org.argeo.cms/src/org/argeo/security/core/AbstractSystemExecution.java

   1 /*
   2  * Copyright (C) 2007-2012 Argeo GmbH
   3  *
   4  * Licensed under the Apache License, Version 2.0 (the "License");
   5  * you may not use this file except in compliance with the License.
   6  * You may obtain a copy of the License at
   7  *
   8  *         http://www.apache.org/licenses/LICENSE-2.0
   9  *
  10  * Unless required by applicable law or agreed to in writing, software
  11  * distributed under the License is distributed on an "AS IS" BASIS,
  12  * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
  13  * See the License for the specific language governing permissions and
  14  * limitations under the License.
  15  */
  16 package org.argeo.security.core;
  17
  18 import javax.security.auth.Subject;
  19 import javax.security.auth.login.LoginContext;
  20 import javax.security.auth.login.LoginException;
  21
  22 import org.apache.commons.logging.Log;
  23 import org.apache.commons.logging.LogFactory;
  24 import org.argeo.cms.CmsException;
  25
  26 /** Provides base method for executing code with system authorization. */
  27 public abstract class AbstractSystemExecution {
  28         private final static Log log = LogFactory.getLog(AbstractSystemExecution.class);
  29         private final Subject subject = new Subject();
  30
  31         private final String loginModule = "SYSTEM";
  32
  33         /**
  34          * Authenticate the calling thread to the underlying
  35          * {@link AuthenticationManager}
  36          */
  37         protected void authenticateAsSystem() {
  38                 ClassLoader origClassLoader = Thread.currentThread().getContextClassLoader();
  39                 Thread.currentThread().setContextClassLoader(getClass().getClassLoader());
  40                 try {
  41                         LoginContext lc = new LoginContext(loginModule, subject);
  42                         lc.login();
  43                 } catch (LoginException e) {
  44                         throw new CmsException("Cannot login as system", e);
  45                 } finally {
  46                         Thread.currentThread().setContextClassLoader(origClassLoader);
  47                 }
  48                 if (log.isTraceEnabled())
  49                         log.trace("System authenticated");
  50         }
  51
  52         protected void deauthenticateAsSystem() {
  53                 ClassLoader origClassLoader = Thread.currentThread().getContextClassLoader();
  54                 Thread.currentThread().setContextClassLoader(getClass().getClassLoader());
  55                 try {
  56                         LoginContext lc = new LoginContext(loginModule, subject);
  57                         lc.logout();
  58                 } catch (LoginException e) {
  59                         throw new CmsException("Cannot logout as system", e);
  60                 } finally {
  61                         Thread.currentThread().setContextClassLoader(origClassLoader);
  62                 }
  63         }
  64
  65         protected Subject getSubject() {
  66                 return subject;
  67         }
  68 }