package org.argeo.cms;
-import java.security.AccessControlContext;
import java.security.PrivilegedAction;
import java.util.HashMap;
import java.util.Map;
import javax.jcr.Node;
+import javax.jcr.PathNotFoundException;
import javax.jcr.Property;
import javax.jcr.Repository;
import javax.jcr.RepositoryException;
import javax.jcr.Session;
import javax.jcr.nodetype.NodeType;
import javax.security.auth.Subject;
+import javax.security.auth.login.CredentialNotFoundException;
import javax.security.auth.login.LoginContext;
import javax.security.auth.login.LoginException;
-import javax.security.auth.x500.X500Principal;
import javax.servlet.http.HttpServletRequest;
-import javax.servlet.http.HttpSession;
import org.apache.commons.logging.Log;
import org.apache.commons.logging.LogFactory;
import org.argeo.ArgeoException;
import org.argeo.cms.auth.AuthConstants;
+import org.argeo.cms.auth.HttpRequestCallbackHandler;
+import org.argeo.eclipse.ui.specific.UiContext;
import org.argeo.jcr.JcrUtils;
import org.eclipse.rap.rwt.RWT;
import org.eclipse.rap.rwt.application.AbstractEntryPoint;
private final Log log = LogFactory.getLog(AbstractCmsEntryPoint.class);
private final Subject subject;
+ private LoginContext loginContext;
private final Repository repository;
private final String workspace;
// Current state
private Session session;
private Node node;
+ private String nodePath;// useful when changing auth
private String state;
private String page;
private Throwable exception;
this.workspace = workspace;
this.defaultPath = defaultPath;
this.factoryProperties = new HashMap<String, String>(factoryProperties);
+ subject = new Subject();
- // load context from session
- HttpServletRequest httpRequest = RWT.getRequest();
- final HttpSession httpSession = httpRequest.getSession();
- AccessControlContext acc = (AccessControlContext) httpSession
- .getAttribute(AuthConstants.ACCESS_CONTROL_CONTEXT);
- if (acc != null
- && Subject.getSubject(acc).getPrincipals(X500Principal.class)
- .size() == 1) {
- subject = Subject.getSubject(acc);
- } else {
- subject = new Subject();
-
- // Initial login
+ // Initial login
+ try {
+ loginContext = new LoginContext(AuthConstants.LOGIN_CONTEXT_USER,
+ subject, new HttpRequestCallbackHandler(
+ UiContext.getHttpRequest()));
+ loginContext.login();
+ } catch (CredentialNotFoundException e) {
try {
- new LoginContext(AuthConstants.LOGIN_CONTEXT_USER, subject)
- .login();
- } catch (LoginException e) {
- // if (log.isTraceEnabled())
- // log.trace("Cannot authenticate user", e);
- try {
- new LoginContext(AuthConstants.LOGIN_CONTEXT_ANONYMOUS,
- subject).login();
- } catch (LoginException eAnonymous) {
- throw new ArgeoException("Cannot initialize subject",
- eAnonymous);
- }
+ loginContext = new LoginContext(
+ AuthConstants.LOGIN_CONTEXT_ANONYMOUS, subject);
+ loginContext.login();
+ } catch (LoginException e1) {
+ throw new ArgeoException("Cannot log as anonymous", e);
}
+ } catch (LoginException e) {
+ throw new ArgeoException("Cannot initialize subject", e);
}
- authChange();
+ authChange(loginContext);
jsExecutor = RWT.getClient().getService(JavaScriptExecutor.class);
browserNavigation = RWT.getClient().getService(BrowserNavigation.class);
@Override
protected final void createContents(final Composite parent) {
- getShell().getDisplay().setData(CmsView.KEY, this);
+ UiContext.setData(CmsView.KEY, this);
Subject.doAs(subject, new PrivilegedAction<Void>() {
@Override
public Void run() {
try {
- createUi(parent);
+ initUi(parent);
} catch (Exception e) {
throw new CmsException("Cannot create entrypoint contents",
e);
}
/** Create UI */
- protected abstract void createUi(Composite parent);
+ protected abstract void initUi(Composite parent);
/** Recreate UI after navigation or auth change */
protected abstract void refresh();
}
@Override
- public Subject getSubject() {
+ public synchronized Subject getSubject() {
return subject;
}
@Override
- public void authChange() {
- Subject.doAs(subject, new PrivilegedAction<Void>() {
+ public synchronized void logout() {
+ if (loginContext == null)
+ throw new CmsException("Login context should not be null");
+ try {
+ loginContext.logout();
+ LoginContext anonymousLc = new LoginContext(
+ AuthConstants.LOGIN_CONTEXT_ANONYMOUS, subject);
+ anonymousLc.login();
+ authChange(anonymousLc);
+ } catch (LoginException e) {
+ throw new CmsException("Cannot logout", e);
+ }
+ }
+
+ @Override
+ public synchronized void authChange(LoginContext loginContext) {
+ if (loginContext == null)
+ throw new CmsException("Login context cannot be null");
+ this.loginContext = loginContext;
+ Subject.doAs(loginContext.getSubject(), new PrivilegedAction<Void>() {
@Override
public Void run() {
try {
- String currentPath = null;
- if (node != null)
- currentPath = node.getPath();
JcrUtils.logoutQuietly(session);
-
session = repository.login(workspace);
- if (currentPath != null)
+ if (nodePath != null)
try {
- node = session.getNode(currentPath);
- } catch (Exception e) {
- try {
- // TODO find a less hacky way to log out
- new LoginContext(
- AuthConstants.LOGIN_CONTEXT_ANONYMOUS,
- subject).logout();
- new LoginContext(
- AuthConstants.LOGIN_CONTEXT_ANONYMOUS,
- subject).login();
- } catch (LoginException eAnonymous) {
- throw new ArgeoException(
- "Cannot reset to anonymous", eAnonymous);
- }
- JcrUtils.logoutQuietly(session);
- session = repository.login(workspace);
+ node = session.getNode(nodePath);
+ } catch (PathNotFoundException e) {
+ // logout();
+ // session = repository.login(workspace);
navigateTo("~");
throw e;
}
doRefresh();
}
- protected void doRefresh() {
+ protected synchronized void doRefresh() {
Subject.doAs(subject, new PrivilegedAction<Void>() {
@Override
public Void run() {
});
}
- // @Override
- // public Object local(Msg msg) {
- // String key = msg.getId();
- // int lastDot = key.lastIndexOf('.');
- // String className = key.substring(0, lastDot);
- // String fieldName = key.substring(lastDot + 1);
- // Locale locale = RWT.getLocale();
- // ResourceBundle rb = ResourceBundle.getBundle(className, locale,
- // msg.getClassLoader());
- // return rb.getString(fieldName);
- // }
-
/** Sets the state of the entry point and retrieve the related JCR node. */
protected synchronized String setState(String newState) {
String previousState = this.state;
- node = null;
+ Node node = null;
page = null;
this.state = newState;
if (newState.equals("~"))
node = getDefaultNode(session);
page = state;
}
-
- // Title
- String title;
- if (node.isNodeType(NodeType.MIX_TITLE)
- && node.hasProperty(Property.JCR_TITLE))
- title = node.getProperty(Property.JCR_TITLE).getString()
- + " - " + getBaseTitle();
- else
- title = getBaseTitle();
- jsExecutor.execute("document.title = \"" + title + "\"");
+ setNode(node);
+ String title = publishMetaData(node);
if (log.isTraceEnabled())
log.trace("node=" + node + ", state=" + state + " (page="
- + page + ", title=" + title + ")");
+ + page + ")");
return title;
} catch (Exception e) {
}
}
- protected Node getNode() {
+ private String publishMetaData(Node node) throws RepositoryException {
+ // Title
+ String title;
+ if (node.isNodeType(NodeType.MIX_TITLE)
+ && node.hasProperty(Property.JCR_TITLE))
+ title = node.getProperty(Property.JCR_TITLE).getString() + " - "
+ + getBaseTitle();
+ else
+ title = getBaseTitle();
+
+ HttpServletRequest request = UiContext.getHttpRequest();
+ if (request == null)
+ return null;
+ // String url = CmsUtils.getCanonicalUrl(node, request);
+ // String desc = node.hasProperty(JCR_DESCRIPTION) ? node.getProperty(
+ // JCR_DESCRIPTION).getString() : null;
+ // String imgUrl = null;
+ // for (NodeIterator it = node.getNodes(); it.hasNext();) {
+ // Node child = it.nextNode();
+ // if (child.isNodeType(CmsTypes.CMS_IMAGE))
+ // imgUrl = CmsUtils.getDataUrl(child, request);
+ // }
+
+ StringBuilder js = new StringBuilder();
+ js.append("document.title = '" + title + "';");
+ // js.append("var metas = document.getElementsByTagName('meta');");
+ // js.append("for (var i=0; i<metas.length; i++) {");
+ // js.append(" if (metas[i].getAttribute('property'))");
+ // js.append(" if(metas[i].getAttribute('property')=='og:title')");
+ // js.append(" metas[i].setAttribute('content','" + title + "');");
+ // js.append(" else if(metas[i].getAttribute('property')=='og:url')");
+ // js.append(" metas[i].setAttribute('content','" + url + "');");
+ // js.append(" else if(metas[i].getAttribute('property')=='og:type')");
+ // js.append(" metas[i].setAttribute('content','website');");
+ // if (desc != null) {
+ // js.append(" else if(metas[i].getAttribute('property')=='og:decription')");
+ // js.append(" metas[i].setAttribute('content','" + clean(desc)
+ // + "');");
+ // }
+ // if (imgUrl != null) {
+ // js.append(" else if(metas[i].getAttribute('property')=='og:image')");
+ // js.append(" metas[i].setAttribute('content','" + imgUrl + "');");
+ // } else {
+ // // TODO reset default image
+ // }
+ // js.append(" };");
+ jsExecutor.execute(js.toString());
+ return title;
+ }
+
+ // Simply remove some illegal character
+ // private String clean(String stringToClean) {
+ // return stringToClean.replaceAll("'", "").replaceAll("\\n", "")
+ // .replaceAll("\\t", "");
+ // }
+
+ protected synchronized Node getNode() {
return node;
}
+ private synchronized void setNode(Node node) throws RepositoryException {
+ this.node = node;
+ this.nodePath = node == null ? null : node.getPath();
+ }
+
protected String getState() {
return state;
}