From 666e6249290895e2b68809d3531369d33809f6b6 Mon Sep 17 00:00:00 2001 From: Mathieu Baudier Date: Sat, 6 Aug 2016 19:55:14 +0000 Subject: [PATCH] Make CMS production ready git-svn-id: https://svn.argeo.org/commons/trunk@9070 4cfe0d0a-d680-48aa-b62c-e0a02a3f76cc --- .../cms/auth/SimpleRoleRegistration.java | 89 ------------------- .../cms/widgets/auth/AbstractLoginDialog.java | 19 ++-- .../org/argeo/cms/widgets/auth/CmsLogin.java | 6 +- .../security/core/SystemLoginModule.java | 45 ---------- 4 files changed, 11 insertions(+), 148 deletions(-) delete mode 100644 org.argeo.cms/src/org/argeo/cms/auth/SimpleRoleRegistration.java delete mode 100644 org.argeo.cms/src/org/argeo/security/core/SystemLoginModule.java diff --git a/org.argeo.cms/src/org/argeo/cms/auth/SimpleRoleRegistration.java b/org.argeo.cms/src/org/argeo/cms/auth/SimpleRoleRegistration.java deleted file mode 100644 index 0efda3fa8..000000000 --- a/org.argeo.cms/src/org/argeo/cms/auth/SimpleRoleRegistration.java +++ /dev/null @@ -1,89 +0,0 @@ -package org.argeo.cms.auth; - -import java.util.ArrayList; -import java.util.List; -import java.util.Map; - -import javax.naming.InvalidNameException; -import javax.naming.ldap.LdapName; -import javax.transaction.UserTransaction; - -import org.apache.commons.logging.Log; -import org.apache.commons.logging.LogFactory; -import org.argeo.ArgeoException; -import org.osgi.service.useradmin.Role; -import org.osgi.service.useradmin.UserAdmin; - -/** - * Register one or many roles via a user admin service. Does nothing if the role - * is already registered. - */ -public class SimpleRoleRegistration implements Runnable { - private final static Log log = LogFactory - .getLog(SimpleRoleRegistration.class); - - private String role; - private List roles = new ArrayList(); - private UserAdmin userAdmin; - private UserTransaction userTransaction; - - @Override - public void run() { - try { - userTransaction.begin(); - if (role != null && !roleExists(role)) - newRole(toDn(role)); - - for (String r : roles) - if (!roleExists(r)) - newRole(toDn(r)); - userTransaction.commit(); - } catch (Exception e) { - try { - userTransaction.rollback(); - } catch (Exception e1) { - log.error("Cannot rollback", e1); - } - throw new ArgeoException("Cannot add roles", e); - } - } - - private boolean roleExists(String role) { - return userAdmin.getRole(toDn(role).toString()) != null; - } - - protected void newRole(LdapName r) { - userAdmin.createRole(r.toString(), Role.GROUP); - log.info("Added role " + r + " required by application."); - } - - public void register(UserAdmin userAdminService, Map properties) { - this.userAdmin = userAdminService; - run(); - } - - protected LdapName toDn(String name) { - try { - return new LdapName("cn=" + name + ",ou=roles,ou=node"); - } catch (InvalidNameException e) { - throw new ArgeoException("Badly formatted role name " + name, e); - } - } - - public void setRole(String role) { - this.role = role; - } - - public void setRoles(List roles) { - this.roles = roles; - } - - public void setUserAdmin(UserAdmin userAdminService) { - this.userAdmin = userAdminService; - } - - public void setUserTransaction(UserTransaction userTransaction) { - this.userTransaction = userTransaction; - } - -} diff --git a/org.argeo.cms/src/org/argeo/cms/widgets/auth/AbstractLoginDialog.java b/org.argeo.cms/src/org/argeo/cms/widgets/auth/AbstractLoginDialog.java index a9ed1c7ea..b86fcb0b0 100644 --- a/org.argeo.cms/src/org/argeo/cms/widgets/auth/AbstractLoginDialog.java +++ b/org.argeo.cms/src/org/argeo/cms/widgets/auth/AbstractLoginDialog.java @@ -25,7 +25,6 @@ import javax.security.auth.callback.PasswordCallback; import org.apache.commons.logging.Log; import org.apache.commons.logging.LogFactory; -import org.argeo.cms.internal.kernel.Activator; import org.eclipse.core.runtime.IProgressMonitor; import org.eclipse.core.runtime.NullProgressMonitor; import org.eclipse.jface.dialogs.IDialogConstants; @@ -37,10 +36,10 @@ import org.eclipse.swt.events.SelectionListener; import org.eclipse.swt.widgets.Button; import org.eclipse.swt.widgets.Display; import org.eclipse.swt.widgets.Shell; +import org.osgi.framework.FrameworkUtil; /** Base for login dialogs */ -public abstract class AbstractLoginDialog extends TrayDialog implements - CallbackHandler { +public abstract class AbstractLoginDialog extends TrayDialog implements CallbackHandler { private static final long serialVersionUID = -8046708963512717709L; private final static Log log = LogFactory.getLog(AbstractLoginDialog.class); @@ -139,13 +138,14 @@ public abstract class AbstractLoginDialog extends TrayDialog implements // event). while (!processCallbacks && (modalContextThread != null) && (modalContextThread == Thread.currentThread()) - && Activator.getBundleContext() != null) { + && FrameworkUtil.getBundle(AbstractLoginDialog.class).getBundleContext() != null) { // Note: SecurityUiPlugin.getDefault() != null is false // when the OSGi runtime is shut down try { Thread.sleep(100); // if (display.isDisposed()) { - // log.warn("Display is disposed, killing login dialog thread"); + // log.warn("Display is disposed, killing login + // dialog thread"); // throw new ThreadDeath(); // } } catch (final Exception e) { @@ -160,12 +160,10 @@ public abstract class AbstractLoginDialog extends TrayDialog implements // clear callbacks are when cancelling for (Callback callback : callbacks) if (callback instanceof PasswordCallback) { - char[] arr = ((PasswordCallback) callback) - .getPassword(); + char[] arr = ((PasswordCallback) callback).getPassword(); if (arr != null) { Arrays.fill(arr, '*'); - ((PasswordCallback) callback) - .setPassword(null); + ((PasswordCallback) callback).setPassword(null); } } else if (callback instanceof NameCallback) ((NameCallback) callback).setName(null); @@ -177,8 +175,7 @@ public abstract class AbstractLoginDialog extends TrayDialog implements throw e; } catch (Exception e) { isCancelled = true; - IOException ioe = new IOException( - "Unexpected issue in login dialog, see root cause for more details"); + IOException ioe = new IOException("Unexpected issue in login dialog, see root cause for more details"); ioe.initCause(e); throw ioe; } finally { diff --git a/org.argeo.cms/src/org/argeo/cms/widgets/auth/CmsLogin.java b/org.argeo.cms/src/org/argeo/cms/widgets/auth/CmsLogin.java index d0bf14286..3e5e25d04 100644 --- a/org.argeo.cms/src/org/argeo/cms/widgets/auth/CmsLogin.java +++ b/org.argeo.cms/src/org/argeo/cms/widgets/auth/CmsLogin.java @@ -4,7 +4,7 @@ import static org.argeo.cms.CmsMsg.password; import static org.argeo.cms.CmsMsg.username; import static org.argeo.cms.auth.AuthConstants.LOGIN_CONTEXT_ANONYMOUS; import static org.argeo.cms.auth.AuthConstants.LOGIN_CONTEXT_USER; -import static org.argeo.cms.internal.kernel.Activator.getKernelHeader; +import static org.argeo.cms.internal.kernel.Activator.getNodeState; import java.io.IOException; import java.util.List; @@ -65,8 +65,8 @@ public class CmsLogin implements CmsStyles, CallbackHandler { public CmsLogin(CmsView cmsView) { this.cmsView = cmsView; - defaultLocale = getKernelHeader().getDefaultLocale(); - List locales = getKernelHeader().getLocales(); + defaultLocale = getNodeState().getDefaultLocale(); + List locales = getNodeState().getLocales(); if (locales != null) localeChoice = new LocaleChoice(locales, defaultLocale); loginSelectionListener = new SelectionListener() { diff --git a/org.argeo.cms/src/org/argeo/security/core/SystemLoginModule.java b/org.argeo.cms/src/org/argeo/security/core/SystemLoginModule.java deleted file mode 100644 index a1d68b376..000000000 --- a/org.argeo.cms/src/org/argeo/security/core/SystemLoginModule.java +++ /dev/null @@ -1,45 +0,0 @@ -package org.argeo.security.core; - -import java.util.Map; - -import javax.security.auth.Subject; -import javax.security.auth.callback.CallbackHandler; -import javax.security.auth.login.LoginException; -import javax.security.auth.spi.LoginModule; - -import org.argeo.security.SystemAuth; - -public class SystemLoginModule implements LoginModule { - private Subject subject; - - @Override - public void initialize(Subject subject, CallbackHandler callbackHandler, - Map sharedState, Map options) { - this.subject = subject; - } - - @Override - public boolean login() throws LoginException { - // TODO check permission? - return true; - } - - @Override - public boolean commit() throws LoginException { - subject.getPrincipals().add(new SystemAuth()); - return true; - } - - @Override - public boolean abort() throws LoginException { - return true; - } - - @Override - public boolean logout() throws LoginException { - // remove ALL credentials (e.g. additional Jackrabbit credentials) - subject.getPrincipals().clear(); - return true; - } - -} -- 2.30.2