Major refactoring of Argeo CMS UI

[lgpl/argeo-commons.git] / org.argeo.cms / src / org / argeo / cms / servlet / ServletAuthUtils.java

diff --git a/org.argeo.cms/src/org/argeo/cms/servlet/ServletAuthUtils.java b/org.argeo.cms/src/org/argeo/cms/servlet/ServletAuthUtils.java
index 13dfbe638782c3a4243f03d96d0af311e6b471d0..67db467ce25a62f19a5aec82821e0e4d41efd729 100644 (file)
--- a/org.argeo.cms/src/org/argeo/cms/servlet/ServletAuthUtils.java
+++ b/org.argeo.cms/src/org/argeo/cms/servlet/ServletAuthUtils.java
@@ -8,11 +8,17 @@ import java.util.function.Supplier;
 import javax.security.auth.Subject;
 import javax.servlet.http.HttpServletRequest;
 
+import org.argeo.api.cms.CmsSession;
 import org.argeo.cms.auth.CurrentUser;
+import org.argeo.cms.osgi.CmsOsgiUtils;
+import org.osgi.framework.BundleContext;
+import org.osgi.framework.FrameworkUtil;
 import org.osgi.service.http.HttpContext;
 
 /** Authentications utilities when using servlets. */
 public class ServletAuthUtils {
+       private static BundleContext bundleContext = FrameworkUtil.getBundle(ServletAuthUtils.class).getBundleContext();
+
        /**
         * Execute this supplier, using the CMS class loader as context classloader.
         * Useful to log in to JCR.
@@ -50,4 +56,11 @@ public class ServletAuthUtils {
                req.setAttribute(HttpContext.REMOTE_USER, null);
                req.setAttribute(AccessControlContext.class.getName(), null);
        }
+
+       public static CmsSession getCmsSession(HttpServletRequest req) {
+               Subject subject = Subject
+                               .getSubject((AccessControlContext) req.getAttribute(AccessControlContext.class.getName()));
+               CmsSession cmsSession = CmsOsgiUtils.getCmsSession(bundleContext, subject);
+               return cmsSession;
+       }
 }