import javax.security.auth.callback.UnsupportedCallbackException;
import javax.security.auth.login.LoginException;
import javax.security.auth.spi.LoginModule;
-import javax.servlet.http.HttpServletRequest;
-import javax.servlet.http.HttpServletResponse;
-import javax.servlet.http.HttpSession;
import org.apache.commons.logging.Log;
import org.apache.commons.logging.LogFactory;
+import org.argeo.cms.internal.auth.CmsSessionImpl;
import org.argeo.cms.internal.kernel.Activator;
import org.osgi.framework.BundleContext;
import org.osgi.framework.FrameworkUtil;
private CallbackHandler callbackHandler = null;
private Map<String, Object> sharedState = null;
- private HttpServletRequest request = null;
- private HttpServletResponse response = null;
+ private HttpRequest request = null;
+ private HttpResponse response = null;
private BundleContext bc;
return false;
// TODO factorize with below
String httpSessionId = httpSession.getId();
- if (log.isTraceEnabled())
- log.trace("HTTP login: " + request.getPathInfo() + " #" + httpSessionId);
- CmsSession cmsSession = CmsAuthUtils.cmsSessionFromHttpSession(bc, httpSessionId);
+// if (log.isTraceEnabled())
+// log.trace("HTTP login: " + request.getPathInfo() + " #" + httpSessionId);
+ CmsSessionImpl cmsSession = CmsAuthUtils.cmsSessionFromHttpSession(bc, httpSessionId);
if (cmsSession != null) {
authorization = cmsSession.getAuthorization();
locale = cmsSession.getLocale();
} else {
authorization = (Authorization) request.getAttribute(HttpContext.AUTHORIZATION);
if (authorization == null) {// search by session ID
- HttpSession httpSession = request.getSession(false);
+ HttpSession httpSession = request.getSession();
if (httpSession == null) {
// TODO make sure this is always safe
if (log.isTraceEnabled())
log.trace("Create http session");
- httpSession = request.getSession(true);
+ httpSession = request.createSession();
}
String httpSessionId = httpSession.getId();
- if (log.isTraceEnabled())
- log.trace("HTTP login: " + request.getPathInfo() + " #" + httpSessionId);
- CmsSession cmsSession = CmsAuthUtils.cmsSessionFromHttpSession(bc, httpSessionId);
+// if (log.isTraceEnabled())
+// log.trace("HTTP login: " + request.getPathInfo() + " #" + httpSessionId);
+ CmsSessionImpl cmsSession = CmsAuthUtils.cmsSessionFromHttpSession(bc, httpSessionId);
if (cmsSession != null) {
authorization = cmsSession.getAuthorization();
locale = cmsSession.getLocale();
return true;
}
- private void extractHttpAuth(final HttpServletRequest httpRequest) {
+ private void extractHttpAuth(final HttpRequest httpRequest) {
String authHeader = httpRequest.getHeader(CmsAuthUtils.HEADER_AUTHORIZATION);
extractHttpAuth(authHeader);
}
// }
}
- private void extractClientCertificate(HttpServletRequest req) {
+ private void extractClientCertificate(HttpRequest req) {
X509Certificate[] certs = (X509Certificate[]) req.getAttribute("javax.servlet.request.X509Certificate");
if (null != certs && certs.length > 0) {// Servlet container verified the client certificate
String certDn = certs[0].getSubjectX500Principal().getName();