- public int createUI() {
-// log.debug("THREAD=" + Thread.currentThread().getId()
-// + ", RWT.getSessionStore().getId()="
-// + RWT.getSessionStore().getId());
-
- Authentication authen = (Authentication) RWT.getSessionStore()
- .getAttribute(SECURITY_CONTEXT_ATTRIBUTE);
- if (authen != null)
- SecurityContextHolder.getContext().setAuthentication(authen);
-
- Integer returnCode = null;
- Display display = PlatformUI.createDisplay();
- try {
- Subject subject = null;
- Boolean retry = true;
- while (retry) {
- try {
- // if (authen == null)
- // SecureRapActivator.getLoginContext().login();
- subject = SecureRapActivator.getLoginContext().getSubject();
- Set<Authentication> auths = subject
- .getPrincipals(Authentication.class);
- if (auths.size() > 0)
- SecurityContextHolder.getContext().setAuthentication(
- auths.iterator().next());
- // authen = SecurityContextHolder.getContext()
- // .getAuthentication();
- // RWT.getSessionStore().setAttribute(
- // SECURITY_CONTEXT_ATTRIBUTE, authen);
- retry = false;
- } catch (LoginException e) {
- Error.show("Cannot login", e);
- retry = true;
- } catch (Exception e) {
- Error.show("Unexpected exception while trying to login", e);
- retry = false;
+ public final int createUI() {
+ // Short login timeout so that the modal dialog login doesn't hang
+ // around too long
+ RWT.getRequest().getSession().setMaxInactiveInterval(loginTimeout);
+
+ // Try to load security context thanks to the session processing filter
+ HttpServletRequest httpRequest = RWT.getRequest();
+ HttpSession httpSession = httpRequest.getSession();
+ Object contextFromSessionObject = httpSession
+ .getAttribute(SPRING_SECURITY_CONTEXT_KEY);
+ if (contextFromSessionObject != null)
+ SecurityContextHolder
+ .setContext((SecurityContext) contextFromSessionObject);
+
+// if (log.isDebugEnabled())
+// log.debug("THREAD=" + Thread.currentThread().getId()
+// + ", sessionStore=" + RWT.getSessionStore().getId()
+// + ", remote user=" + httpRequest.getRemoteUser());
+
+ // create display
+ final Display display = PlatformUI.createDisplay();
+
+ // log in
+ final ILoginContext loginContext = SecureRapActivator
+ .createLoginContext(SecureRapActivator.CONTEXT_SPRING);
+ Subject subject = null;
+ tryLogin: while (subject == null && !display.isDisposed()) {
+ try {
+ loginContext.login();
+ subject = loginContext.getSubject();
+
+ // add security context to session
+ if (httpSession.getAttribute(SPRING_SECURITY_CONTEXT_KEY) == null)
+ httpSession.setAttribute(SPRING_SECURITY_CONTEXT_KEY,
+ SecurityContextHolder.getContext());
+ // add thread locale to RWT session
+ log.info("Locale "+LocaleUtils.threadLocale.get());
+ RWT.setLocale(LocaleUtils.threadLocale.get());
+
+ // Once the user is logged in, she can have a longer session
+ // timeout
+ RWT.getRequest().getSession()
+ .setMaxInactiveInterval(sessionTimeout);
+ if (log.isDebugEnabled())
+ log.debug("Authenticated " + subject);
+ } catch (LoginException e) {
+ BadCredentialsException bce = wasCausedByBadCredentials(e);
+ if (bce != null) {
+ MessageDialog.openInformation(display.getActiveShell(),
+ "Bad Credentials", bce.getMessage());
+ // retry login
+ continue tryLogin;