Disable OSGi configuration admin and LDIF-based deploy config.

[lgpl/argeo-commons.git] / org.argeo.cms / src / org / argeo / cms / auth / RemoteSessionLoginModule.java

diff --git a/org.argeo.cms/src/org/argeo/cms/auth/RemoteSessionLoginModule.java b/org.argeo.cms/src/org/argeo/cms/auth/RemoteSessionLoginModule.java
index 962094d4ace32377f3b9e4ba5da1e2ab1ce81f1a..19875e88ae4b9a83b5cd636e595e3a3e44137a99 100644 (file)
--- a/org.argeo.cms/src/org/argeo/cms/auth/RemoteSessionLoginModule.java
+++ b/org.argeo.cms/src/org/argeo/cms/auth/RemoteSessionLoginModule.java
@@ -17,9 +17,8 @@ import javax.security.auth.spi.LoginModule;
 import org.argeo.api.cms.CmsConstants;
 import org.argeo.api.cms.CmsLog;
 import org.argeo.cms.internal.auth.CmsSessionImpl;
+import org.argeo.cms.internal.runtime.CmsContextImpl;
 import org.argeo.cms.internal.runtime.KernelUtils;
-import org.osgi.framework.BundleContext;
-import org.osgi.framework.FrameworkUtil;
 import org.osgi.service.http.HttpContext;
 import org.osgi.service.useradmin.Authorization;
 
@@ -34,7 +33,7 @@ public class RemoteSessionLoginModule implements LoginModule {
        private RemoteAuthRequest request = null;
        private RemoteAuthResponse response = null;
 
-       private BundleContext bc;
+//     private BundleContext bc;
 
        private Authorization authorization;
        private Locale locale;
@@ -43,8 +42,8 @@ public class RemoteSessionLoginModule implements LoginModule {
        @Override
        public void initialize(Subject subject, CallbackHandler callbackHandler, Map<String, ?> sharedState,
                        Map<String, ?> options) {
-               bc = FrameworkUtil.getBundle(RemoteSessionLoginModule.class).getBundleContext();
-               assert bc != null;
+//             bc = FrameworkUtil.getBundle(RemoteSessionLoginModule.class).getBundleContext();
+//             assert bc != null;
                this.subject = subject;
                this.callbackHandler = callbackHandler;
                this.sharedState = (Map<String, Object>) sharedState;
@@ -71,8 +70,8 @@ public class RemoteSessionLoginModule implements LoginModule {
                        String httpSessionId = httpSession.getId();
 //                     if (log.isTraceEnabled())
 //                             log.trace("HTTP login: " + request.getPathInfo() + " #" + httpSessionId);
-                       CmsSessionImpl cmsSession = CmsAuthUtils.cmsSessionFromHttpSession(bc, httpSessionId);
-                       if (cmsSession != null) {
+                       CmsSessionImpl cmsSession = CmsContextImpl.getCmsContext().getCmsSessionByLocalId(httpSessionId);
+                       if (cmsSession != null && !cmsSession.isAnonymous()) {
                                authorization = cmsSession.getAuthorization();
                                locale = cmsSession.getLocale();
                                if (log.isTraceEnabled())
@@ -91,8 +90,8 @@ public class RemoteSessionLoginModule implements LoginModule {
                                String httpSessionId = httpSession.getId();
 //                             if (log.isTraceEnabled())
 //                                     log.trace("HTTP login: " + request.getPathInfo() + " #" + httpSessionId);
-                               CmsSessionImpl cmsSession = CmsAuthUtils.cmsSessionFromHttpSession(bc, httpSessionId);
-                               if (cmsSession != null) {
+                               CmsSessionImpl cmsSession = CmsContextImpl.getCmsContext().getCmsSessionByLocalId(httpSessionId);
+                               if (cmsSession != null && !cmsSession.isAnonymous()) {
                                        authorization = cmsSession.getAuthorization();
                                        locale = cmsSession.getLocale();
                                        if (log.isTraceEnabled())
@@ -212,7 +211,8 @@ public class RemoteSessionLoginModule implements LoginModule {
                        if (log.isDebugEnabled())
                                log.debug("Client certificate " + certDn + " verified by servlet container");
                } // Reverse proxy verified the client certificate
-               String clientDnHttpHeader = KernelUtils.getFrameworkProp(CmsConstants.HTTP_PROXY_SSL_DN);
+               String clientDnHttpHeader = CmsContextImpl.getCmsContext().getCmsState()
+                               .getDeployProperty(CmsConstants.HTTP_PROXY_SSL_DN);
                if (clientDnHttpHeader != null) {
                        String certDn = req.getHeader(clientDnHttpHeader);
                        // TODO retrieve more cf. https://httpd.apache.org/docs/current/mod/mod_ssl.html