- UsernamePasswordAuthenticationToken token = basicAuth(basicAuth);
- Authentication auth = authenticationManager.authenticate(token);
- SecurityContextHolder.getContext().setAuthentication(auth);
- // httpSession.setAttribute(SPRING_SECURITY_CONTEXT_KEY,
- // SecurityContextHolder.getContext());
- // httpSession.setAttribute(ATTR_AUTH, Boolean.FALSE);
- filterChain.doFilter(request, response);
+ CallbackHandler token = basicAuth(basicAuth);
+ // FIXME Login
+ // Authentication auth =
+ // authenticationManager.authenticate(token);
+ // SecurityContextHolder.getContext().setAuthentication(auth);
+ // filterChain.doFilter(request, response);
+ Subject subject;
+ try {
+ LoginContext lc = new LoginContext(
+ KernelHeader.LOGIN_CONTEXT_USER, token);
+ lc.login();
+ subject = lc.getSubject();
+ } catch (LoginException e) {
+ throw new CmsException("Could not login", e);
+ }
+ try {
+ Subject.doAs(subject,
+ new PrivilegedExceptionAction<Void>() {
+ public Void run() throws IOException,
+ ServletException {
+ filterChain.doFilter(request, response);
+ return null;
+ }
+ });
+ } catch (PrivilegedActionException e) {
+ if (e.getCause() instanceof ServletException)
+ throw (ServletException) e.getCause();
+ else if (e.getCause() instanceof IOException)
+ throw (IOException) e.getCause();
+ else
+ throw new CmsException("Unexpected exception",
+ e.getCause());
+ }