Workarounds case issue in Security

[lgpl/argeo-commons.git] / org.argeo.cms.ui / src / org / argeo / cms / util / LoginEntryPoint.java
diff --git a/org.argeo.cms.ui/src/org/argeo/cms/util/LoginEntryPoint.java b/org.argeo.cms.ui/src/org/argeo/cms/util/LoginEntryPoint.java

index 1f46f100e0c98cbce2a5e45496c7017b10eba5f0..1f24da2f4327d3d9d27c550cd73aa059fafd390f 100644 (file)
--- a/org.argeo.cms.ui/src/org/argeo/cms/util/LoginEntryPoint.java
+++ b/org.argeo.cms.ui/src/org/argeo/cms/util/LoginEntryPoint.java
@@ -2,10 +2,10 @@ package org.argeo.cms.util;
  
  import java.util.Locale;
  
-import javax.security.auth.login.CredentialNotFoundException;
  import javax.security.auth.login.LoginContext;
  import javax.security.auth.login.LoginException;
  import javax.servlet.http.HttpServletRequest;
+import javax.servlet.http.HttpServletResponse;
  
  import org.argeo.cms.CmsException;
  import org.argeo.cms.auth.CurrentUser;
@@ -24,6 +24,8 @@ import org.eclipse.swt.widgets.Composite;
  import org.eclipse.swt.widgets.Display;
  
  public class LoginEntryPoint implements EntryPoint, CmsView {
+       protected final static String HEADER_WWW_AUTHENTICATE = "WWW-Authenticate";
+       protected final static String HEADER_AUTHORIZATION = "Authorization";
         // private final static Log log = LogFactory.getLog(WorkbenchLogin.class);
         // private final Subject subject = new Subject();
         private LoginContext loginContext;
@@ -38,25 +40,28 @@ public class LoginEntryPoint implements EntryPoint, CmsView {
                         // try pre-auth
                         loginContext = new LoginContext(NodeConstants.LOGIN_CONTEXT_USER, loginShell);
                         loginContext.login();
-               } catch (CredentialNotFoundException e) {
+               } catch (LoginException e) {
                         loginShell.createUi();
                         loginShell.open();
+
+//                     HttpServletRequest request = RWT.getRequest();
+//                     String authorization = request.getHeader(HEADER_AUTHORIZATION);
+//                     if (authorization == null || !authorization.startsWith("Negotiate")) {
+//                             HttpServletResponse response = RWT.getResponse();
+//                             response.setStatus(401);
+//                             response.setHeader(HEADER_WWW_AUTHENTICATE, "Negotiate");
+//                             response.setDateHeader("Date", System.currentTimeMillis());
+//                             response.setDateHeader("Expires", System.currentTimeMillis() + (24 * 60 * 60 * 1000));
+//                             response.setHeader("Accept-Ranges", "bytes");
+//                             response.setHeader("Connection", "Keep-Alive");
+//                             response.setHeader("Keep-Alive", "timeout=5, max=97");
+//                             // response.setContentType("text/html; charset=UTF-8");
+//                     }
+
                         while (!loginShell.getShell().isDisposed()) {
-                               // try {
                                 if (!display.readAndDispatch())
                                         display.sleep();
-                               // } catch (Exception e1) {
-                               // try {
-                               // Thread.sleep(3000);
-                               // } catch (InterruptedException e2) {
-                               // // silent
-                               // }
-                               // ErrorFeedback.show("Login failed", e1);
-                               // return -1;
-                               // }
                         }
-               } catch (LoginException e) {
-                       throw new CmsException("Cannot log in", e);
                 }
  
                 if (CurrentUser.getUsername() == null)
@@ -76,8 +81,6 @@ public class LoginEntryPoint implements EntryPoint, CmsView {
         protected HttpServletRequest getRequest() {
                 return RWT.getRequest();
         }
-       
-       
  
         protected CmsLoginShell createCmsLoginShell() {
                 return new CmsLoginShell(this) {
@@ -132,19 +135,6 @@ public class LoginEntryPoint implements EntryPoint, CmsView {
                         throw new CmsException("Cannot log out", e);
                 }
         }
-       
-       
-
-       // @Override
-       // public final Subject getSubject() {
-       // return subject;
-       // }
-
-//     @Override
-//     public void registerCallbackHandler(CallbackHandler callbackHandler) {
-//             throw new UnsupportedOperationException();
-//             
-//     }
  
         @Override
         public void exception(Throwable e) {
@@ -167,5 +157,4 @@ public class LoginEntryPoint implements EntryPoint, CmsView {
         public UxContext getUxContext() {
                 return uxContext;
         }
-
-}
+}
+\ No newline at end of file