- Improve CMS login (HTTP session now supported)

[lgpl/argeo-commons.git] / org.argeo.cms / src / org / argeo / cms / internal / auth / AnonymousLoginModule.java

diff --git a/org.argeo.cms/src/org/argeo/cms/internal/auth/AnonymousLoginModule.java b/org.argeo.cms/src/org/argeo/cms/internal/auth/AnonymousLoginModule.java
index 6078b8f2bb55b8e993eedd9564278acd6eac474d..855524961c86e390fe14b742e90c53ce95362c86 100644 (file)
--- a/org.argeo.cms/src/org/argeo/cms/internal/auth/AnonymousLoginModule.java
+++ b/org.argeo.cms/src/org/argeo/cms/internal/auth/AnonymousLoginModule.java
@@ -25,16 +25,15 @@ import javax.security.auth.callback.CallbackHandler;
 import javax.security.auth.callback.UnsupportedCallbackException;
 import javax.security.auth.login.LoginException;
 
+import org.argeo.cms.KernelHeader;
 import org.argeo.cms.internal.kernel.Activator;
 import org.argeo.util.LocaleCallback;
 import org.argeo.util.LocaleUtils;
 import org.springframework.security.authentication.AnonymousAuthenticationToken;
 import org.springframework.security.core.Authentication;
-import org.springframework.security.core.authority.SimpleGrantedAuthority;
 
 /** Login module which caches one subject per thread. */
 public class AnonymousLoginModule extends AbstractLoginModule {
-       private String anonymousRole = "ROLE_ANONYMOUS";
        /** Comma separated list of locales */
        private String availableLocales = null;
 
@@ -44,18 +43,22 @@ public class AnonymousLoginModule extends AbstractLoginModule {
                        InterruptedException {
                Locale selectedLocale = null;
                // multi locale
-               if (availableLocales != null && !availableLocales.trim().equals("")) {
-                       LocaleCallback localeCallback = new LocaleCallback(availableLocales);
-                       callbackHandler.handle(new Callback[] { localeCallback });
-                       selectedLocale = localeCallback.getSelectedLocale();
-               } else {
-                       callbackHandler.handle(new Callback[] {});
-               }
+               if (callbackHandler != null)
+                       if (availableLocales != null && !availableLocales.trim().equals("")) {
+                               LocaleCallback localeCallback = new LocaleCallback(
+                                               availableLocales);
+                               callbackHandler.handle(new Callback[] { localeCallback });
+                               selectedLocale = localeCallback.getSelectedLocale();
+                       } else {
+                               callbackHandler.handle(new Callback[] {});
+                       }
 
-               List<SimpleGrantedAuthority> authorities = Collections
-                               .singletonList(new SimpleGrantedAuthority(anonymousRole));
+               List<GrantedAuthorityPrincipal> authorities = Collections
+                               .singletonList(new GrantedAuthorityPrincipal(
+                                               KernelHeader.ROLE_ANONYMOUS));
                AnonymousAuthenticationToken anonymousToken = new AnonymousAuthenticationToken(
-                               Activator.getSystemKey(), null, authorities);
+                               Activator.getSystemKey(), KernelHeader.USERNAME_ANONYMOUS,
+                               authorities);
 
                Authentication auth = getAuthenticationManager().authenticate(
                                anonymousToken);