From 72c5c4c7e5348ad96a451ef866a1e231db976dc7 Mon Sep 17 00:00:00 2001
From: Mathieu Baudier <mbaudier@argeo.org>
Date: Fri, 2 Mar 2012 11:40:00 +0000
Subject: [PATCH] Improve system execution

git-svn-id: https://svn.argeo.org/commons/trunk@5130 4cfe0d0a-d680-48aa-b62c-e0a02a3f76cc
---
 .../META-INF/spring/monitor.xml               |  1 +
 .../argeo/security/ui/views/AdminLogView.java | 20 +++----
 .../security/ui/views/LogContentProvider.java |  6 +-
 .../org/argeo/security/ui/views/LogView.java  | 11 +++-
 .../core/AbstractSystemExecution.java         | 55 +++++++++----------
 ...catedApplicationContextInitialization.java | 16 ++----
 .../core/KeyBasedSystemExecutionService.java  |  2 +-
 .../security/jackrabbit/ArgeoLoginModule.java | 30 ++++++++--
 8 files changed, 77 insertions(+), 64 deletions(-)

diff --git a/security/plugins/org.argeo.security.ui/META-INF/spring/monitor.xml b/security/plugins/org.argeo.security.ui/META-INF/spring/monitor.xml
index 93a370de4..3c313de52 100644
--- a/security/plugins/org.argeo.security.ui/META-INF/spring/monitor.xml
+++ b/security/plugins/org.argeo.security.ui/META-INF/spring/monitor.xml
@@ -15,6 +15,7 @@ log4j.rootLogger=WARN, console
 log4j.logger.org.argeo=DEBUG
 log4j.logger.org.argeo.jackrabbit.remote.ExtendedDispatcherServlet=WARN
 log4j.logger.org.argeo.server.webextender.TomcatDeployer=WARN
+log4j.logger.org.argeo.security.core=TRACE
 
 log4j.logger.org.apache.catalina=INFO
 log4j.logger.org.apache.coyote=INFO
diff --git a/security/plugins/org.argeo.security.ui/src/main/java/org/argeo/security/ui/views/AdminLogView.java b/security/plugins/org.argeo.security.ui/src/main/java/org/argeo/security/ui/views/AdminLogView.java
index 63908cf8a..d99a93ed6 100644
--- a/security/plugins/org.argeo.security.ui/src/main/java/org/argeo/security/ui/views/AdminLogView.java
+++ b/security/plugins/org.argeo.security.ui/src/main/java/org/argeo/security/ui/views/AdminLogView.java
@@ -10,6 +10,8 @@ import org.eclipse.jface.viewers.TableViewer;
 import org.eclipse.swt.SWT;
 import org.eclipse.swt.graphics.Font;
 import org.eclipse.swt.widgets.Composite;
+import org.eclipse.swt.widgets.Display;
+import org.eclipse.swt.widgets.Table;
 import org.eclipse.ui.part.ViewPart;
 
 /**
@@ -23,22 +25,16 @@ public class AdminLogView extends ViewPart {
 	private LogContentProvider logContentProvider;
 	private SecureLogger argeoLogger;
 
-	private Font font;
-
 	@Override
 	public void createPartControl(Composite parent) {
 		// FIXME doesn't return a monospace font in RAP
-		font = JFaceResources.getTextFont();
-//		if (font == JFaceResources.getDefaultFont()) {
-//			Set<?> keySet = JFaceResources.getFontRegistry().getKeySet();
-//			for (Object key : keySet) {
-//				System.out.println(key);
-//			}
-//		}
-
-		viewer = new TableViewer(parent, SWT.VIRTUAL | SWT.MULTI | SWT.H_SCROLL
+		Font font = JFaceResources.getTextFontDescriptor().setHeight(8)
+				.createFont(Display.getCurrent());
+		Table table = new Table(parent, SWT.VIRTUAL | SWT.MULTI | SWT.H_SCROLL
 				| SWT.V_SCROLL | SWT.FULL_SELECTION | SWT.BORDER);
-		viewer.getTable().setFont(font);
+		table.setFont(font);
+
+		viewer = new TableViewer(table);
 		viewer.setLabelProvider(new LabelProvider());
 		logContentProvider = new LogContentProvider(viewer) {
 
diff --git a/security/plugins/org.argeo.security.ui/src/main/java/org/argeo/security/ui/views/LogContentProvider.java b/security/plugins/org.argeo.security.ui/src/main/java/org/argeo/security/ui/views/LogContentProvider.java
index fb1ee13bb..c365f9e6c 100644
--- a/security/plugins/org.argeo.security.ui/src/main/java/org/argeo/security/ui/views/LogContentProvider.java
+++ b/security/plugins/org.argeo.security.ui/src/main/java/org/argeo/security/ui/views/LogContentProvider.java
@@ -118,14 +118,12 @@ class LogContentProvider implements ILazyContentProvider, ArgeoLogListener {
 	// }
 
 	/** Scroll to the last line */
-	protected void scrollToLastLine() {
+	protected synchronized void scrollToLastLine() {
 		// we try to show last line with two methods
 		// viewer.reveal(lines.peekLast());
 
 		Table table = viewer.getTable();
-		TableItem ti = table.getItem(lines.size() - 1);
-		if (ti == null)
-			System.out.println("tableItem is null");
+		TableItem ti = table.getItem(table.getItemCount() - 1);
 		table.showItem(ti);
 	}
 
diff --git a/security/plugins/org.argeo.security.ui/src/main/java/org/argeo/security/ui/views/LogView.java b/security/plugins/org.argeo.security.ui/src/main/java/org/argeo/security/ui/views/LogView.java
index a612bc9f7..56857d3b5 100644
--- a/security/plugins/org.argeo.security.ui/src/main/java/org/argeo/security/ui/views/LogView.java
+++ b/security/plugins/org.argeo.security.ui/src/main/java/org/argeo/security/ui/views/LogView.java
@@ -5,10 +5,14 @@ import java.util.ArrayList;
 import org.argeo.ArgeoLogListener;
 import org.argeo.ArgeoLogger;
 import org.argeo.security.ui.SecurityUiPlugin;
+import org.eclipse.jface.resource.JFaceResources;
 import org.eclipse.jface.viewers.LabelProvider;
 import org.eclipse.jface.viewers.TableViewer;
 import org.eclipse.swt.SWT;
+import org.eclipse.swt.graphics.Font;
 import org.eclipse.swt.widgets.Composite;
+import org.eclipse.swt.widgets.Display;
+import org.eclipse.swt.widgets.Table;
 import org.eclipse.ui.part.ViewPart;
 
 /**
@@ -25,8 +29,13 @@ public class LogView extends ViewPart {
 
 	@Override
 	public void createPartControl(Composite parent) {
-		viewer = new TableViewer(parent, SWT.VIRTUAL | SWT.MULTI | SWT.H_SCROLL
+		Font font = JFaceResources.getTextFontDescriptor().setHeight(8)
+				.createFont(Display.getCurrent());
+		Table table = new Table(parent, SWT.VIRTUAL | SWT.MULTI | SWT.H_SCROLL
 				| SWT.V_SCROLL | SWT.FULL_SELECTION | SWT.BORDER);
+		table.setFont(font);
+
+		viewer = new TableViewer(table);
 		viewer.setLabelProvider(new LabelProvider());
 		logContentProvider = new LogContentProvider(viewer);
 		viewer.setContentProvider(logContentProvider);
diff --git a/security/runtime/org.argeo.security.core/src/main/java/org/argeo/security/core/AbstractSystemExecution.java b/security/runtime/org.argeo.security.core/src/main/java/org/argeo/security/core/AbstractSystemExecution.java
index b12629ab9..c4a5fc6cb 100644
--- a/security/runtime/org.argeo.security.core/src/main/java/org/argeo/security/core/AbstractSystemExecution.java
+++ b/security/runtime/org.argeo.security.core/src/main/java/org/argeo/security/core/AbstractSystemExecution.java
@@ -1,12 +1,9 @@
 package org.argeo.security.core;
 
-import java.security.AccessController;
-
-import javax.security.auth.Subject;
-
 import org.apache.commons.logging.Log;
 import org.apache.commons.logging.LogFactory;
 import org.argeo.ArgeoException;
+import org.argeo.security.SystemAuthentication;
 import org.springframework.security.Authentication;
 import org.springframework.security.AuthenticationManager;
 import org.springframework.security.context.SecurityContext;
@@ -17,7 +14,7 @@ public abstract class AbstractSystemExecution {
 	static {
 		// Forces Spring Security to use inheritable strategy
 		// FIXME find a better place for forcing spring security mode
-		// doesn't work for the time besing
+		// doesn't work for the time being
 //		if (System.getProperty(SecurityContextHolder.SYSTEM_PROPERTY) == null)
 //			SecurityContextHolder
 //					.setStrategyName(SecurityContextHolder.MODE_INHERITABLETHREADLOCAL);
@@ -29,7 +26,7 @@ public abstract class AbstractSystemExecution {
 	private String systemAuthenticationKey;
 
 	/** Whether the current thread was authenticated by this component. */
-	private InheritableThreadLocal<Boolean> authenticatedBySelf = new InheritableThreadLocal<Boolean>() {
+	private ThreadLocal<Boolean> authenticatedBySelf = new ThreadLocal<Boolean>() {
 		protected Boolean initialValue() {
 			return false;
 		}
@@ -44,17 +41,19 @@ public abstract class AbstractSystemExecution {
 			return;
 		SecurityContext securityContext = SecurityContextHolder.getContext();
 		Authentication currentAuth = securityContext.getAuthentication();
-		if (currentAuth != null){
-			throw new ArgeoException(
-					"System execution on an already authenticated thread: "
-							+ currentAuth + ", THREAD="
-							+ Thread.currentThread().getId());
+		if (currentAuth != null) {
+			if (!(currentAuth instanceof SystemAuthentication))
+				throw new ArgeoException(
+						"System execution on an already authenticated thread: "
+								+ currentAuth + ", THREAD="
+								+ Thread.currentThread().getId());
+			return;
 		}
-		Subject subject = Subject.getSubject(AccessController.getContext());
-		if (subject != null
-				&& !subject.getPrincipals(Authentication.class).isEmpty())
-			throw new ArgeoException(
-					"There is already an authenticated subject: " + subject);
+		// Subject subject = Subject.getSubject(AccessController.getContext());
+		// if (subject != null
+		// && !subject.getPrincipals(Authentication.class).isEmpty())
+		// throw new ArgeoException(
+		// "There is already an authenticated subject: " + subject);
 
 		String key = systemAuthenticationKey != null ? systemAuthenticationKey
 				: System.getProperty(
@@ -70,19 +69,17 @@ public abstract class AbstractSystemExecution {
 			log.trace("System authenticated");
 	}
 
-	/** Removes the authentication from the calling thread. */
-	protected void deauthenticateAsSystem() {
-		// remove the authentication
-		SecurityContext securityContext = SecurityContextHolder.getContext();
-		if (securityContext.getAuthentication() != null) {
-			securityContext.setAuthentication(null);
-			authenticatedBySelf.set(false);
-			if (log.isTraceEnabled()) {
-				log.trace("System deauthenticated");
-				// Thread.dumpStack();
-			}
-		}
-	}
+	// /** Removes the authentication from the calling thread. */
+	// protected void deauthenticateAsSystem() {
+	// // remove the authentication
+	// // SecurityContext securityContext = SecurityContextHolder.getContext();
+	// // securityContext.setAuthentication(null);
+	// // authenticatedBySelf.set(false);
+	// if (log.isTraceEnabled()) {
+	// log.trace("System deauthenticated");
+	// // Thread.dumpStack();
+	// }
+	// }
 
 	/**
 	 * Whether the current thread was authenticated by this component or a
diff --git a/security/runtime/org.argeo.security.core/src/main/java/org/argeo/security/core/AuthenticatedApplicationContextInitialization.java b/security/runtime/org.argeo.security.core/src/main/java/org/argeo/security/core/AuthenticatedApplicationContextInitialization.java
index 59f6a5179..f6573e806 100644
--- a/security/runtime/org.argeo.security.core/src/main/java/org/argeo/security/core/AuthenticatedApplicationContextInitialization.java
+++ b/security/runtime/org.argeo.security.core/src/main/java/org/argeo/security/core/AuthenticatedApplicationContextInitialization.java
@@ -2,8 +2,6 @@ package org.argeo.security.core;
 
 import java.beans.PropertyDescriptor;
 
-import org.apache.commons.logging.Log;
-import org.apache.commons.logging.LogFactory;
 import org.springframework.beans.BeansException;
 import org.springframework.beans.PropertyValues;
 import org.springframework.beans.factory.config.InstantiationAwareBeanPostProcessor;
@@ -18,20 +16,17 @@ import org.springframework.context.event.ContextRefreshedEvent;
 public class AuthenticatedApplicationContextInitialization extends
 		AbstractSystemExecution implements InstantiationAwareBeanPostProcessor,
 		ApplicationListener {
-	private Log log = LogFactory
-			.getLog(AuthenticatedApplicationContextInitialization.class);
+	// private Log log = LogFactory
+	// .getLog(AuthenticatedApplicationContextInitialization.class);
 
 	@SuppressWarnings("rawtypes")
 	public Object postProcessBeforeInstantiation(Class beanClass,
 			String beanName) throws BeansException {
-		// we authenticate when any beans is instantiated
+		// we authenticate when any bean is instantiated
 		// we will deauthenticate only when the application context has been
 		// refreshed in order to be able to deal with factory beans has well
 		if (!isAuthenticatedBySelf()) {
 			authenticateAsSystem();
-			if (log.isTraceEnabled())
-				log.trace("Application context initialization authenticated for thread "
-						+ Thread.currentThread().getName());
 		}
 		return null;
 	}
@@ -67,10 +62,7 @@ public class AuthenticatedApplicationContextInitialization extends
 		if (event instanceof ContextRefreshedEvent) {
 			// make sure that we have deauthenticated after the application
 			// context was initialized/refreshed
-			deauthenticateAsSystem();
-			if (log.isTraceEnabled())
-				log.trace("Application context initialization deauthenticated for thread "
-						+ Thread.currentThread().getName());
+			// deauthenticateAsSystem();
 		}
 	}
 
diff --git a/security/runtime/org.argeo.security.core/src/main/java/org/argeo/security/core/KeyBasedSystemExecutionService.java b/security/runtime/org.argeo.security.core/src/main/java/org/argeo/security/core/KeyBasedSystemExecutionService.java
index b5791c587..f41e5d99f 100644
--- a/security/runtime/org.argeo.security.core/src/main/java/org/argeo/security/core/KeyBasedSystemExecutionService.java
+++ b/security/runtime/org.argeo.security.core/src/main/java/org/argeo/security/core/KeyBasedSystemExecutionService.java
@@ -41,7 +41,7 @@ public class KeyBasedSystemExecutionService extends AbstractSystemExecution
 				try {
 					return runnable.call();
 				} finally {
-					deauthenticateAsSystem();
+//					deauthenticateAsSystem();
 				}
 			}
 		};
diff --git a/security/runtime/org.argeo.security.jackrabbit/src/main/java/org/argeo/security/jackrabbit/ArgeoLoginModule.java b/security/runtime/org.argeo.security.jackrabbit/src/main/java/org/argeo/security/jackrabbit/ArgeoLoginModule.java
index 3a18a38b8..49bd304ed 100644
--- a/security/runtime/org.argeo.security.jackrabbit/src/main/java/org/argeo/security/jackrabbit/ArgeoLoginModule.java
+++ b/security/runtime/org.argeo.security.jackrabbit/src/main/java/org/argeo/security/jackrabbit/ArgeoLoginModule.java
@@ -26,6 +26,26 @@ import org.springframework.security.providers.anonymous.AnonymousAuthenticationT
 public class ArgeoLoginModule extends AbstractLoginModule {
 	private String adminRole = "ROLE_ADMIN";
 
+	@Override
+	public boolean login() throws LoginException {
+		boolean loginOk = super.login();
+		if (!loginOk) {
+			org.springframework.security.Authentication authen = (org.springframework.security.Authentication) SecurityContextHolder
+					.getContext().getAuthentication();
+		}
+		return loginOk;
+	}
+
+	@Override
+	public boolean commit() throws LoginException {
+		boolean commitOk = super.commit();
+		if (!commitOk) {
+			org.springframework.security.Authentication authen = (org.springframework.security.Authentication) SecurityContextHolder
+					.getContext().getAuthentication();
+		}
+		return commitOk;
+	}
+
 	/**
 	 * Returns the Spring {@link org.springframework.security.Authentication}
 	 * (which can be null)
@@ -39,9 +59,9 @@ public class ArgeoLoginModule extends AbstractLoginModule {
 
 	protected Set<Principal> getPrincipals() {
 		// clear already registered Jackrabbit principals
-		//clearPrincipals(AdminPrincipal.class);
-		//clearPrincipals(AnonymousPrincipal.class);
-		//clearPrincipals(GrantedAuthorityPrincipal.class);
+		// clearPrincipals(AdminPrincipal.class);
+		// clearPrincipals(AnonymousPrincipal.class);
+		// clearPrincipals(GrantedAuthorityPrincipal.class);
 
 		return syncPrincipals();
 	}
@@ -74,8 +94,8 @@ public class ArgeoLoginModule extends AbstractLoginModule {
 		if (thisCredentials != null)
 			thisCredentials.clear();
 		// override credentials since we did not used the one passed to us
-//		credentials = new SimpleCredentials(authen.getName(), authen
-//				.getCredentials().toString().toCharArray());
+		// credentials = new SimpleCredentials(authen.getName(), authen
+		// .getCredentials().toString().toCharArray());
 
 		return principals;
 	}
-- 
2.30.2