X-Git-Url: http://git.argeo.org/?a=blobdiff_plain;f=org.argeo.ext.jackrabbit%2Fsrc%2Forg%2Fargeo%2Fsecurity%2Fjackrabbit%2FSystemJackrabbitLoginModule.java;h=f7de8d003f73cb68562fc6b968a8882e90973cb1;hb=0ba95b783807cfe078446cc2561e7f769c34dbea;hp=62f8fa02b1d23860011f456253e84b54cabadc9a;hpb=e66b9893b0e511f8ab295e3cee42b7dc966f1597;p=lgpl%2Fargeo-commons.git

diff --git a/org.argeo.ext.jackrabbit/src/org/argeo/security/jackrabbit/SystemJackrabbitLoginModule.java b/org.argeo.ext.jackrabbit/src/org/argeo/security/jackrabbit/SystemJackrabbitLoginModule.java
index 62f8fa02b..f7de8d003 100644
--- a/org.argeo.ext.jackrabbit/src/org/argeo/security/jackrabbit/SystemJackrabbitLoginModule.java
+++ b/org.argeo.ext.jackrabbit/src/org/argeo/security/jackrabbit/SystemJackrabbitLoginModule.java
@@ -9,12 +9,12 @@ import javax.security.auth.login.LoginException;
 import javax.security.auth.spi.LoginModule;
 import javax.security.auth.x500.X500Principal;
 
+import org.apache.jackrabbit.core.security.AnonymousPrincipal;
 import org.apache.jackrabbit.core.security.SecurityConstants;
 import org.apache.jackrabbit.core.security.principal.AdminPrincipal;
-import org.argeo.node.DataAdminPrincipal;
+import org.argeo.node.security.DataAdminPrincipal;
 
 public class SystemJackrabbitLoginModule implements LoginModule {
-
 	private Subject subject;
 
 	@Override
@@ -30,6 +30,12 @@ public class SystemJackrabbitLoginModule implements LoginModule {
 
 	@Override
 	public boolean commit() throws LoginException {
+		Set<org.argeo.node.security.AnonymousPrincipal> anonPrincipal = subject.getPrincipals(org.argeo.node.security.AnonymousPrincipal.class);
+		if (!anonPrincipal.isEmpty()) {
+			subject.getPrincipals().add(new AnonymousPrincipal());
+			return true;
+		}
+
 		Set<DataAdminPrincipal> initPrincipal = subject.getPrincipals(DataAdminPrincipal.class);
 		if (!initPrincipal.isEmpty()) {
 			subject.getPrincipals().add(new AdminPrincipal(SecurityConstants.ADMIN_ID));
@@ -52,11 +58,8 @@ public class SystemJackrabbitLoginModule implements LoginModule {
 
 	@Override
 	public boolean logout() throws LoginException {
-		Set<DataAdminPrincipal> initPrincipal = subject.getPrincipals(DataAdminPrincipal.class);
-		if (!initPrincipal.isEmpty()) {
-			subject.getPrincipals(AdminPrincipal.class);
-			return true;
-		}
+		subject.getPrincipals().removeAll(subject.getPrincipals(AnonymousPrincipal.class));
+		subject.getPrincipals().removeAll(subject.getPrincipals(AdminPrincipal.class));
 		return true;
 	}
 }