import org.apache.commons.logging.Log;
import org.apache.commons.logging.LogFactory;
-import org.argeo.cms.CmsException;
+import org.argeo.cms.internal.auth.CmsSessionImpl;
import org.argeo.cms.internal.kernel.Activator;
import org.osgi.framework.BundleContext;
import org.osgi.framework.FrameworkUtil;
import org.osgi.service.http.HttpContext;
import org.osgi.service.useradmin.Authorization;
+/** Use the HTTP session as the basis for authentication. */
public class HttpSessionLoginModule implements LoginModule {
private final static Log log = LogFactory.getLog(HttpSessionLoginModule.class);
String httpSessionId = httpSession.getId();
if (log.isTraceEnabled())
log.trace("HTTP login: " + request.getPathInfo() + " #" + httpSessionId);
- CmsSession cmsSession = CmsAuthUtils.cmsSessionFromHttpSession(bc, httpSessionId);
+ CmsSessionImpl cmsSession = CmsAuthUtils.cmsSessionFromHttpSession(bc, httpSessionId);
if (cmsSession != null) {
authorization = cmsSession.getAuthorization();
locale = cmsSession.getLocale();
String httpSessionId = httpSession.getId();
if (log.isTraceEnabled())
log.trace("HTTP login: " + request.getPathInfo() + " #" + httpSessionId);
- CmsSession cmsSession = CmsAuthUtils.cmsSessionFromHttpSession(bc, httpSessionId);
+ CmsSessionImpl cmsSession = CmsAuthUtils.cmsSessionFromHttpSession(bc, httpSessionId);
if (cmsSession != null) {
authorization = cmsSession.getAuthorization();
locale = cmsSession.getLocale();
} else {
if (log.isTraceEnabled())
log.trace("HTTP login: " + true);
+ request.setAttribute(HttpContext.AUTHORIZATION, authorization);
return true;
}
}
sharedState.put(CmsAuthUtils.SHARED_STATE_NAME, login);
sharedState.put(CmsAuthUtils.SHARED_STATE_PWD, password);
} else {
- throw new CmsException("Invalid authentication token");
+ throw new IllegalStateException("Invalid authentication token");
}
} catch (Exception e) {
- throw new CmsException("Couldn't retrieve authentication", e);
+ throw new IllegalStateException("Couldn't retrieve authentication", e);
}
} else if (basic.equalsIgnoreCase("Negotiate")) {
String spnegoToken = st.nextToken();