OS user as single user

[lgpl/argeo-commons.git] / org.argeo.cms / src / org / argeo / cms / auth / CmsAuthUtils.java

diff --git a/org.argeo.cms/src/org/argeo/cms/auth/CmsAuthUtils.java b/org.argeo.cms/src/org/argeo/cms/auth/CmsAuthUtils.java
index d50535eaefcedaa791f06b93342c94634f68b552..dadcc4dbcb109e23a604cbd8b4265eb8f3fe34bf 100644 (file)
--- a/org.argeo.cms/src/org/argeo/cms/auth/CmsAuthUtils.java
+++ b/org.argeo.cms/src/org/argeo/cms/auth/CmsAuthUtils.java
@@ -19,6 +19,7 @@ import org.argeo.cms.CmsException;
 import org.argeo.cms.internal.auth.CmsSessionImpl;
 import org.argeo.cms.internal.auth.ImpliedByPrincipal;
 import org.argeo.cms.internal.http.WebCmsSessionImpl;
+import org.argeo.cms.internal.kernel.Activator;
 import org.argeo.node.NodeConstants;
 import org.argeo.node.security.AnonymousPrincipal;
 import org.argeo.node.security.DataAdminPrincipal;
@@ -38,6 +39,7 @@ class CmsAuthUtils {
        final static String SHARED_STATE_HTTP_REQUEST = "org.argeo.cms.auth.http.request";
        final static String SHARED_STATE_SPNEGO_TOKEN = "org.argeo.cms.auth.spnegoToken";
        final static String SHARED_STATE_SPNEGO_OUT_TOKEN = "org.argeo.cms.auth.spnegoOutToken";
+       final static String SHARED_STATE_CERTIFICATE_CHAIN = "org.argeo.cms.auth.certificateChain";
 
        static void addAuthorization(Subject subject, Authorization authorization, Locale locale,
                        HttpServletRequest request) {
@@ -48,6 +50,10 @@ class CmsAuthUtils {
                // required for display name:
                subject.getPrivateCredentials().add(authorization);
 
+               if (Activator.isSingleUser()) {
+                       subject.getPrincipals().add(new DataAdminPrincipal());
+               }
+
                Set<Principal> principals = subject.getPrincipals();
                try {
                        String authName = authorization.getName();