From a4a78ecbc3cfd119477264534c7d0cab541ae6ad Mon Sep 17 00:00:00 2001 From: Mathieu Baudier Date: Tue, 15 Sep 2015 19:36:55 +0000 Subject: [PATCH] Remoting working Clean up code git-svn-id: https://svn.argeo.org/commons/trunk@8403 4cfe0d0a-d680-48aa-b62c-e0a02a3f76cc --- .../org/argeo/cms/internal/kernel/Kernel.java | 18 +-- .../cms/internal/kernel/KernelUtils.java | 55 ++++---- .../argeo/cms/internal/kernel/NodeHttp.java | 125 ++++++++++++------ .../cms/internal/kernel/NodeUserAdmin.java | 11 +- ...java => BundleContextCallbackHandler.java} | 4 +- .../osgi/useradmin/AbstractUserDirectory.java | 6 +- .../osgi/useradmin/LdifAuthorization.java | 1 + .../argeo/osgi/useradmin/LdifUserAdmin.java | 27 +--- .../osgi/useradmin/UserAdminAggregator.java | 9 -- .../osgi/useradmin/UserAdminWorkingCopy.java | 14 -- .../useradmin/UserDirectoryTransaction.java | 26 ---- .../ui/commands/OpenChangePasswordDialog.java | 1 + .../argeo/security/ui/views/UserProfile.java | 1 - 13 files changed, 144 insertions(+), 154 deletions(-) rename org.argeo.security.core/src/org/argeo/osgi/auth/{BundleContextCallbackHander.java => BundleContextCallbackHandler.java} (83%) delete mode 100644 org.argeo.security.core/src/org/argeo/osgi/useradmin/UserAdminAggregator.java delete mode 100644 org.argeo.security.core/src/org/argeo/osgi/useradmin/UserAdminWorkingCopy.java delete mode 100644 org.argeo.security.core/src/org/argeo/osgi/useradmin/UserDirectoryTransaction.java diff --git a/org.argeo.cms/src/org/argeo/cms/internal/kernel/Kernel.java b/org.argeo.cms/src/org/argeo/cms/internal/kernel/Kernel.java index 189dd08d7..08dad56b8 100644 --- a/org.argeo.cms/src/org/argeo/cms/internal/kernel/Kernel.java +++ b/org.argeo.cms/src/org/argeo/cms/internal/kernel/Kernel.java @@ -84,14 +84,6 @@ final class Kernel implements ServiceListener { try { // Transaction transactionManager = new SimpleTransactionManager(); - bundleContext.registerService(TransactionManager.class, - transactionManager, null); - bundleContext.registerService(UserTransaction.class, - transactionManager, null); - bundleContext.registerService( - TransactionSynchronizationRegistry.class, - transactionManager.getTransactionSynchronizationRegistry(), - null); // Jackrabbit node node = new JackrabbitNode(bundleContext); @@ -105,7 +97,7 @@ final class Kernel implements ServiceListener { // Equinox dependency ExtendedHttpService httpService = waitForHttpService(); - nodeHttp = new NodeHttp(httpService, node, nodeSecurity); + nodeHttp = new NodeHttp(httpService, node); // Kernel thread kernelThread = new KernelThread(this); @@ -113,6 +105,14 @@ final class Kernel implements ServiceListener { kernelThread.start(); // Publish services to OSGi + bundleContext.registerService(TransactionManager.class, + transactionManager, null); + bundleContext.registerService(UserTransaction.class, + transactionManager, null); + bundleContext.registerService( + TransactionSynchronizationRegistry.class, + transactionManager.getTransactionSynchronizationRegistry(), + null); nodeSecurity.publish(); node.publish(repositoryFactory); bundleContext.registerService(RepositoryFactory.class, diff --git a/org.argeo.cms/src/org/argeo/cms/internal/kernel/KernelUtils.java b/org.argeo.cms/src/org/argeo/cms/internal/kernel/KernelUtils.java index 579138c0f..1d7e0868e 100644 --- a/org.argeo.cms/src/org/argeo/cms/internal/kernel/KernelUtils.java +++ b/org.argeo.cms/src/org/argeo/cms/internal/kernel/KernelUtils.java @@ -3,25 +3,19 @@ package org.argeo.cms.internal.kernel; import java.io.File; import java.io.IOException; import java.net.URI; -import java.util.Collections; import java.util.Dictionary; import java.util.Enumeration; import java.util.Hashtable; -import java.util.List; import java.util.Properties; +import javax.security.auth.Subject; +import javax.security.auth.login.LoginContext; +import javax.security.auth.login.LoginException; import javax.servlet.http.HttpServletRequest; import org.apache.commons.logging.Log; import org.argeo.cms.CmsException; import org.argeo.cms.KernelHeader; -import org.argeo.cms.internal.auth.GrantedAuthorityPrincipal; -import org.springframework.security.authentication.AnonymousAuthenticationToken; -import org.springframework.security.authentication.AuthenticationManager; -import org.springframework.security.core.Authentication; -import org.springframework.security.core.context.SecurityContextHolder; -import org.springframework.security.core.userdetails.User; -import org.springframework.security.core.userdetails.UserDetails; /** Package utilities */ class KernelUtils implements KernelConstants { @@ -76,25 +70,38 @@ class KernelUtils implements KernelConstants { } // Security - @Deprecated - static void anonymousLogin(AuthenticationManager authenticationManager) { + static Subject anonymousLogin() { + Subject subject = new Subject(); + LoginContext lc; try { - List anonAuthorities = Collections - .singletonList(new GrantedAuthorityPrincipal( - KernelHeader.ROLE_ANONYMOUS)); - UserDetails anonUser = new User(KernelHeader.USERNAME_ANONYMOUS, - "", true, true, true, true, anonAuthorities); - AnonymousAuthenticationToken anonToken = new AnonymousAuthenticationToken( - DEFAULT_SECURITY_KEY, anonUser, anonAuthorities); - Authentication authentication = authenticationManager - .authenticate(anonToken); - SecurityContextHolder.getContext() - .setAuthentication(authentication); - } catch (Exception e) { - throw new CmsException("Cannot authenticate", e); + lc = new LoginContext(KernelHeader.LOGIN_CONTEXT_ANONYMOUS, subject); + lc.login(); + return subject; + } catch (LoginException e) { + throw new CmsException("Cannot login as anonymous", e); } } + // @Deprecated + // static void anonymousLogin(AuthenticationManager authenticationManager) { + // try { + // List anonAuthorities = Collections + // .singletonList(new GrantedAuthorityPrincipal( + // KernelHeader.ROLE_ANONYMOUS)); + // UserDetails anonUser = new User(KernelHeader.USERNAME_ANONYMOUS, + // "", true, true, true, true, anonAuthorities); + // AnonymousAuthenticationToken anonToken = new + // AnonymousAuthenticationToken( + // DEFAULT_SECURITY_KEY, anonUser, anonAuthorities); + // Authentication authentication = authenticationManager + // .authenticate(anonToken); + // SecurityContextHolder.getContext() + // .setAuthentication(authentication); + // } catch (Exception e) { + // throw new CmsException("Cannot authenticate", e); + // } + // } + // HTTP static void logRequestHeaders(Log log, HttpServletRequest request) { if (!log.isDebugEnabled()) diff --git a/org.argeo.cms/src/org/argeo/cms/internal/kernel/NodeHttp.java b/org.argeo.cms/src/org/argeo/cms/internal/kernel/NodeHttp.java index 9a35e279c..964ada11e 100644 --- a/org.argeo.cms/src/org/argeo/cms/internal/kernel/NodeHttp.java +++ b/org.argeo.cms/src/org/argeo/cms/internal/kernel/NodeHttp.java @@ -1,14 +1,21 @@ package org.argeo.cms.internal.kernel; -import static org.argeo.jackrabbit.servlet.WebdavServlet.INIT_PARAM_RESOURCE_CONFIG; - import java.io.IOException; +import java.security.PrivilegedActionException; +import java.security.PrivilegedExceptionAction; import java.security.cert.X509Certificate; import java.util.Enumeration; import java.util.Properties; import java.util.StringTokenizer; import javax.jcr.Repository; +import javax.security.auth.Subject; +import javax.security.auth.callback.Callback; +import javax.security.auth.callback.CallbackHandler; +import javax.security.auth.callback.NameCallback; +import javax.security.auth.callback.PasswordCallback; +import javax.security.auth.login.LoginContext; +import javax.security.auth.login.LoginException; import javax.servlet.FilterChain; import javax.servlet.Servlet; import javax.servlet.ServletException; @@ -20,17 +27,13 @@ import org.apache.commons.codec.binary.Base64; import org.apache.commons.logging.Log; import org.apache.commons.logging.LogFactory; import org.argeo.cms.CmsException; +import org.argeo.cms.KernelHeader; import org.argeo.jackrabbit.servlet.OpenInViewSessionProvider; import org.argeo.jackrabbit.servlet.RemotingServlet; import org.argeo.jackrabbit.servlet.WebdavServlet; import org.argeo.jcr.ArgeoJcrConstants; -import org.argeo.security.NodeAuthenticationToken; import org.eclipse.equinox.http.servlet.ExtendedHttpService; import org.osgi.service.http.NamespaceException; -import org.springframework.security.authentication.AuthenticationManager; -import org.springframework.security.authentication.UsernamePasswordAuthenticationToken; -import org.springframework.security.core.Authentication; -import org.springframework.security.core.context.SecurityContextHolder; /** * Intercepts and enriches http access, mainly focusing on security and @@ -43,7 +46,7 @@ class NodeHttp implements KernelConstants, ArgeoJcrConstants { private final static String HEADER_AUTHORIZATION = "Authorization"; private final static String HEADER_WWW_AUTHENTICATE = "WWW-Authenticate"; - private final AuthenticationManager authenticationManager; + // private final AuthenticationManager authenticationManager; private final ExtendedHttpService httpService; // FIXME Make it more unique @@ -57,10 +60,9 @@ class NodeHttp implements KernelConstants, ArgeoJcrConstants { // WebDav / JCR remoting private OpenInViewSessionProvider sessionProvider; - NodeHttp(ExtendedHttpService httpService, JackrabbitNode node, - NodeSecurity authenticationManager) { + NodeHttp(ExtendedHttpService httpService, JackrabbitNode node) { // this.bundleContext = bundleContext; - this.authenticationManager = authenticationManager; + // this.authenticationManager = authenticationManager; this.httpService = httpService; @@ -108,7 +110,7 @@ class NodeHttp implements KernelConstants, ArgeoJcrConstants { String pathPrefix = anonymous ? WEBDAV_PUBLIC : WEBDAV_PRIVATE; String path = pathPrefix + "/" + alias; Properties ip = new Properties(); - ip.setProperty(INIT_PARAM_RESOURCE_CONFIG, WEBDAV_CONFIG); + ip.setProperty(WebdavServlet.INIT_PARAM_RESOURCE_CONFIG, WEBDAV_CONFIG); ip.setProperty(WebdavServlet.INIT_PARAM_RESOURCE_PATH_PREFIX, path); httpService.registerFilter(path, anonymous ? new AnonymousFilter() : new DavFilter(), null, null); @@ -149,24 +151,35 @@ class NodeHttp implements KernelConstants, ArgeoJcrConstants { httpSession.setAttribute(ATTR_AUTH, Boolean.TRUE); } - private NodeAuthenticationToken basicAuth(String authHeader) { + private CallbackHandler basicAuth(String authHeader) { if (authHeader != null) { StringTokenizer st = new StringTokenizer(authHeader); if (st.hasMoreTokens()) { String basic = st.nextToken(); if (basic.equalsIgnoreCase("Basic")) { try { + // TODO manipulate char[] String credentials = new String(Base64.decodeBase64(st .nextToken()), "UTF-8"); // log.debug("Credentials: " + credentials); int p = credentials.indexOf(":"); if (p != -1) { - String login = credentials.substring(0, p).trim(); - String password = credentials.substring(p + 1) + final String login = credentials.substring(0, p) .trim(); - - return new NodeAuthenticationToken(login, - password.toCharArray()); + final char[] password = credentials + .substring(p + 1).trim().toCharArray(); + + return new CallbackHandler() { + public void handle(Callback[] callbacks) { + for (Callback cb : callbacks) { + if (cb instanceof NameCallback) + ((NameCallback) cb).setName(login); + else if (cb instanceof PasswordCallback) + ((PasswordCallback) cb) + .setPassword(password); + } + } + }; } else { throw new CmsException( "Invalid authentication token"); @@ -275,8 +288,10 @@ class NodeHttp implements KernelConstants, ArgeoJcrConstants { private class AnonymousFilter extends HttpFilter { @Override public void doFilter(HttpSession httpSession, - HttpServletRequest request, HttpServletResponse response, - FilterChain filterChain) throws IOException, ServletException { + final HttpServletRequest request, + final HttpServletResponse response, + final FilterChain filterChain) throws IOException, + ServletException { // Authenticate from session // if (isSessionAuthenticated(httpSession)) { @@ -284,8 +299,22 @@ class NodeHttp implements KernelConstants, ArgeoJcrConstants { // return; // } - KernelUtils.anonymousLogin(authenticationManager); - filterChain.doFilter(request, response); + Subject subject = KernelUtils.anonymousLogin(); + try { + Subject.doAs(subject, new PrivilegedExceptionAction() { + public Void run() throws IOException, ServletException { + filterChain.doFilter(request, response); + return null; + } + }); + } catch (PrivilegedActionException e) { + if (e.getCause() instanceof ServletException) + throw (ServletException) e.getCause(); + else if (e.getCause() instanceof IOException) + throw (IOException) e.getCause(); + else + throw new CmsException("Unexpected exception", e.getCause()); + } } } @@ -294,25 +323,47 @@ class NodeHttp implements KernelConstants, ArgeoJcrConstants { @Override public void doFilter(HttpSession httpSession, - HttpServletRequest request, HttpServletResponse response, - FilterChain filterChain) throws IOException, ServletException { - - // Authenticate from session - // if (isSessionAuthenticated(httpSession)) { - // filterChain.doFilter(request, response); - // return; - // } + final HttpServletRequest request, + final HttpServletResponse response, + final FilterChain filterChain) throws IOException, + ServletException { // Process basic auth String basicAuth = request.getHeader(HEADER_AUTHORIZATION); if (basicAuth != null) { - UsernamePasswordAuthenticationToken token = basicAuth(basicAuth); - Authentication auth = authenticationManager.authenticate(token); - SecurityContextHolder.getContext().setAuthentication(auth); - // httpSession.setAttribute(SPRING_SECURITY_CONTEXT_KEY, - // SecurityContextHolder.getContext()); - // httpSession.setAttribute(ATTR_AUTH, Boolean.FALSE); - filterChain.doFilter(request, response); + CallbackHandler token = basicAuth(basicAuth); + // FIXME Login + // Authentication auth = + // authenticationManager.authenticate(token); + // SecurityContextHolder.getContext().setAuthentication(auth); + // filterChain.doFilter(request, response); + Subject subject; + try { + LoginContext lc = new LoginContext( + KernelHeader.LOGIN_CONTEXT_USER, token); + lc.login(); + subject = lc.getSubject(); + } catch (LoginException e) { + throw new CmsException("Could not login", e); + } + try { + Subject.doAs(subject, + new PrivilegedExceptionAction() { + public Void run() throws IOException, + ServletException { + filterChain.doFilter(request, response); + return null; + } + }); + } catch (PrivilegedActionException e) { + if (e.getCause() instanceof ServletException) + throw (ServletException) e.getCause(); + else if (e.getCause() instanceof IOException) + throw (IOException) e.getCause(); + else + throw new CmsException("Unexpected exception", + e.getCause()); + } return; } diff --git a/org.argeo.cms/src/org/argeo/cms/internal/kernel/NodeUserAdmin.java b/org.argeo.cms/src/org/argeo/cms/internal/kernel/NodeUserAdmin.java index e396ca09e..9227eaeb9 100644 --- a/org.argeo.cms/src/org/argeo/cms/internal/kernel/NodeUserAdmin.java +++ b/org.argeo.cms/src/org/argeo/cms/internal/kernel/NodeUserAdmin.java @@ -26,7 +26,6 @@ import org.argeo.osgi.useradmin.AbstractUserDirectory; import org.argeo.osgi.useradmin.LdapProperties; import org.argeo.osgi.useradmin.LdapUserAdmin; import org.argeo.osgi.useradmin.LdifUserAdmin; -import org.argeo.osgi.useradmin.UserAdminAggregator; import org.argeo.osgi.useradmin.UserDirectoryException; import org.osgi.framework.InvalidSyntaxException; import org.osgi.service.useradmin.Authorization; @@ -34,7 +33,7 @@ import org.osgi.service.useradmin.Role; import org.osgi.service.useradmin.User; import org.osgi.service.useradmin.UserAdmin; -public class NodeUserAdmin implements UserAdmin, UserAdminAggregator { +public class NodeUserAdmin implements UserAdmin { private final static Log log = LogFactory.getLog(NodeUserAdmin.class); final static LdapName ROLES_BASE; static { @@ -49,8 +48,6 @@ public class NodeUserAdmin implements UserAdmin, UserAdminAggregator { private UserAdmin nodeRoles = null; private Map userAdmins = new HashMap(); - private TransactionManager transactionManager; - public NodeUserAdmin() { File osgiInstanceDir = KernelUtils.getOsgiInstanceDir(); File nodeBaseDir = new File(osgiInstanceDir, "node"); @@ -207,6 +204,9 @@ public class NodeUserAdmin implements UserAdmin, UserAdminAggregator { @Override public Authorization getAuthorization(User user) { + if (user == null) { + return nodeRoles.getAuthorization(null); + } UserAdmin userAdmin = findUserAdmin(user.getName()); Authorization rawAuthorization = userAdmin.getAuthorization(user); // gather system roles @@ -224,7 +224,6 @@ public class NodeUserAdmin implements UserAdmin, UserAdminAggregator { // // USER ADMIN AGGREGATOR // - @Override public synchronized void addUserAdmin(String baseDn, UserAdmin userAdmin) { if (baseDn.equals(KernelHeader.ROLES_BASEDN)) { nodeRoles = userAdmin; @@ -242,7 +241,6 @@ public class NodeUserAdmin implements UserAdmin, UserAdminAggregator { } } - @Override public synchronized void removeUserAdmin(String baseDn) { if (baseDn.equals(KernelHeader.ROLES_BASEDN)) throw new UserDirectoryException("Node roles cannot be removed."); @@ -285,7 +283,6 @@ public class NodeUserAdmin implements UserAdmin, UserAdminAggregator { } public void setTransactionManager(TransactionManager transactionManager) { - this.transactionManager = transactionManager; if (nodeRoles instanceof AbstractUserDirectory) ((AbstractUserDirectory) nodeRoles) .setTransactionManager(transactionManager); diff --git a/org.argeo.security.core/src/org/argeo/osgi/auth/BundleContextCallbackHander.java b/org.argeo.security.core/src/org/argeo/osgi/auth/BundleContextCallbackHandler.java similarity index 83% rename from org.argeo.security.core/src/org/argeo/osgi/auth/BundleContextCallbackHander.java rename to org.argeo.security.core/src/org/argeo/osgi/auth/BundleContextCallbackHandler.java index 60510b5bb..37733e0eb 100644 --- a/org.argeo.security.core/src/org/argeo/osgi/auth/BundleContextCallbackHander.java +++ b/org.argeo.security.core/src/org/argeo/osgi/auth/BundleContextCallbackHandler.java @@ -8,10 +8,10 @@ import javax.security.auth.callback.UnsupportedCallbackException; import org.osgi.framework.BundleContext; -public class BundleContextCallbackHander implements CallbackHandler { +public class BundleContextCallbackHandler implements CallbackHandler { private final BundleContext bundleContext; - public BundleContextCallbackHander(BundleContext bundleContext) { + public BundleContextCallbackHandler(BundleContext bundleContext) { this.bundleContext = bundleContext; } diff --git a/org.argeo.security.core/src/org/argeo/osgi/useradmin/AbstractUserDirectory.java b/org.argeo.security.core/src/org/argeo/osgi/useradmin/AbstractUserDirectory.java index 95e1fc0b6..f68940002 100644 --- a/org.argeo.security.core/src/org/argeo/osgi/useradmin/AbstractUserDirectory.java +++ b/org.argeo.security.core/src/org/argeo/osgi/useradmin/AbstractUserDirectory.java @@ -26,7 +26,6 @@ import javax.naming.ldap.Rdn; import javax.transaction.SystemException; import javax.transaction.Transaction; import javax.transaction.TransactionManager; -import javax.transaction.TransactionSynchronizationRegistry; import javax.transaction.xa.XAException; import javax.transaction.xa.XAResource; import javax.transaction.xa.Xid; @@ -209,6 +208,7 @@ public abstract class AbstractUserDirectory implements UserAdmin { return user; } + @SuppressWarnings("unchecked") @Override public Role[] getRoles(String filter) throws InvalidSyntaxException { WorkingCopy wc = getWorkingCopy(); @@ -411,6 +411,10 @@ public abstract class AbstractUserDirectory implements UserAdmin { return groupObjectClass; } + protected Dictionary getProperties() { + return properties; + } + public void setExternalRoles(UserAdmin externalRoles) { this.externalRoles = externalRoles; } diff --git a/org.argeo.security.core/src/org/argeo/osgi/useradmin/LdifAuthorization.java b/org.argeo.security.core/src/org/argeo/osgi/useradmin/LdifAuthorization.java index 3a2aeca2e..147001b0a 100644 --- a/org.argeo.security.core/src/org/argeo/osgi/useradmin/LdifAuthorization.java +++ b/org.argeo.security.core/src/org/argeo/osgi/useradmin/LdifAuthorization.java @@ -14,6 +14,7 @@ public class LdifAuthorization implements Authorization { private final String displayName; private final List allRoles; + @SuppressWarnings("unchecked") public LdifAuthorization(User user, List allRoles) { if (user == null) { this.name = null; diff --git a/org.argeo.security.core/src/org/argeo/osgi/useradmin/LdifUserAdmin.java b/org.argeo.security.core/src/org/argeo/osgi/useradmin/LdifUserAdmin.java index 9bf558b31..750d6a82a 100644 --- a/org.argeo.security.core/src/org/argeo/osgi/useradmin/LdifUserAdmin.java +++ b/org.argeo.security.core/src/org/argeo/osgi/useradmin/LdifUserAdmin.java @@ -89,6 +89,7 @@ public class LdifUserAdmin extends AbstractUserDirectory { } } + @SuppressWarnings("unchecked") protected void load(InputStream in) { try { users.clear(); @@ -112,16 +113,12 @@ public class LdifUserAdmin extends AbstractUserDirectory { } } - // optimise - // for (LdifGroup group : groups.values()) - // loadMembers(group); - // indexes for (String attr : getIndexedUserProperties()) userIndexes.put(attr, new TreeMap()); for (DirectoryUser user : users.values()) { - Dictionary properties = user.getProperties(); + Dictionary properties = user.getProperties(); for (String attr : getIndexedUserProperties()) { Object value = properties.get(attr); if (value != null) { @@ -160,25 +157,7 @@ public class LdifUserAdmin extends AbstractUserDirectory { return users.containsKey(dn) || groups.containsKey(dn); } - // @Override - // public boolean removeRole(String name) { - // LdapName dn = toDn(name); - // LdifUser role = null; - // if (users.containsKey(dn)) - // role = users.remove(dn); - // else if (groups.containsKey(dn)) - // role = groups.remove(dn); - // else - // throw new UserDirectoryException("There is no role " + name); - // if (role == null) - // return false; - // for (LdifGroup group : getDirectGroups(role)) { - // group.getAttributes().get(getMemberAttributeId()) - // .remove(dn.toString()); - // } - // return true; - // } - + @SuppressWarnings("unchecked") protected List doGetRoles(Filter f) { ArrayList res = new ArrayList(); if (f == null) { diff --git a/org.argeo.security.core/src/org/argeo/osgi/useradmin/UserAdminAggregator.java b/org.argeo.security.core/src/org/argeo/osgi/useradmin/UserAdminAggregator.java deleted file mode 100644 index 9113117aa..000000000 --- a/org.argeo.security.core/src/org/argeo/osgi/useradmin/UserAdminAggregator.java +++ /dev/null @@ -1,9 +0,0 @@ -package org.argeo.osgi.useradmin; - -import org.osgi.service.useradmin.UserAdmin; - -public interface UserAdminAggregator { - public void addUserAdmin(String baseDn, UserAdmin userAdmin); - - public void removeUserAdmin(String baseDn); -} diff --git a/org.argeo.security.core/src/org/argeo/osgi/useradmin/UserAdminWorkingCopy.java b/org.argeo.security.core/src/org/argeo/osgi/useradmin/UserAdminWorkingCopy.java deleted file mode 100644 index 7103d7ac6..000000000 --- a/org.argeo.security.core/src/org/argeo/osgi/useradmin/UserAdminWorkingCopy.java +++ /dev/null @@ -1,14 +0,0 @@ -package org.argeo.osgi.useradmin; - -import org.osgi.service.useradmin.Role; -import org.osgi.service.useradmin.UserAdmin; - -public interface UserAdminWorkingCopy extends UserAdmin { - public void commit(); - - public void rollback(); - - public Boolean isEditable(Role role); - - public T getPublished(T role); -} diff --git a/org.argeo.security.core/src/org/argeo/osgi/useradmin/UserDirectoryTransaction.java b/org.argeo.security.core/src/org/argeo/osgi/useradmin/UserDirectoryTransaction.java deleted file mode 100644 index 24e3cbeab..000000000 --- a/org.argeo.security.core/src/org/argeo/osgi/useradmin/UserDirectoryTransaction.java +++ /dev/null @@ -1,26 +0,0 @@ -package org.argeo.osgi.useradmin; - -import javax.transaction.UserTransaction; - -import org.osgi.service.useradmin.UserAdmin; - -class UserDirectoryTransaction { - static ThreadLocal current = new ThreadLocal(); - - private UserAdmin userAdmin; - - private UserTransaction userTransaction; - - public UserDirectoryTransaction(UserAdmin userAdmin) { - this.userAdmin = userAdmin; - if (current.get() != null) - throw new UserDirectoryException("Transaction " + current.get() - + " already active."); - current.set(this); - } - - public void setUserTransaction(UserTransaction userTransaction) { - this.userTransaction = userTransaction; - } - -} diff --git a/org.argeo.security.ui/src/org/argeo/security/ui/commands/OpenChangePasswordDialog.java b/org.argeo.security.ui/src/org/argeo/security/ui/commands/OpenChangePasswordDialog.java index b930b6633..560cc8bc9 100644 --- a/org.argeo.security.ui/src/org/argeo/security/ui/commands/OpenChangePasswordDialog.java +++ b/org.argeo.security.ui/src/org/argeo/security/ui/commands/OpenChangePasswordDialog.java @@ -63,6 +63,7 @@ public class OpenChangePasswordDialog extends AbstractHandler { return null; } + @SuppressWarnings("unchecked") protected void changePassword(char[] oldPassword, char[] newPassword) { Subject subject = Subject.getSubject(AccessController.getContext()); String name = subject.getPrincipals(X500Principal.class).iterator() diff --git a/org.argeo.security.ui/src/org/argeo/security/ui/views/UserProfile.java b/org.argeo.security.ui/src/org/argeo/security/ui/views/UserProfile.java index dd7f6cdd2..83438e8aa 100644 --- a/org.argeo.security.ui/src/org/argeo/security/ui/views/UserProfile.java +++ b/org.argeo.security.ui/src/org/argeo/security/ui/views/UserProfile.java @@ -30,7 +30,6 @@ import org.eclipse.swt.layout.GridLayout; import org.eclipse.swt.widgets.Composite; import org.eclipse.swt.widgets.Table; import org.eclipse.ui.part.ViewPart; -import org.springframework.security.core.Authentication; /** Information about the currently logged in user */ public class UserProfile extends ViewPart { -- 2.30.2