security/plugins/org.argeo.security.ui.rap/src/main/java/org/argeo/security/ui/rap/SecureEntryPoint.java

   1 package org.argeo.security.ui.rap;
   2
   3 import java.security.PrivilegedAction;
   4 import java.util.Set;
   5
   6 import javax.security.auth.Subject;
   7 import javax.security.auth.login.LoginException;
   8
   9 import org.apache.commons.logging.Log;
  10 import org.apache.commons.logging.LogFactory;
  11 import org.argeo.eclipse.ui.dialogs.Error;
  12 import org.eclipse.core.runtime.IStatus;
  13 import org.eclipse.core.runtime.Status;
  14 import org.eclipse.jface.dialogs.ErrorDialog;
  15 import org.eclipse.rwt.RWT;
  16 import org.eclipse.rwt.lifecycle.IEntryPoint;
  17 import org.eclipse.rwt.service.SessionStoreEvent;
  18 import org.eclipse.rwt.service.SessionStoreListener;
  19 import org.eclipse.swt.widgets.Display;
  20 import org.eclipse.ui.PlatformUI;
  21 import org.eclipse.ui.application.IWorkbenchWindowConfigurer;
  22 import org.eclipse.ui.application.WorkbenchAdvisor;
  23 import org.eclipse.ui.application.WorkbenchWindowAdvisor;
  24 import org.springframework.security.Authentication;
  25 import org.springframework.security.context.SecurityContextHolder;
  26
  27 public class SecureEntryPoint implements IEntryPoint, SessionStoreListener {
  28         private Log log = LogFactory.getLog(SecureEntryPoint.class);
  29
  30         private final static String SECURITY_CONTEXT_ATTRIBUTE = "securityContextAttribute";
  31
  32         @Override
  33         public int createUI() {
  34 //              log.debug("THREAD=" + Thread.currentThread().getId()
  35 //                              + ", RWT.getSessionStore().getId()="
  36 //                              + RWT.getSessionStore().getId());
  37
  38                 Authentication authen = (Authentication) RWT.getSessionStore()
  39                                 .getAttribute(SECURITY_CONTEXT_ATTRIBUTE);
  40                 if (authen != null)
  41                         SecurityContextHolder.getContext().setAuthentication(authen);
  42
  43                 Integer returnCode = null;
  44                 Display display = PlatformUI.createDisplay();
  45                 try {
  46                         Subject subject = null;
  47                         Boolean retry = true;
  48                         while (retry) {
  49                                 try {
  50                                         // if (authen == null)
  51                                         // SecureRapActivator.getLoginContext().login();
  52                                         subject = SecureRapActivator.getLoginContext().getSubject();
  53                                         Set<Authentication> auths = subject
  54                                                         .getPrincipals(Authentication.class);
  55                                         if (auths.size() > 0)
  56                                                 SecurityContextHolder.getContext().setAuthentication(
  57                                                                 auths.iterator().next());
  58                                         // authen = SecurityContextHolder.getContext()
  59                                         // .getAuthentication();
  60                                         // RWT.getSessionStore().setAttribute(
  61                                         // SECURITY_CONTEXT_ATTRIBUTE, authen);
  62                                         retry = false;
  63                                 } catch (LoginException e) {
  64                                         Error.show("Cannot login", e);
  65                                         retry = true;
  66                                 } catch (Exception e) {
  67                                         Error.show("Unexpected exception while trying to login", e);
  68                                         retry = false;
  69                                 }
  70                         }
  71
  72                         if (subject == null) {
  73                                 // IStatus status = new Status(IStatus.ERROR,
  74                                 // "org.argeo.security.application", "Login is mandatory",
  75                                 // loginException);
  76                                 // ErrorDialog.openError(null, "Error", "Shutdown...", status);
  77                                 // return status.getSeverity();
  78
  79                                 // TODO: log as anonymous
  80                         }
  81
  82                         if (subject != null) {
  83                                 returnCode = (Integer) Subject.doAs(subject,
  84                                                 getRunAction(display));
  85                                 SecureRapActivator.getLoginContext().logout();
  86                                 return processReturnCode(returnCode);
  87                         } else {
  88                                 return -1;
  89                         }
  90                 } catch (Exception e) {
  91                         // e.printStackTrace();
  92                         IStatus status = new Status(IStatus.ERROR,
  93                                         "org.argeo.security.rcp", "Login failed", e);
  94                         ErrorDialog.openError(null, "Error", "Shutdown...", status);
  95                         return returnCode;
  96                 } finally {
  97                         display.dispose();
  98                 }
  99         }
 100
 101         @SuppressWarnings("rawtypes")
 102         private PrivilegedAction getRunAction(final Display display) {
 103                 return new PrivilegedAction() {
 104
 105                         public Object run() {
 106                                 int result = createAndRunWorkbench(display);
 107                                 return new Integer(result);
 108                         }
 109                 };
 110         }
 111
 112         protected Integer createAndRunWorkbench(Display display) {
 113                 return PlatformUI.createAndRunWorkbench(display,
 114                                 createWorkbenchAdvisor());
 115         }
 116
 117         protected Integer processReturnCode(Integer returnCode) {
 118                 return returnCode;
 119         }
 120
 121         protected WorkbenchAdvisor createWorkbenchAdvisor() {
 122                 return new SecureWorkbenchAdvisor() {
 123                         public WorkbenchWindowAdvisor createWorkbenchWindowAdvisor(
 124                                         IWorkbenchWindowConfigurer configurer) {
 125                                 return new RapSecureWorkbenchWindowAdvisor(configurer);
 126                         }
 127
 128                 };
 129         }
 130
 131         @Override
 132         public void beforeDestroy(SessionStoreEvent event) {
 133                 if (log.isDebugEnabled())
 134                         log.debug("RWT session " + event.getSessionStore().getId()
 135                                         + " about to be destroyed. THREAD="
 136                                         + Thread.currentThread().getId());
 137
 138         }
 139
 140 }