SSL truststore working.

[lgpl/argeo-commons.git] / eclipse / org.argeo.cms.servlet / src / org / argeo / cms / servlet / CmsServletContext.java

diff --git a/eclipse/org.argeo.cms.servlet/src/org/argeo/cms/servlet/CmsServletContext.java b/eclipse/org.argeo.cms.servlet/src/org/argeo/cms/servlet/CmsServletContext.java
index 1ae6286ac2a4e38eb6c37bf4269c187a1d89a419..9cb48b212d38b5db6054c6fefac76dc00a9a00e3 100644 (file)
--- a/eclipse/org.argeo.cms.servlet/src/org/argeo/cms/servlet/CmsServletContext.java
+++ b/eclipse/org.argeo.cms.servlet/src/org/argeo/cms/servlet/CmsServletContext.java
@@ -41,6 +41,8 @@ public class CmsServletContext extends ServletContextHelper {
        public boolean handleSecurity(HttpServletRequest request, HttpServletResponse response) throws IOException {
                if (log.isTraceEnabled())
                        HttpUtils.logRequestHeaders(log, request);
+               ClassLoader currentThreadContextClassLoader = Thread.currentThread().getContextClassLoader();
+               Thread.currentThread().setContextClassLoader(CmsServletContext.class.getClassLoader());
                LoginContext lc;
                try {
                        lc = CmsAuth.USER.newLoginContext(
@@ -52,6 +54,8 @@ public class CmsServletContext extends ServletContextHelper {
                                HttpUtils.logResponseHeaders(log, response);
                        if (lc == null)
                                return false;
+               } finally {
+                       Thread.currentThread().setContextClassLoader(currentThreadContextClassLoader);
                }
 
                Subject subject = lc.getSubject();
@@ -76,8 +80,10 @@ public class CmsServletContext extends ServletContextHelper {
 
        protected LoginContext processUnauthorized(HttpServletRequest request, HttpServletResponse response) {
                // anonymous
+               ClassLoader currentContextClassLoader = Thread.currentThread().getContextClassLoader();
                try {
-                       LoginContext lc = new LoginContext(CmsAuth.LOGIN_CONTEXT_ANONYMOUS,
+                       Thread.currentThread().setContextClassLoader(CmsServletContext.class.getClassLoader());
+                       LoginContext lc = CmsAuth.ANONYMOUS.newLoginContext(
                                        new RemoteAuthCallbackHandler(new ServletHttpRequest(request), new ServletHttpResponse(response)));
                        lc.login();
                        return lc;
@@ -85,6 +91,8 @@ public class CmsServletContext extends ServletContextHelper {
                        if (log.isDebugEnabled())
                                log.error("Cannot log in as anonymous", e1);
                        return null;
+               } finally {
+                       Thread.currentThread().setContextClassLoader(currentContextClassLoader);
                }
        }