package org.argeo.cms.ui;
+import static org.argeo.naming.SharedSecret.X_SHARED_SECRET;
+
import java.io.IOException;
import java.security.PrivilegedAction;
import java.util.HashMap;
import javax.jcr.nodetype.NodeType;
import javax.security.auth.Subject;
import javax.security.auth.callback.Callback;
-import javax.security.auth.callback.CallbackHandler;
-import javax.security.auth.callback.NameCallback;
-import javax.security.auth.callback.PasswordCallback;
import javax.security.auth.callback.UnsupportedCallbackException;
import javax.security.auth.login.LoginContext;
import javax.security.auth.login.LoginException;
import org.apache.commons.logging.Log;
import org.apache.commons.logging.LogFactory;
+import org.argeo.api.NodeConstants;
import org.argeo.cms.CmsException;
import org.argeo.cms.auth.CurrentUser;
+import org.argeo.cms.auth.HttpRequestCallback;
import org.argeo.cms.auth.HttpRequestCallbackHandler;
import org.argeo.eclipse.ui.specific.UiContext;
import org.argeo.jcr.JcrUtils;
-import org.argeo.node.NodeConstants;
+import org.argeo.naming.AuthPassword;
+import org.argeo.naming.SharedSecret;
import org.eclipse.rap.rwt.RWT;
import org.eclipse.rap.rwt.application.AbstractEntryPoint;
import org.eclipse.rap.rwt.client.WebClient;
* The node to return when no node was found (for authenticated users and
* anonymous)
*/
- private Node getDefaultNode(Session session) throws RepositoryException {
- if (!session.hasPermission(defaultPath, "read")) {
- String userId = session.getUserID();
- if (userId.equals(NodeConstants.ROLE_ANONYMOUS))
- // TODO throw a special exception
- throw new CmsException("Login required");
- else
- throw new CmsException("Unauthorized");
- }
- return session.getNode(defaultPath);
- }
+// private Node getDefaultNode(Session session) throws RepositoryException {
+// if (!session.hasPermission(defaultPath, "read")) {
+// String userId = session.getUserID();
+// if (userId.equals(NodeConstants.ROLE_ANONYMOUS))
+// // TODO throw a special exception
+// throw new CmsException("Login required");
+// else
+// throw new CmsException("Unauthorized");
+// }
+// return session.getNode(defaultPath);
+// }
protected String getBaseTitle() {
return factoryProperties.get(WebClient.PAGE_TITLE);
}
// auth
- int colonIndex = prefix.indexOf(':');
+ int colonIndex = prefix.indexOf('$');
if (colonIndex > 0) {
- String user = prefix.substring(0, colonIndex);
- // if (isAnonymous()) {
- String token = prefix.substring(colonIndex + 1);
- LoginContext lc = new LoginContext(NodeConstants.LOGIN_CONTEXT_USER, new CallbackHandler() {
+ SharedSecret token = new SharedSecret(new AuthPassword(X_SHARED_SECRET + '$' + prefix)) {
@Override
public void handle(Callback[] callbacks) throws IOException, UnsupportedCallbackException {
+ super.handle(callbacks);
+ // handle HTTP context
for (Callback callback : callbacks) {
- if (callback instanceof NameCallback)
- ((NameCallback) callback).setName(user);
- else if (callback instanceof PasswordCallback)
- ((PasswordCallback) callback).setPassword(token.toCharArray());
+ if (callback instanceof HttpRequestCallback) {
+ ((HttpRequestCallback) callback).setRequest(UiContext.getHttpRequest());
+ ((HttpRequestCallback) callback).setResponse(UiContext.getHttpResponse());
+ }
}
-
}
- });
+ };
+ LoginContext lc = new LoginContext(NodeConstants.LOGIN_CONTEXT_USER, token);
lc.login();
authChange(lc);// sets the node as well
// } else {
Node newNode = null;
if (session.nodeExists(newNodePath))
newNode = session.getNode(newNodePath);
- else
- throw new CmsException("Data " + newNodePath + " does not exist");
+ else {
+// throw new CmsException("Data " + newNodePath + " does not exist");
+ newNode = null;
+ }
setNode(newNode);
}
String title = publishMetaData(getNode());
private String publishMetaData(Node node) throws RepositoryException {
// Title
String title;
- if (node.isNodeType(NodeType.MIX_TITLE) && node.hasProperty(Property.JCR_TITLE))
+ if (node != null && node.isNodeType(NodeType.MIX_TITLE) && node.hasProperty(Property.JCR_TITLE))
title = node.getProperty(Property.JCR_TITLE).getString() + " - " + getBaseTitle();
else
title = getBaseTitle();
return null;
StringBuilder js = new StringBuilder();
+ if (title == null)
+ title = "";
title = title.replace("'", "\\'");// sanitize
js.append("document.title = '" + title + "';");
jsExecutor.execute(js.toString());