- Authentication authen = (Authentication) RWT.getSessionStore()
- .getAttribute(SECURITY_CONTEXT_ATTRIBUTE);
- if (authen != null)
- SecurityContextHolder.getContext().setAuthentication(authen);
-
- Integer returnCode = null;
- Display display = PlatformUI.createDisplay();
- try {
- Subject subject = null;
- Boolean retry = true;
- while (retry) {
- try {
- // if (authen == null)
- // SecureRapActivator.getLoginContext().login();
- subject = SecureRapActivator.getLoginContext().getSubject();
- Set<Authentication> auths = subject
- .getPrincipals(Authentication.class);
- if (auths.size() > 0)
- SecurityContextHolder.getContext().setAuthentication(
- auths.iterator().next());
- // authen = SecurityContextHolder.getContext()
- // .getAuthentication();
- // RWT.getSessionStore().setAttribute(
- // SECURITY_CONTEXT_ATTRIBUTE, authen);
- retry = false;
- } catch (LoginException e) {
- Error.show("Cannot login", e);
- retry = true;
- } catch (Exception e) {
- Error.show("Unexpected exception while trying to login", e);
- retry = false;
+ if (log.isDebugEnabled())
+ log.debug("THREAD=" + Thread.currentThread().getId()
+ + ", sessionStore=" + RWT.getSessionStore().getId()
+ + ", remote user=" + httpRequest.getRemoteUser());
+
+ // create display
+ final Display display = PlatformUI.createDisplay();
+
+ // log in
+ final ILoginContext loginContext = SecureRapActivator
+ .createLoginContext(SecureRapActivator.CONTEXT_SPRING);
+ Subject subject = null;
+ tryLogin: while (subject == null && !display.isDisposed()) {
+ try {
+ loginContext.login();
+ subject = loginContext.getSubject();
+
+ if (httpSession.getAttribute(SPRING_SECURITY_CONTEXT_KEY) == null)
+ httpSession.setAttribute(SPRING_SECURITY_CONTEXT_KEY,
+ SecurityContextHolder.getContext());
+
+ // Once the user is logged in, she can have a longer session
+ // timeout
+ RWT.getRequest().getSession()
+ .setMaxInactiveInterval(sessionTimeout);
+ if (log.isDebugEnabled())
+ log.debug("Authenticated " + subject);
+ } catch (LoginException e) {
+ BadCredentialsException bce = wasCausedByBadCredentials(e);
+ if (bce != null) {
+ MessageDialog.openInformation(display.getActiveShell(),
+ "Bad Credentials", bce.getMessage());
+ // retry login
+ continue tryLogin;