X-Git-Url: http://git.argeo.org/?a=blobdiff_plain;f=org.argeo.security.jackrabbit%2Fsrc%2Forg%2Fargeo%2Fsecurity%2Fjackrabbit%2FArgeoLoginModule.java;h=2ff913dd2b07fdcb502ed89ccb86066900c40853;hb=5e24d4b3694253125077489270a86f545378f21e;hp=6d8adeb086837653a35c0d485bd2f544fcc4b6e0;hpb=cb4de3944975b944c0a16ecc9cc28cc1b0470a46;p=lgpl%2Fargeo-commons.git

diff --git a/org.argeo.security.jackrabbit/src/org/argeo/security/jackrabbit/ArgeoLoginModule.java b/org.argeo.security.jackrabbit/src/org/argeo/security/jackrabbit/ArgeoLoginModule.java
index 6d8adeb08..2ff913dd2 100644
--- a/org.argeo.security.jackrabbit/src/org/argeo/security/jackrabbit/ArgeoLoginModule.java
+++ b/org.argeo.security.jackrabbit/src/org/argeo/security/jackrabbit/ArgeoLoginModule.java
@@ -59,12 +59,13 @@ public class ArgeoLoginModule extends AbstractLoginModule {
 
 		if (authen instanceof SystemAuthentication) {
 			principals.add(new AdminPrincipal(authen.getName()));
-			principals.add(new ArgeoSystemPrincipal(authen.getName()));
+			// principals.add(new ArgeoSystemPrincipal(authen.getName()));
 		} else if (authen instanceof AnonymousAuthenticationToken) {
 			principals.add(new AnonymousPrincipal());
 		} else {
 			for (GrantedAuthority ga : authen.getAuthorities()) {
-				principals.add(new GrantedAuthorityPrincipal(ga));
+				if (ga instanceof Principal)
+					principals.add((Principal) ga);
 				// FIXME: make it more generic
 				if (adminRole.equals(ga.getAuthority()))
 					principals.add(new AdminPrincipal(authen.getName()));
@@ -85,20 +86,29 @@ public class ArgeoLoginModule extends AbstractLoginModule {
 	 * {@link org.springframework.security.Authentication} as well. Here we
 	 * simply clear Jackrabbit related {@link Principal}s.
 	 */
-	@Override
-	public boolean logout() throws LoginException {
-		clearPrincipals(AdminPrincipal.class);
-		clearPrincipals(ArgeoSystemPrincipal.class);
-		clearPrincipals(AnonymousPrincipal.class);
-		clearPrincipals(GrantedAuthorityPrincipal.class);
-		return true;
-	}
-
-	private <T extends Principal> void clearPrincipals(Class<T> clss) {
-		Set<T> principals = subject.getPrincipals(clss);
-		if (principals != null)
-			principals.clear();
-	}
+	// @Override
+	// public boolean logout() throws LoginException {
+	// Set<Principal> principals = subject.getPrincipals();
+	// for (Principal principal : subject.getPrincipals()) {
+	// if ((principal instanceof AdminPrincipal)
+	// || (principal instanceof ArgeoSystemPrincipal)
+	// || (principal instanceof AnonymousPrincipal)
+	// || (principal instanceof GrantedAuthority)) {
+	// principals.remove(principal);
+	// }
+	// }
+	// // clearPrincipals(AdminPrincipal.class);
+	// // clearPrincipals(ArgeoSystemPrincipal.class);
+	// // clearPrincipals(AnonymousPrincipal.class);
+	// // clearPrincipals(GrantedAuthority.class);
+	// return true;
+	// }
+
+	// private <T extends Principal> void clearPrincipals(Class<T> clss) {
+	// Set<T> principals = subject.getPrincipals(clss);
+	// if (principals != null)
+	// principals.clear();
+	// }
 
 	@SuppressWarnings("rawtypes")
 	@Override