth.callback.Callback;
@@ -10,6 +16,8 @@ import javax.security.auth.callback.PasswordCallback;
 import javax.security.auth.callback.UnsupportedCallbackException;
 import javax.security.auth.login.LoginContext;
 import javax.security.auth.login.LoginException;
+import javax.servlet.http.HttpServletRequest;
+import javax.servlet.http.HttpSession;
 
 import org.argeo.cms.CmsException;
 import org.argeo.cms.CmsMsg;
@@ -167,15 +175,25 @@ public class UserMenu extends Shell implements CmsStyles, CallbackHandler {
 			//
 			// LOGIN
 			//
-			new ArgeoLoginContext(KernelHeader.LOGIN_CONTEXT_ANONYMOUS, subject)
-					.logout();
+			new ArgeoLoginContext(LOGIN_CONTEXT_ANONYMOUS, subject).logout();
 			LoginContext loginContext = new ArgeoLoginContext(
-					KernelHeader.LOGIN_CONTEXT_USER, subject, this);
+					LOGIN_CONTEXT_USER, subject, this);
 			loginContext.login();
+
+			// save context in session
+			final HttpSession httpSession = RWT.getRequest().getSession();
+			Subject.doAs(subject, new PrivilegedAction<Void>() {
+
+				@Override
+				public Void run() {
+					httpSession.setAttribute(ACCESS_CONTROL_CONTEXT,
+							AccessController.getContext());
+					return null;
+				}
+			});
 		} catch (LoginException e1) {
 			try {
-				new ArgeoLoginContext(KernelHeader.LOGIN_CONTEXT_ANONYMOUS,
-						subject).login();
+				new ArgeoLoginContext(LOGIN_CONTEXT_ANONYMOUS, subject).login();
 			} catch (LoginException e) {
 				throw new CmsException("Cannot authenticate anonymous", e1);
 			}
@@ -194,10 +212,12 @@ public class UserMenu extends Shell implements CmsStyles, CallbackHandler {
 			//
 			// LOGOUT
 			//
-			new ArgeoLoginContext(KernelHeader.LOGIN_CONTEXT_USER, subject)
-					.logout();
-			new ArgeoLoginContext(KernelHeader.LOGIN_CONTEXT_ANONYMOUS, subject)
-					.login();
+			new ArgeoLoginContext(LOGIN_CONTEXT_USER, subject).logout();
+			new ArgeoLoginContext(LOGIN_CONTEXT_ANONYMOUS, subject).login();
+
+			HttpServletRequest httpRequest = RWT.getRequest();
+			HttpSession httpSession = httpRequest.getSession();
+			httpSession.setAttribute(ACCESS_CONTROL_CONTEXT, null);
 		} catch (LoginException e1) {
 			throw new CmsException("Cannot authenticate anonymous", e1);
 		}