X-Git-Url: http://git.argeo.org/?a=blobdiff_plain;f=org.argeo.cms%2Fsrc%2Forg%2Fargeo%2Fcms%2Futil%2FUserMenu.java;h=73567886b0f7986575f58f9c7626b68247a3233f;hb=170c56881f05f1028c35e6fe8c6e69dfd764c30e;hp=98311560ac10e7bf21a4f6374456f31ac9f5366c;hpb=d546fc1b9e19a86eb0e33ac4be824b52239316fc;p=lgpl%2Fargeo-commons.git diff --git a/org.argeo.cms/src/org/argeo/cms/util/UserMenu.java b/org.argeo.cms/src/org/argeo/cms/util/UserMenu.java index 98311560a..73567886b 100644 --- a/org.argeo.cms/src/org/argeo/cms/util/UserMenu.java +++ b/org.argeo.cms/src/org/argeo/cms/util/UserMenu.java @@ -1,13 +1,22 @@ package org.argeo.cms.util; -import static org.argeo.cms.internal.kernel.KernelConstants.SPRING_SECURITY_CONTEXT_KEY; - -import javax.servlet.http.HttpSession; - -import org.argeo.cms.CmsLogin; +import java.io.IOException; + +import javax.security.auth.Subject; +import javax.security.auth.callback.Callback; +import javax.security.auth.callback.CallbackHandler; +import javax.security.auth.callback.NameCallback; +import javax.security.auth.callback.PasswordCallback; +import javax.security.auth.callback.UnsupportedCallbackException; +import javax.security.auth.login.LoginContext; +import javax.security.auth.login.LoginException; + +import org.argeo.cms.CmsException; import org.argeo.cms.CmsMsg; import org.argeo.cms.CmsSession; import org.argeo.cms.CmsStyles; +import org.argeo.cms.KernelHeader; +import org.argeo.cms.auth.ArgeoLoginContext; import org.eclipse.rap.rwt.RWT; import org.eclipse.swt.SWT; import org.eclipse.swt.events.MouseAdapter; @@ -18,28 +27,30 @@ import org.eclipse.swt.events.TraverseEvent; import org.eclipse.swt.events.TraverseListener; import org.eclipse.swt.layout.GridData; import org.eclipse.swt.layout.GridLayout; +import org.eclipse.swt.widgets.Composite; import org.eclipse.swt.widgets.Control; import org.eclipse.swt.widgets.Label; import org.eclipse.swt.widgets.Shell; import org.eclipse.swt.widgets.Text; +import org.springframework.security.core.Authentication; import org.springframework.security.core.context.SecurityContextHolder; /** The site-related user menu */ -public class UserMenu extends Shell implements CmsStyles { +public class UserMenu extends Shell implements CmsStyles, CallbackHandler { private static final long serialVersionUID = -5788157651532106301L; + private Text username, password; - private CmsLogin cmsLogin; - private String username = null; - - public UserMenu(CmsLogin cmsLogin, Control source) { + public UserMenu(Control source) { super(source.getDisplay(), SWT.NO_TRIM | SWT.BORDER | SWT.ON_TOP); - this.cmsLogin = cmsLogin; - setData(RWT.CUSTOM_VARIANT, CMS_USER_MENU); - username = SecurityContextHolder.getContext().getAuthentication() - .getName(); - if (username.equals("anonymous")) { + Authentication authentication = SecurityContextHolder.getContext() + .getAuthentication(); + if (authentication == null) + throw new CmsException("No authentication available"); + + String username = authentication.getName(); + if (username.equals(KernelHeader.USERNAME_ANONYMOUS)) { username = null; anonymousUi(); } else { @@ -59,24 +70,24 @@ public class UserMenu extends Shell implements CmsStyles { close(); dispose(); } - }); - open(); - } protected void userUi() { setLayout(new GridLayout()); + String username = SecurityContextHolder.getContext() + .getAuthentication().getName(); + Label l = new Label(this, SWT.NONE); l.setData(RWT.CUSTOM_VARIANT, CMS_USER_MENU_ITEM); l.setData(RWT.MARKUP_ENABLED, true); l.setLayoutData(CmsUtils.fillWidth()); l.setText("" + username + ""); - final CmsSession cmsSession = (CmsSession) getDisplay().getData( - CmsSession.KEY); + specificUserUi(this); + l = new Label(this, SWT.NONE); l.setData(RWT.CUSTOM_VARIANT, CMS_USER_MENU_ITEM); l.setText(CmsMsg.logout.lead()); @@ -88,56 +99,117 @@ public class UserMenu extends Shell implements CmsStyles { private static final long serialVersionUID = 6444395812777413116L; public void mouseDown(MouseEvent e) { - SecurityContextHolder.getContext().setAuthentication(null); - HttpSession httpSession = RWT.getRequest().getSession(); - httpSession.removeAttribute(SPRING_SECURITY_CONTEXT_KEY); - close(); - dispose(); - cmsSession.authChange(); + logout(); } }); } + protected String getUsername() { + String username = SecurityContextHolder.getContext() + .getAuthentication().getName(); + return username; + } + + /** To be overridden */ + protected void specificUserUi(Composite parent) { + + } + protected void anonymousUi() { + setLayout(CmsUtils.noSpaceGridLayout()); + + // We need a composite for the traversal + Composite c = new Composite(this, SWT.NONE); + c.setLayout(new GridLayout()); + c.setLayoutData(CmsUtils.fillAll()); + Integer textWidth = 150; setData(RWT.CUSTOM_VARIANT, CMS_USER_MENU); - setLayout(new GridLayout(2, false)); - new Label(this, SWT.NONE).setText(CmsMsg.username.lead()); - final Text username = new Text(this, SWT.BORDER); + // new Label(this, SWT.NONE).setText(CmsMsg.username.lead()); + username = new Text(c, SWT.BORDER); + username.setMessage(CmsMsg.username.lead()); username.setData(RWT.CUSTOM_VARIANT, CMS_LOGIN_DIALOG_USERNAME); GridData gd = CmsUtils.fillWidth(); gd.widthHint = textWidth; username.setLayoutData(gd); - new Label(this, SWT.NONE).setText(CmsMsg.password.lead()); - final Text password = new Text(this, SWT.BORDER | SWT.PASSWORD); + // new Label(this, SWT.NONE).setText(CmsMsg.password.lead()); + password = new Text(c, SWT.BORDER | SWT.PASSWORD); + password.setMessage(CmsMsg.password.lead()); password.setData(RWT.CUSTOM_VARIANT, CMS_LOGIN_DIALOG_PASSWORD); gd = CmsUtils.fillWidth(); gd.widthHint = textWidth; password.setLayoutData(gd); - // Listeners TraverseListener tl = new TraverseListener() { private static final long serialVersionUID = -1158892811534971856L; public void keyTraversed(TraverseEvent e) { if (e.detail == SWT.TRAVERSE_RETURN) - login(username.getText(), password.getTextChars()); + login(); } }; + c.addTraverseListener(tl); username.addTraverseListener(tl); password.addTraverseListener(tl); + setTabList(new Control[] { c }); + c.setTabList(new Control[] { username, password }); + c.setFocus(); } - protected void login(String username, char[] password) { + protected void login() { CmsSession cmsSession = (CmsSession) getDisplay().getData( CmsSession.KEY); - cmsLogin.logInWithPassword(username, password); + Subject subject = cmsSession.getSubject(); + try { + // + // LOGIN + // + new ArgeoLoginContext(KernelHeader.LOGIN_CONTEXT_ANONYMOUS, subject) + .logout(); + LoginContext loginContext = new ArgeoLoginContext( + KernelHeader.LOGIN_CONTEXT_USER, subject, this); + loginContext.login(); + } catch (LoginException e1) { + try { + new ArgeoLoginContext(KernelHeader.LOGIN_CONTEXT_ANONYMOUS, + subject).login(); + } catch (LoginException e) { + throw new CmsException("Cannot authenticate anonymous", e1); + } + throw new CmsException("Cannot authenticate", e1); + } + close(); + dispose(); + cmsSession.authChange(); + } + + protected void logout() { + final CmsSession cmsSession = (CmsSession) getDisplay().getData( + CmsSession.KEY); + Subject subject = cmsSession.getSubject(); + try { + // + // LOGOUT + // + new ArgeoLoginContext(KernelHeader.LOGIN_CONTEXT_USER, subject) + .logout(); + new ArgeoLoginContext(KernelHeader.LOGIN_CONTEXT_ANONYMOUS, subject) + .login(); + } catch (LoginException e1) { + throw new CmsException("Cannot authenticate anonymous", e1); + } close(); dispose(); - // refreshUi(source.getParent()); cmsSession.authChange(); } + @Override + public void handle(Callback[] callbacks) throws IOException, + UnsupportedCallbackException { + ((NameCallback) callbacks[0]).setName(username.getText()); + ((PasswordCallback) callbacks[1]).setPassword(password.getTextChars()); + } + }