1 package org
.argeo
.cms
.web
;
3 import static org
.argeo
.util
.directory
.ldap
.SharedSecret
.X_SHARED_SECRET
;
5 import java
.io
.IOException
;
6 import java
.security
.PrivilegedAction
;
7 import java
.util
.HashMap
;
10 import javax
.jcr
.Node
;
11 import javax
.jcr
.PathNotFoundException
;
12 import javax
.jcr
.Property
;
13 import javax
.jcr
.Repository
;
14 import javax
.jcr
.RepositoryException
;
15 import javax
.jcr
.Session
;
16 import javax
.jcr
.nodetype
.NodeType
;
17 import javax
.security
.auth
.Subject
;
18 import javax
.security
.auth
.callback
.Callback
;
19 import javax
.security
.auth
.callback
.UnsupportedCallbackException
;
20 import javax
.security
.auth
.login
.LoginContext
;
21 import javax
.security
.auth
.login
.LoginException
;
22 import javax
.servlet
.http
.HttpServletRequest
;
24 import org
.argeo
.api
.cms
.CmsLog
;
25 import org
.argeo
.api
.cms
.ux
.CmsView
;
26 import org
.argeo
.api
.cms
.CmsAuth
;
27 import org
.argeo
.cms
.auth
.CurrentUser
;
28 import org
.argeo
.cms
.auth
.RemoteAuthCallback
;
29 import org
.argeo
.cms
.auth
.RemoteAuthCallbackHandler
;
30 import org
.argeo
.cms
.servlet
.ServletHttpRequest
;
31 import org
.argeo
.cms
.servlet
.ServletHttpResponse
;
32 import org
.argeo
.cms
.swt
.CmsException
;
33 import org
.argeo
.cms
.swt
.CmsStyles
;
34 import org
.argeo
.cms
.swt
.CmsSwtUtils
;
35 import org
.argeo
.eclipse
.ui
.specific
.UiContext
;
36 import org
.argeo
.jcr
.JcrUtils
;
37 import org
.argeo
.util
.directory
.ldap
.AuthPassword
;
38 import org
.argeo
.util
.directory
.ldap
.SharedSecret
;
39 import org
.eclipse
.rap
.rwt
.RWT
;
40 import org
.eclipse
.rap
.rwt
.application
.AbstractEntryPoint
;
41 import org
.eclipse
.rap
.rwt
.client
.WebClient
;
42 import org
.eclipse
.rap
.rwt
.client
.service
.BrowserNavigation
;
43 import org
.eclipse
.rap
.rwt
.client
.service
.BrowserNavigationEvent
;
44 import org
.eclipse
.rap
.rwt
.client
.service
.BrowserNavigationListener
;
45 import org
.eclipse
.rap
.rwt
.client
.service
.JavaScriptExecutor
;
46 import org
.eclipse
.swt
.widgets
.Composite
;
47 import org
.eclipse
.swt
.widgets
.Display
;
48 import org
.eclipse
.swt
.widgets
.Shell
;
50 /** Manages history and navigation */
52 public abstract class AbstractCmsEntryPoint
extends AbstractEntryPoint
implements CmsView
{
53 private static final long serialVersionUID
= 906558779562569784L;
55 private final CmsLog log
= CmsLog
.getLog(AbstractCmsEntryPoint
.class);
57 // private final Subject subject;
58 private LoginContext loginContext
;
60 private final Repository repository
;
61 private final String workspace
;
62 private final String defaultPath
;
63 private final Map
<String
, String
> factoryProperties
;
66 private Session session
;
68 private String nodePath
;// useful when changing auth
70 private Throwable exception
;
73 private final JavaScriptExecutor jsExecutor
;
74 private final BrowserNavigation browserNavigation
;
76 public AbstractCmsEntryPoint(Repository repository
, String workspace
, String defaultPath
,
77 Map
<String
, String
> factoryProperties
) {
78 this.repository
= repository
;
79 this.workspace
= workspace
;
80 this.defaultPath
= defaultPath
;
81 this.factoryProperties
= new HashMap
<String
, String
>(factoryProperties
);
82 // subject = new Subject();
87 lc
= new LoginContext(CmsAuth
.LOGIN_CONTEXT_USER
,
88 new RemoteAuthCallbackHandler(new ServletHttpRequest(UiContext
.getHttpRequest()),
89 new ServletHttpResponse(UiContext
.getHttpResponse())));
91 } catch (LoginException e
) {
93 lc
= new LoginContext(CmsAuth
.LOGIN_CONTEXT_ANONYMOUS
);
95 } catch (LoginException e1
) {
96 throw new CmsException("Cannot log in as anonymous", e1
);
101 jsExecutor
= RWT
.getClient().getService(JavaScriptExecutor
.class);
102 browserNavigation
= RWT
.getClient().getService(BrowserNavigation
.class);
103 if (browserNavigation
!= null)
104 browserNavigation
.addBrowserNavigationListener(new CmsNavigationListener());
108 protected Shell
createShell(Display display
) {
109 Shell shell
= super.createShell(display
);
110 shell
.setData(RWT
.CUSTOM_VARIANT
, CmsStyles
.CMS_SHELL
);
111 display
.disposeExec(new Runnable() {
115 if (log
.isTraceEnabled())
116 log
.trace("Logging out " + session
);
117 JcrUtils
.logoutQuietly(session
);
124 protected final void createContents(final Composite parent
) {
125 // UiContext.setData(CmsView.KEY, this);
126 CmsSwtUtils
.registerCmsView(parent
.getShell(), this);
127 Subject
.doAs(getSubject(), new PrivilegedAction
<Void
>() {
132 } catch (Exception e
) {
133 throw new CmsException("Cannot create entrypoint contents", e
);
141 protected abstract void initUi(Composite parent
);
143 /** Recreate UI after navigation or auth change */
144 protected abstract void refresh();
147 * The node to return when no node was found (for authenticated users and
150 // private Node getDefaultNode(Session session) throws RepositoryException {
151 // if (!session.hasPermission(defaultPath, "read")) {
152 // String userId = session.getUserID();
153 // if (userId.equals(NodeConstants.ROLE_ANONYMOUS))
154 // // TODO throw a special exception
155 // throw new CmsException("Login required");
157 // throw new CmsException("Unauthorized");
159 // return session.getNode(defaultPath);
162 protected String
getBaseTitle() {
163 return factoryProperties
.get(WebClient
.PAGE_TITLE
);
166 public void navigateTo(String state
) {
168 String title
= setState(state
);
170 if (browserNavigation
!= null)
171 browserNavigation
.pushState(state
, title
);
175 // public synchronized Subject getSubject() {
180 // public LoginContext getLoginContext() {
181 // return loginContext;
183 protected Subject
getSubject() {
184 return loginContext
.getSubject();
188 public boolean isAnonymous() {
189 return CurrentUser
.isAnonymous(getSubject());
193 public synchronized void logout() {
194 if (loginContext
== null)
195 throw new CmsException("Login context should not be null");
197 CurrentUser
.logoutCmsSession(loginContext
.getSubject());
198 loginContext
.logout();
199 LoginContext anonymousLc
= new LoginContext(CmsAuth
.LOGIN_CONTEXT_ANONYMOUS
);
201 authChange(anonymousLc
);
202 } catch (LoginException e
) {
203 log
.error("Cannot logout", e
);
208 public synchronized void authChange(LoginContext lc
) {
210 throw new CmsException("Login context cannot be null");
211 // logout previous login context
212 if (this.loginContext
!= null)
214 this.loginContext
.logout();
215 } catch (LoginException e1
) {
216 log
.warn("Could not log out: " + e1
);
218 this.loginContext
= lc
;
219 Subject
.doAs(getSubject(), new PrivilegedAction
<Void
>() {
224 JcrUtils
.logoutQuietly(session
);
225 session
= repository
.login(workspace
);
226 if (nodePath
!= null)
228 node
= session
.getNode(nodePath
);
229 } catch (PathNotFoundException e
) {
235 } catch (RepositoryException e
) {
236 throw new CmsException("Cannot perform auth change", e
);
245 public void exception(final Throwable e
) {
246 AbstractCmsEntryPoint
.this.exception
= e
;
247 log
.error("Unexpected exception in CMS", e
);
251 protected synchronized void doRefresh() {
252 Subject
.doAs(getSubject(), new PrivilegedAction
<Void
>() {
261 /** Sets the state of the entry point and retrieve the related JCR node. */
262 protected synchronized String
setState(String newState
) {
263 String previousState
= this.state
;
265 String newNodePath
= null;
266 String prefix
= null;
267 this.state
= newState
;
268 if (newState
.equals("~"))
272 int firstSlash
= state
.indexOf('/');
273 if (firstSlash
== 0) {
276 } else if (firstSlash
> 0) {
277 prefix
= state
.substring(0, firstSlash
);
278 newNodePath
= state
.substring(firstSlash
);
280 newNodePath
= defaultPath
;
286 int colonIndex
= prefix
.indexOf('$');
287 if (colonIndex
> 0) {
288 SharedSecret token
= new SharedSecret(new AuthPassword(X_SHARED_SECRET
+ '$' + prefix
)) {
291 public void handle(Callback
[] callbacks
) throws IOException
, UnsupportedCallbackException
{
292 super.handle(callbacks
);
293 // handle HTTP context
294 for (Callback callback
: callbacks
) {
295 if (callback
instanceof RemoteAuthCallback
) {
296 ((RemoteAuthCallback
) callback
)
297 .setRequest(new ServletHttpRequest(UiContext
.getHttpRequest()));
298 ((RemoteAuthCallback
) callback
)
299 .setResponse(new ServletHttpResponse(UiContext
.getHttpResponse()));
304 LoginContext lc
= new LoginContext(CmsAuth
.LOGIN_CONTEXT_USER
, token
);
306 authChange(lc
);// sets the node as well
308 // // TODO check consistency
312 if (session
.nodeExists(newNodePath
))
313 newNode
= session
.getNode(newNodePath
);
315 // throw new CmsException("Data " + newNodePath + " does not exist");
320 String title
= publishMetaData(getNode());
322 if (log
.isTraceEnabled())
323 log
.trace("node=" + newNodePath
+ ", state=" + state
+ " (prefix=" + prefix
+ ")");
326 } catch (Exception e
) {
327 log
.error("Cannot set state '" + state
+ "'", e
);
328 if (state
.equals("") || newState
.equals("~") || newState
.equals(previousState
))
329 return "Unrecoverable exception : " + e
.getClass().getSimpleName();
330 if (previousState
.equals(""))
332 navigateTo(previousState
);
333 throw new CmsException("Unexpected issue when accessing #" + newState
, e
);
337 private String
publishMetaData(Node node
) throws RepositoryException
{
340 if (node
!= null && node
.isNodeType(NodeType
.MIX_TITLE
) && node
.hasProperty(Property
.JCR_TITLE
))
341 title
= node
.getProperty(Property
.JCR_TITLE
).getString() + " - " + getBaseTitle();
343 title
= getBaseTitle();
345 HttpServletRequest request
= UiContext
.getHttpRequest();
349 StringBuilder js
= new StringBuilder();
352 title
= title
.replace("'", "\\'");// sanitize
353 js
.append("document.title = '" + title
+ "';");
354 jsExecutor
.execute(js
.toString());
358 // Simply remove some illegal character
359 // private String clean(String stringToClean) {
360 // return stringToClean.replaceAll("'", "").replaceAll("\\n", "")
361 // .replaceAll("\\t", "");
364 protected synchronized Node
getNode() {
368 private synchronized void setNode(Node node
) throws RepositoryException
{
370 this.nodePath
= node
== null ?
null : node
.getPath();
373 protected String
getState() {
377 protected Throwable
getException() {
381 protected void resetException() {
385 protected Session
getSession() {
389 private class CmsNavigationListener
implements BrowserNavigationListener
{
390 private static final long serialVersionUID
= -3591018803430389270L;
393 public void navigated(BrowserNavigationEvent event
) {
394 setState(event
.getState());