import org.argeo.cms.CmsException;
import org.argeo.cms.auth.CurrentUser;
import org.argeo.cms.auth.HttpRequestCallbackHandler;
-import org.argeo.cms.auth.CmsAuthenticated;
import org.argeo.eclipse.ui.specific.UiContext;
import org.argeo.jcr.JcrUtils;
import org.argeo.node.NodeConstants;
@Override
protected final void createContents(final Composite parent) {
- UiContext.setData(CmsAuthenticated.KEY, this);
+ UiContext.setData(CmsView.KEY, this);
Subject.doAs(getSubject(), new PrivilegedAction<Void>() {
@Override
public Void run() {
// public LoginContext getLoginContext() {
// return loginContext;
// }
- public Subject getSubject() {
+ protected Subject getSubject() {
return loginContext.getSubject();
}
+ @Override
+ public boolean isAnonymous() {
+ return CurrentUser.isAnonymous(getSubject());
+ }
+
@Override
public synchronized void logout() {
if (loginContext == null)
@Override
public void navigated(BrowserNavigationEvent event) {
setState(event.getState());
- refresh();
+ doRefresh();
}
}
}
\ No newline at end of file
import javax.security.auth.login.LoginContext;
-import org.argeo.cms.auth.CmsAuthenticated;
+/** Provides interaction with the CMS system. */
+public interface CmsView {
+ String KEY = "org.argeo.cms.ui.view";
-/** Provides interaction with the CMS system. UNSTABLE API at this stage. */
-public interface CmsView extends CmsAuthenticated {
UxContext getUxContext();
// NAVIGATION
void authChange(LoginContext loginContext);
void logout();
-
-// void registerCallbackHandler(CallbackHandler callbackHandler);
+
+ // void registerCallbackHandler(CallbackHandler callbackHandler);
// SERVICES
void exception(Throwable e);
CmsImageManager getImageManager();
+
+ boolean isAnonymous();
}
import org.apache.commons.io.IOUtils;
import org.argeo.cms.CmsException;
-import org.argeo.cms.auth.CmsAuthenticated;
import org.argeo.cms.ui.CmsConstants;
import org.argeo.cms.ui.CmsView;
import org.argeo.eclipse.ui.specific.UiContext;
* this call.
*/
public static CmsView getCmsView() {
- return UiContext.getData(CmsAuthenticated.KEY);
+ return UiContext.getData(CmsView.KEY);
}
public static StringBuilder getServerBaseUrl(HttpServletRequest request) {
import org.apache.commons.logging.LogFactory;
import org.argeo.cms.CmsException;
import org.argeo.cms.auth.CurrentUser;
-import org.argeo.cms.auth.CmsAuthenticated;
import org.argeo.cms.ui.CmsImageManager;
import org.argeo.cms.ui.CmsView;
import org.argeo.cms.ui.UxContext;
@Override
public int createUI() {
final Display display = createDisplay();
- UiContext.setData(CmsAuthenticated.KEY, this);
+ UiContext.setData(CmsView.KEY, this);
CmsLoginShell loginShell = createCmsLoginShell();
try {
// try pre-auth
}
}
- if (CurrentUser.getUsername() == null)
+ if (CurrentUser.getUsername(getSubject()) == null)
return -1;
uxContext = new SimpleUxContext();
return postLogin();
// return loginContext;
// }
- public Subject getSubject() {
+ protected Subject getSubject() {
return loginContext.getSubject();
}
+ @Override
+ public boolean isAnonymous() {
+ return CurrentUser.isAnonymous(getSubject());
+ }
+
@Override
public CmsImageManager getImageManager() {
// TODO Auto-generated method stub
+++ /dev/null
-package org.argeo.cms.util;
-
-import org.eclipse.swt.events.MouseAdapter;
-import org.eclipse.swt.events.MouseEvent;
-import org.eclipse.swt.widgets.Control;
-
-/** Open the user menu when clicked */
-@Deprecated
-public class OpenUserMenu extends MouseAdapter {
- private static final long serialVersionUID = 3634864186295639792L;
-
- @Override
- public void mouseDown(MouseEvent e) {
- if (e.button == 1) {
- new UserMenu((Control) e.getSource());
- }
- }
-}
\ No newline at end of file
import org.argeo.cms.ui.CmsUiProvider;
import org.argeo.cms.ui.LifeCycleUiProvider;
import org.argeo.jcr.JcrUtils;
+import org.argeo.node.NodeConstants;
import org.eclipse.rap.rwt.RWT;
import org.eclipse.rap.rwt.application.Application;
import org.eclipse.rap.rwt.application.Application.OperationMode;
private Repository repository;
private String workspace = null;
private String jcrBasePath = "/";
- private List<String> roPrincipals = Arrays.asList("anonymous", "everyone");
- private List<String> rwPrincipals = Arrays.asList("everyone");
+ private List<String> roPrincipals = Arrays.asList(NodeConstants.ROLE_ANONYMOUS, NodeConstants.ROLE_USER);
+ private List<String> rwPrincipals = Arrays.asList(NodeConstants.ROLE_USER);
private CmsUiProvider header;
private Map<String, CmsUiProvider> pages = new LinkedHashMap<String, CmsUiProvider>();
try {
session = JcrUtils.loginOrCreateWorkspace(repository, workspace);
VersionManager vm = session.getWorkspace().getVersionManager();
- if (!vm.isCheckedOut("/"))
- vm.checkout("/");
JcrUtils.mkdirs(session, jcrBasePath);
+ session.save();
+ if (!vm.isCheckedOut(jcrBasePath))
+ vm.checkout(jcrBasePath);
for (String principal : rwPrincipals)
JcrUtils.addPrivilege(session, jcrBasePath, principal, Privilege.JCR_WRITE);
for (String principal : roPrincipals)
import org.apache.commons.logging.Log;
import org.apache.commons.logging.LogFactory;
import org.argeo.cms.CmsMsg;
-import org.argeo.cms.auth.CurrentUser;
import org.argeo.cms.auth.HttpRequestCallback;
import org.argeo.cms.i18n.LocaleUtils;
import org.argeo.cms.ui.CmsStyles;
}
protected boolean isAnonymous() {
- return CurrentUser.isAnonymous(cmsView.getSubject());
+ return cmsView.isAnonymous();
}
public final void createUi(Composite parent) {
protected boolean login() {
// Subject subject = cmsView.getLoginContext().getSubject();
-// LoginContext loginContext = cmsView.getLoginContext();
+ // LoginContext loginContext = cmsView.getLoginContext();
try {
//
// LOGIN
//
-// loginContext.logout();
+ // loginContext.logout();
LoginContext loginContext = new LoginContext(NodeConstants.LOGIN_CONTEXT_USER, this);
loginContext.login();
cmsView.authChange(loginContext);
package org.argeo.cms.auth;
+import java.util.Locale;
import java.util.Map;
import javax.security.auth.Subject;
public boolean commit() throws LoginException {
UserAdmin userAdmin = bc.getService(bc.getServiceReference(UserAdmin.class));
Authorization authorization = userAdmin.getAuthorization(null);
- CmsAuthUtils.addAuthorization(subject, authorization,
- (HttpServletRequest) sharedState.get(CmsAuthUtils.SHARED_STATE_HTTP_REQUEST));
+ HttpServletRequest request = (HttpServletRequest) sharedState.get(CmsAuthUtils.SHARED_STATE_HTTP_REQUEST);
+ Locale locale = Locale.getDefault();
+ if (request != null)
+ locale = request.getLocale();
+ CmsAuthUtils.addAuthorization(subject, authorization, locale, request);
if (log.isDebugEnabled())
log.debug("Anonymous logged in to CMS: " + subject);
return true;
package org.argeo.cms.auth;
import java.security.Principal;
+import java.util.Locale;
import java.util.Set;
import java.util.UUID;
final static String HEADER_AUTHORIZATION = "Authorization";
final static String HEADER_WWW_AUTHENTICATE = "WWW-Authenticate";
- static void addAuthorization(Subject subject, Authorization authorization, HttpServletRequest request) {
+ static void addAuthorization(Subject subject, Authorization authorization, Locale locale,
+ HttpServletRequest request) {
assert subject != null;
checkSubjectEmpty(subject);
assert authorization != null;
throw new CmsException("Cannot commit", e);
}
- registerSessionAuthorization(request, subject, authorization);
+ registerSessionAuthorization(request, subject, authorization, locale);
}
private static void checkSubjectEmpty(Subject subject) {
}
private static void registerSessionAuthorization(HttpServletRequest request, Subject subject,
- Authorization authorization) {
+ Authorization authorization, Locale locale) {
if (request != null) {
HttpSession httpSession = request.getSession(false);
String httpSessId = httpSession.getId();
request.setAttribute(HttpContext.REMOTE_USER, remoteUser);
request.setAttribute(HttpContext.AUTHORIZATION, authorization);
- CmsSessionImpl cmsSession = (CmsSessionImpl) CmsSessionImpl.getByLocalId(httpSessId);
+ CmsSessionImpl cmsSession = CmsSessionImpl.getByLocalId(httpSessId);
if (cmsSession != null) {
if (authorization.getName() != null) {
if (cmsSession.getAuthorization().getName() == null) {
}
if (cmsSession == null)
- cmsSession = new WebCmsSessionImpl(subject, authorization, request);
+ cmsSession = new WebCmsSessionImpl(subject, authorization, locale, request);
// request.setAttribute(CmsSession.class.getName(), cmsSession);
CmsSessionId nodeSessionId = new CmsSessionId(cmsSession.getUuid());
if (subject.getPrivateCredentials(CmsSessionId.class).size() == 0)
+++ /dev/null
-package org.argeo.cms.auth;
-
-import javax.security.auth.Subject;
-
-public interface CmsAuthenticated {
- String KEY = "org.argeo.cms.authenticated";
-
- Subject getSubject();
-// LoginContext getLoginContext();
-
-}
package org.argeo.cms.auth;
import java.time.ZonedDateTime;
+import java.util.Locale;
import java.util.UUID;
import javax.naming.ldap.LdapName;
ZonedDateTime getCreationTime();
ZonedDateTime getEnd();
+
+ Locale getLocale();
boolean isValid();
import org.apache.commons.logging.LogFactory;
import org.argeo.cms.CmsException;
import org.argeo.cms.internal.auth.CmsSessionImpl;
-import org.argeo.eclipse.ui.specific.UiContext;
import org.argeo.node.NodeConstants;
import org.osgi.service.useradmin.Authorization;
*/
public final class CurrentUser {
private final static Log log = LogFactory.getLog(CurrentUser.class);
-// private final static BundleContext bc = FrameworkUtil.getBundle(CurrentUser.class).getBundleContext();
+ // private final static BundleContext bc =
+ // FrameworkUtil.getBundle(CurrentUser.class).getBundleContext();
/*
* CURRENT USER API
*/
String username = getUsername(subject);
return username == null || username.equalsIgnoreCase(NodeConstants.ROLE_ANONYMOUS);
}
+
+ public CmsSession getCmsSession() {
+ Subject subject = currentSubject();
+ CmsSessionId cmsSessionId = subject.getPrivateCredentials(CmsSessionId.class).iterator().next();
+ return CmsSessionImpl.getByUuid(cmsSessionId.getUuid());
+ }
+
/*
* HELPERS
*/
-
private static Subject currentSubject() {
- CmsAuthenticated cmsView = getNodeAuthenticated();
- if (cmsView != null)
- return cmsView.getSubject();
- Subject subject = Subject.getSubject(AccessController.getContext());
+ // CmsAuthenticated cmsView = getNodeAuthenticated();
+ // if (cmsView != null)
+ // return cmsView.getSubject();
+ Subject subject = getAccessControllerSubject();
if (subject != null)
return subject;
throw new CmsException("Cannot find related subject");
}
+ private static Subject getAccessControllerSubject() {
+ return Subject.getSubject(AccessController.getContext());
+ }
+
+ // public static boolean isAuthenticated() {
+ // return getAccessControllerSubject() != null;
+ // }
+
/**
* The node authenticated component (typically a CMS view) related to this
* display, or null if none is available from this call. <b>Not API: Only
* for low-level access.</b>
*/
- private static CmsAuthenticated getNodeAuthenticated() {
- return UiContext.getData(CmsAuthenticated.KEY);
- }
+ // private static CmsAuthenticated getNodeAuthenticated() {
+ // return UiContext.getData(CmsAuthenticated.KEY);
+ // }
private static Authorization getAuthorization(Subject subject) {
return subject.getPrivateCredentials(Authorization.class).iterator().next();
nodeSessionId = subject.getPrivateCredentials(CmsSessionId.class).iterator().next().getUuid();
else
return false;
- CmsSessionImpl cmsSession = (CmsSessionImpl) CmsSessionImpl.getByUuid(nodeSessionId.toString());
+ CmsSessionImpl cmsSession = CmsSessionImpl.getByUuid(nodeSessionId.toString());
cmsSession.close();
- // Collection<ServiceReference<CmsSession>> srs;
- // try {
- // srs = bc.getServiceReferences(CmsSession.class, "(" +
- // CmsSession.SESSION_UUID + "=" + nodeSessionId + ")");
- // } catch (InvalidSyntaxException e) {
- // throw new CmsException("Cannot retrieve CMS session #" +
- // nodeSessionId, e);
- // }
- //
- // if (srs.size() == 0) {
- // // if (log.isTraceEnabled())
- // // log.warn("No CMS web session found for http session " +
- // // nodeSessionId);
- // return false;
- // } else if (srs.size() > 1)
- // throw new CmsException(srs.size() + " CMS web sessions found for http
- // session " + nodeSessionId);
- //
- // WebCmsSessionImpl cmsSession = (WebCmsSessionImpl)
- // bc.getService(srs.iterator().next());
-// cmsSession.cleanUp();
- // subject.getPrivateCredentials().removeAll(subject.getPrivateCredentials(CmsSessionId.class));
if (log.isDebugEnabled())
log.debug("Logged out CMS session " + cmsSession.getUuid());
return true;
import javax.security.auth.callback.Callback;
import javax.security.auth.callback.CallbackHandler;
+import javax.security.auth.callback.LanguageCallback;
import javax.security.auth.callback.UnsupportedCallbackException;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
if (callback instanceof HttpRequestCallback) {
((HttpRequestCallback) callback).setRequest(request);
((HttpRequestCallback) callback).setResponse(response);
+ } else if (callback instanceof LanguageCallback) {
+ ((LanguageCallback) callback).setLocale(request.getLocale());
}
}
}
if (authorization != null) {
- CmsAuthUtils.addAuthorization(subject, authorization, request);
+ CmsAuthUtils.addAuthorization(subject, authorization, request.getLocale(), request);
cleanUp();
return true;
} else {
import org.apache.commons.logging.Log;
import org.apache.commons.logging.LogFactory;
import org.argeo.cms.CmsException;
-import org.argeo.eclipse.ui.specific.UiContext;
import org.argeo.naming.LdapAttrs;
import org.argeo.osgi.useradmin.IpaUtils;
import org.osgi.framework.BundleContext;
// private state
private BundleContext bc;
private User authenticatedUser = null;
+ private Locale locale;
@SuppressWarnings("unchecked")
@Override
}
// i18n
- Locale locale = langCallback.getLocale();
+ locale = langCallback.getLocale();
if (locale == null)
locale = Locale.getDefault();
- UiContext.setLocale(locale);
+ // FIXME add it to Subject
+ // UiContext.setLocale(locale);
username = nameCallback.getName();
if (username == null || username.trim().equals("")) {
"User admin found no authorization for authenticated user " + authenticatingUser.getName());
}
// Log and monitor new login
- CmsAuthUtils.addAuthorization(subject, authorization,
+ CmsAuthUtils.addAuthorization(subject, authorization, locale,
(HttpServletRequest) sharedState.get(CmsAuthUtils.SHARED_STATE_HTTP_REQUEST));
if (log.isDebugEnabled())
log.debug("Logged in to CMS: " + subject);
import java.util.Locale;
import java.util.ResourceBundle;
-import org.argeo.eclipse.ui.specific.UiContext;
-
/** Utilities simplifying the development of localization enums. */
public class LocaleUtils {
public static Object local(Enum<?> en) {
return local(en, locale, resource, en.getClass().getClassLoader());
}
- public static Object local(Enum<?> en, Locale locale, String resource,
- ClassLoader classLoader) {
- ResourceBundle rb = ResourceBundle.getBundle(resource, locale,
- classLoader);
+ public static Object local(Enum<?> en, Locale locale, String resource, ClassLoader classLoader) {
+ ResourceBundle rb = ResourceBundle.getBundle(resource, locale, classLoader);
return rb.getString(en.name());
}
}
static Locale getCurrentLocale() {
- return UiContext.getLocale();
+ // return UiContext.getLocale();
+ // FIXME look into Subject or settings
+ return Locale.getDefault();
}
/** Returns null if argument is null. */
import java.util.HashSet;
import java.util.Hashtable;
import java.util.LinkedHashSet;
+import java.util.Locale;
import java.util.Map;
import java.util.Set;
import java.util.UUID;
private final ZonedDateTime creationTime;
private ZonedDateTime end;
+ private final Locale locale;
private ServiceRegistration<CmsSession> serviceRegistration;
private Set<String> dataSessionsInUse = new HashSet<>();
private LinkedHashSet<Session> additionalDataSessions = new LinkedHashSet<>();
- public CmsSessionImpl(Subject initialSubject, Authorization authorization, String localSessionId) {
+ public CmsSessionImpl(Subject initialSubject, Authorization authorization, Locale locale, String localSessionId) {
this.creationTime = ZonedDateTime.now();
+ this.locale = locale;
this.initialContext = Subject.doAs(initialSubject, new PrivilegedAction<AccessControlContext>() {
@Override
serviceRegistration = bc.registerService(CmsSession.class, this, props);
}
- public synchronized void close() {
+ public void close() {
end = ZonedDateTime.now();
serviceRegistration.unregister();
- // TODO check data session in use ?
- for (String path : dataSessions.keySet())
- JcrUtils.logoutQuietly(dataSessions.get(path));
- for (Session session : additionalDataSessions)
- JcrUtils.logoutQuietly(session);
+ synchronized (this) {
+ // TODO check data session in use ?
+ for (String path : dataSessions.keySet())
+ JcrUtils.logoutQuietly(dataSessions.get(path));
+ for (Session session : additionalDataSessions)
+ JcrUtils.logoutQuietly(session);
+ }
try {
LoginContext lc;
} catch (LoginException e) {
log.warn("Could not logout " + getSubject() + ": " + e);
}
- notifyAll();
+ log.debug("Closed " + this);
}
private Subject getSubject() {
return uuid;
}
- public String getLocalSessionId() {
- return localSessionId;
- }
-
- public ServiceRegistration<CmsSession> getServiceRegistration() {
- return serviceRegistration;
- }
-
@Override
public LdapName getUserDn() {
return userDn;
return localSessionId;
}
+ @Override
public boolean isAnonymous() {
return anonymous;
}
+ @Override
+ public Locale getLocale() {
+ return locale;
+ }
+
@Override
public ZonedDateTime getCreationTime() {
return creationTime;
return "CMS Session " + userDn + " local=" + localSessionId + ", uuid=" + uuid;
}
- public static CmsSession getByLocalId(String localId) {
+ public static CmsSessionImpl getByLocalId(String localId) {
Collection<ServiceReference<CmsSession>> sr;
try {
sr = bc.getServiceReferences(CmsSession.class, "(" + CmsSession.SESSION_LOCAL_ID + "=" + localId + ")");
ServiceReference<CmsSession> cmsSessionRef;
if (sr.size() == 1) {
cmsSessionRef = sr.iterator().next();
- return bc.getService(cmsSessionRef);
+ return (CmsSessionImpl) bc.getService(cmsSessionRef);
} else if (sr.size() == 0) {
return null;
} else
}
- public static CmsSession getByUuid(String uuid) {
+ public static CmsSessionImpl getByUuid(Object uuid) {
Collection<ServiceReference<CmsSession>> sr;
try {
sr = bc.getServiceReferences(CmsSession.class, "(" + CmsSession.SESSION_UUID + "=" + uuid + ")");
ServiceReference<CmsSession> cmsSessionRef;
if (sr.size() == 1) {
cmsSessionRef = sr.iterator().next();
- return bc.getService(cmsSessionRef);
+ return (CmsSessionImpl) bc.getService(cmsSessionRef);
} else if (sr.size() == 0) {
return null;
} else
public Session getSession(HttpServletRequest request, Repository rep, String workspace)
throws javax.jcr.LoginException, ServletException, RepositoryException {
- CmsSessionImpl cmsSession = (CmsSessionImpl) WebCmsSessionImpl.getCmsSession(request);
+ CmsSessionImpl cmsSession = WebCmsSessionImpl.getCmsSession(request);
// if (cmsSession == null)
// return anonymousSession(request, rep, workspace);
if (log.isTraceEnabled()) {
package org.argeo.cms.internal.http;
+import java.util.Locale;
+
import javax.security.auth.Subject;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpSession;
-import org.argeo.cms.auth.CmsSession;
import org.argeo.cms.internal.auth.CmsSessionImpl;
import org.osgi.service.useradmin.Authorization;
private HttpSession httpSession;
- public WebCmsSessionImpl(Subject initialSubject, Authorization authorization, HttpServletRequest request) {
- super(initialSubject, authorization, request.getSession(false).getId());
+ public WebCmsSessionImpl(Subject initialSubject, Authorization authorization, Locale locale, HttpServletRequest request) {
+ super(initialSubject, authorization, locale,request.getSession(false).getId());
httpSession = request.getSession(false);
}
}
}
- public static CmsSession getCmsSession(HttpServletRequest request) {
+ public static CmsSessionImpl getCmsSession(HttpServletRequest request) {
return CmsSessionImpl.getByLocalId(request.getSession(false).getId());
}
}