+++ /dev/null
-/*
- * Copyright (C) 2007-2012 Argeo GmbH
- *
- * Licensed under the Apache License, Version 2.0 (the "License");
- * you may not use this file except in compliance with the License.
- * You may obtain a copy of the License at
- *
- * http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the License is distributed on an "AS IS" BASIS,
- * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * See the License for the specific language governing permissions and
- * limitations under the License.
- */
-package org.argeo.cms.spring;
-
-import java.security.AccessController;
-import java.security.PrivilegedAction;
-import java.util.ArrayList;
-import java.util.List;
-
-import javax.security.auth.Subject;
-
-import org.eclipse.gemini.blueprint.context.DependencyInitializationAwareBeanPostProcessor;
-import org.springframework.beans.BeansException;
-import org.springframework.beans.factory.support.AbstractBeanFactory;
-import org.springframework.beans.factory.support.SecurityContextProvider;
-import org.springframework.beans.factory.support.SimpleSecurityContextProvider;
-import org.springframework.context.ApplicationContext;
-import org.springframework.context.ApplicationContextAware;
-
-/**
- * Executes with a system authentication the instantiation and initialization
- * methods of the application context where it has been defined.
- */
-public class AuthenticatedApplicationContextInitialization extends
- AbstractSystemExecution implements
- DependencyInitializationAwareBeanPostProcessor, ApplicationContextAware {
- /** If non empty, restricts to these beans */
- private List<String> beanNames = new ArrayList<String>();
-
- public Object postProcessBeforeInitialization(Object bean, String beanName)
- throws BeansException {
- if (beanNames.size() == 0 || beanNames.contains(beanName))
- authenticateAsSystem();
- return bean;
- }
-
- public Object postProcessAfterInitialization(Object bean, String beanName)
- throws BeansException {
- if (beanNames.size() == 0 || beanNames.contains(beanName))
- deauthenticateAsSystem();
- return bean;
- }
-
- public void setBeanNames(List<String> beanNames) {
- this.beanNames = beanNames;
- }
-
- @Override
- public void setApplicationContext(ApplicationContext applicationContext)
- throws BeansException {
- if (applicationContext.getAutowireCapableBeanFactory() instanceof AbstractBeanFactory) {
- final AbstractBeanFactory beanFactory = ((AbstractBeanFactory) applicationContext
- .getAutowireCapableBeanFactory());
- // retrieve subject's access control context
- // and set it as the bean factory security context
- Subject.doAs(getSubject(), new PrivilegedAction<Void>() {
- @Override
- public Void run() {
- SecurityContextProvider scp = new SimpleSecurityContextProvider(
- AccessController.getContext());
- beanFactory.setSecurityContextProvider(scp);
- return null;
- }
- });
- }
- }
-}
projects / lgpl / argeo-commons.git / blobdiff