import javax.security.auth.callback.UnsupportedCallbackException;
import javax.security.auth.login.LoginException;
import javax.security.auth.spi.LoginModule;
import javax.security.auth.callback.UnsupportedCallbackException;
import javax.security.auth.login.LoginException;
import javax.security.auth.spi.LoginModule;
import org.argeo.cms.internal.kernel.Activator;
import org.osgi.framework.BundleContext;
import org.osgi.framework.FrameworkUtil;
import org.argeo.cms.internal.kernel.Activator;
import org.osgi.framework.BundleContext;
import org.osgi.framework.FrameworkUtil;
private CallbackHandler callbackHandler = null;
private Map<String, Object> sharedState = null;
private CallbackHandler callbackHandler = null;
private Map<String, Object> sharedState = null;
- if (log.isTraceEnabled())
- log.trace("HTTP login: " + request.getPathInfo() + " #" + httpSessionId);
- CmsSession cmsSession = CmsAuthUtils.cmsSessionFromHttpSession(bc, httpSessionId);
+// if (log.isTraceEnabled())
+// log.trace("HTTP login: " + request.getPathInfo() + " #" + httpSessionId);
+ CmsSessionImpl cmsSession = CmsAuthUtils.cmsSessionFromHttpSession(bc, httpSessionId);
if (cmsSession != null) {
authorization = cmsSession.getAuthorization();
locale = cmsSession.getLocale();
if (cmsSession != null) {
authorization = cmsSession.getAuthorization();
locale = cmsSession.getLocale();
} else {
authorization = (Authorization) request.getAttribute(HttpContext.AUTHORIZATION);
if (authorization == null) {// search by session ID
} else {
authorization = (Authorization) request.getAttribute(HttpContext.AUTHORIZATION);
if (authorization == null) {// search by session ID
if (httpSession == null) {
// TODO make sure this is always safe
if (log.isTraceEnabled())
log.trace("Create http session");
if (httpSession == null) {
// TODO make sure this is always safe
if (log.isTraceEnabled())
log.trace("Create http session");
- if (log.isTraceEnabled())
- log.trace("HTTP login: " + request.getPathInfo() + " #" + httpSessionId);
- CmsSession cmsSession = CmsAuthUtils.cmsSessionFromHttpSession(bc, httpSessionId);
+// if (log.isTraceEnabled())
+// log.trace("HTTP login: " + request.getPathInfo() + " #" + httpSessionId);
+ CmsSessionImpl cmsSession = CmsAuthUtils.cmsSessionFromHttpSession(bc, httpSessionId);
if (cmsSession != null) {
authorization = cmsSession.getAuthorization();
locale = cmsSession.getLocale();
if (cmsSession != null) {
authorization = cmsSession.getAuthorization();
locale = cmsSession.getLocale();
String authHeader = httpRequest.getHeader(CmsAuthUtils.HEADER_AUTHORIZATION);
extractHttpAuth(authHeader);
}
String authHeader = httpRequest.getHeader(CmsAuthUtils.HEADER_AUTHORIZATION);
extractHttpAuth(authHeader);
}
sharedState.put(CmsAuthUtils.SHARED_STATE_NAME, login);
sharedState.put(CmsAuthUtils.SHARED_STATE_PWD, password);
} else {
sharedState.put(CmsAuthUtils.SHARED_STATE_NAME, login);
sharedState.put(CmsAuthUtils.SHARED_STATE_PWD, password);
} else {
X509Certificate[] certs = (X509Certificate[]) req.getAttribute("javax.servlet.request.X509Certificate");
if (null != certs && certs.length > 0) {// Servlet container verified the client certificate
String certDn = certs[0].getSubjectX500Principal().getName();
X509Certificate[] certs = (X509Certificate[]) req.getAttribute("javax.servlet.request.X509Certificate");
if (null != certs && certs.length > 0) {// Servlet container verified the client certificate
String certDn = certs[0].getSubjectX500Principal().getName();