Refactor security components to the Kernel

[lgpl/argeo-commons.git] / org.argeo.cms / src / org / argeo / cms / util / UserMenu.java

diff --git a/org.argeo.cms/src/org/argeo/cms/util/UserMenu.java b/org.argeo.cms/src/org/argeo/cms/util/UserMenu.java
index ba8e3d48764731c6cb01fe1aae78a7c4afcea393..801a2611bf9b861bebfdc7021bbe738acfffd7f9 100644 (file)
--- a/org.argeo.cms/src/org/argeo/cms/util/UserMenu.java
+++ b/org.argeo.cms/src/org/argeo/cms/util/UserMenu.java
@@ -1,6 +1,12 @@
 package org.argeo.cms.util;
 
+import static org.argeo.cms.auth.AuthConstants.ACCESS_CONTROL_CONTEXT;
+import static org.argeo.cms.auth.AuthConstants.LOGIN_CONTEXT_ANONYMOUS;
+import static org.argeo.cms.auth.AuthConstants.LOGIN_CONTEXT_USER;
+
 import java.io.IOException;
+import java.security.AccessController;
+import java.security.PrivilegedAction;
 
 import javax.security.auth.Subject;
 import javax.security.auth.callback.Callback;
@@ -10,13 +16,15 @@ import javax.security.auth.callback.PasswordCallback;
 import javax.security.auth.callback.UnsupportedCallbackException;
 import javax.security.auth.login.LoginContext;
 import javax.security.auth.login.LoginException;
+import javax.servlet.http.HttpServletRequest;
+import javax.servlet.http.HttpSession;
 
 import org.argeo.cms.CmsException;
 import org.argeo.cms.CmsMsg;
-import org.argeo.cms.CmsSession;
 import org.argeo.cms.CmsStyles;
-import org.argeo.cms.KernelHeader;
-import org.argeo.cms.auth.ArgeoLoginContext;
+import org.argeo.cms.CmsView;
+import org.argeo.cms.auth.AuthConstants;
+import org.argeo.cms.auth.CurrentUser;
 import org.eclipse.rap.rwt.RWT;
 import org.eclipse.swt.SWT;
 import org.eclipse.swt.events.MouseAdapter;
@@ -32,8 +40,6 @@ import org.eclipse.swt.widgets.Control;
 import org.eclipse.swt.widgets.Label;
 import org.eclipse.swt.widgets.Shell;
 import org.eclipse.swt.widgets.Text;
-import org.springframework.security.core.Authentication;
-import org.springframework.security.core.context.SecurityContextHolder;
 
 /** The site-related user menu */
 public class UserMenu extends Shell implements CmsStyles, CallbackHandler {
@@ -44,13 +50,8 @@ public class UserMenu extends Shell implements CmsStyles, CallbackHandler {
                super(source.getDisplay(), SWT.NO_TRIM | SWT.BORDER | SWT.ON_TOP);
                setData(RWT.CUSTOM_VARIANT, CMS_USER_MENU);
 
-               Authentication authentication = SecurityContextHolder.getContext()
-                               .getAuthentication();
-               if (authentication == null)
-                       throw new CmsException("No authentication available");
-
-               String username = authentication.getName();
-               if (username.equals(KernelHeader.USERNAME_ANONYMOUS)) {
+               String username = CurrentUser.getUsername(CmsUtils.getCmsView().getSubject());
+               if (username.equalsIgnoreCase(AuthConstants.ROLE_ANONYMOUS)) {
                        username = null;
                        anonymousUi();
                } else {
@@ -80,15 +81,6 @@ public class UserMenu extends Shell implements CmsStyles, CallbackHandler {
                c.setLayout(new GridLayout());
                c.setLayoutData(CmsUtils.fillAll());
 
-               // String username = SecurityContextHolder.getContext()
-               // .getAuthentication().getName();
-               //
-               // Label l = new Label(c, SWT.NONE);
-               // l.setData(RWT.CUSTOM_VARIANT, CMS_USER_MENU_ITEM);
-               // l.setData(RWT.MARKUP_ENABLED, true);
-               // l.setLayoutData(CmsUtils.fillWidth());
-               // l.setText("<b>" + username + "</b>");
-
                specificUserUi(c);
 
                Label l = new Label(c, SWT.NONE);
@@ -107,12 +99,6 @@ public class UserMenu extends Shell implements CmsStyles, CallbackHandler {
                });
        }
 
-       protected String getUsername() {
-               String username = SecurityContextHolder.getContext()
-                               .getAuthentication().getName();
-               return username;
-       }
-
        /** To be overridden */
        protected void specificUserUi(Composite parent) {
 
@@ -162,22 +148,31 @@ public class UserMenu extends Shell implements CmsStyles, CallbackHandler {
        }
 
        protected void login() {
-               CmsSession cmsSession = (CmsSession) getDisplay().getData(
-                               CmsSession.KEY);
+               CmsView cmsSession = (CmsView) getDisplay().getData(CmsView.KEY);
                Subject subject = cmsSession.getSubject();
                try {
                        //
                        // LOGIN
                        //
-                       new ArgeoLoginContext(KernelHeader.LOGIN_CONTEXT_ANONYMOUS, subject)
-                                       .logout();
-                       LoginContext loginContext = new ArgeoLoginContext(
-                                       KernelHeader.LOGIN_CONTEXT_USER, subject, this);
+                       new LoginContext(LOGIN_CONTEXT_ANONYMOUS, subject).logout();
+                       LoginContext loginContext = new LoginContext(LOGIN_CONTEXT_USER,
+                                       subject, this);
                        loginContext.login();
+
+                       // save context in session
+                       final HttpSession httpSession = RWT.getRequest().getSession();
+                       Subject.doAs(subject, new PrivilegedAction<Void>() {
+
+                               @Override
+                               public Void run() {
+                                       httpSession.setAttribute(ACCESS_CONTROL_CONTEXT,
+                                                       AccessController.getContext());
+                                       return null;
+                               }
+                       });
                } catch (LoginException e1) {
                        try {
-                               new ArgeoLoginContext(KernelHeader.LOGIN_CONTEXT_ANONYMOUS,
-                                               subject).login();
+                               new LoginContext(LOGIN_CONTEXT_ANONYMOUS, subject).login();
                        } catch (LoginException e) {
                                throw new CmsException("Cannot authenticate anonymous", e1);
                        }
@@ -189,22 +184,24 @@ public class UserMenu extends Shell implements CmsStyles, CallbackHandler {
        }
 
        protected void logout() {
-               final CmsSession cmsSession = (CmsSession) getDisplay().getData(
-                               CmsSession.KEY);
+               final CmsView cmsSession = (CmsView) getDisplay().getData(CmsView.KEY);
                Subject subject = cmsSession.getSubject();
                try {
                        //
                        // LOGOUT
                        //
-                       new ArgeoLoginContext(KernelHeader.LOGIN_CONTEXT_USER, subject)
-                                       .logout();
-                       new ArgeoLoginContext(KernelHeader.LOGIN_CONTEXT_ANONYMOUS, subject)
-                                       .login();
+                       new LoginContext(LOGIN_CONTEXT_USER, subject).logout();
+                       new LoginContext(LOGIN_CONTEXT_ANONYMOUS, subject).login();
+
+                       HttpServletRequest httpRequest = RWT.getRequest();
+                       HttpSession httpSession = httpRequest.getSession();
+                       httpSession.setAttribute(ACCESS_CONTROL_CONTEXT, null);
                } catch (LoginException e1) {
                        throw new CmsException("Cannot authenticate anonymous", e1);
                }
                close();
                dispose();
+               cmsSession.navigateTo("~");
                cmsSession.authChange();
        }