Introduce OSAuthentication

[lgpl/argeo-commons.git] / security / plugins / org.argeo.security.equinox / src / main / java / org / argeo / security / equinox / SpringLoginModule.java

diff --git a/security/plugins/org.argeo.security.equinox/src/main/java/org/argeo/security/equinox/SpringLoginModule.java b/security/plugins/org.argeo.security.equinox/src/main/java/org/argeo/security/equinox/SpringLoginModule.java
index 298323b3d345d3fc797df404e7eddcd60b77f036..c35416d9979c9fe246b9be4621a6bc233d714cff 100644 (file)
--- a/security/plugins/org.argeo.security.equinox/src/main/java/org/argeo/security/equinox/SpringLoginModule.java
+++ b/security/plugins/org.argeo.security.equinox/src/main/java/org/argeo/security/equinox/SpringLoginModule.java
@@ -1,7 +1,6 @@
 package org.argeo.security.equinox;
 
 import java.util.Map;
-import java.util.Set;
 
 import javax.security.auth.Subject;
 import javax.security.auth.callback.Callback;
@@ -16,7 +15,6 @@ import org.apache.commons.logging.LogFactory;
 import org.argeo.security.SiteAuthenticationToken;
 import org.springframework.security.Authentication;
 import org.springframework.security.AuthenticationManager;
-import org.springframework.security.BadCredentialsException;
 import org.springframework.security.context.SecurityContextHolder;
 import org.springframework.security.providers.jaas.SecurityContextLoginModule;
 
@@ -44,10 +42,11 @@ public class SpringLoginModule extends SecurityContextLoginModule {
 
        public boolean login() throws LoginException {
                // try to retrieve Authentication from Subject
-               Set<Authentication> auths = subject.getPrincipals(Authentication.class);
-               if (auths.size() > 0)
-                       SecurityContextHolder.getContext().setAuthentication(
-                                       auths.iterator().next());
+               // Set<Authentication> auths =
+               // subject.getPrincipals(Authentication.class);
+               // if (auths.size() > 0)
+               // SecurityContextHolder.getContext().setAuthentication(
+               // auths.iterator().next());
 
                // thread already logged in
                if (SecurityContextHolder.getContext().getAuthentication() != null)
@@ -80,9 +79,7 @@ public class SpringLoginModule extends SecurityContextLoginModule {
                        callbackHandler.handle(new Callback[] { label, nameCallback,
                                        passwordCallback });
                } catch (Exception e) {
-                       LoginException le = new LoginException("Callback handling failed");
-                       le.initCause(e);
-                       throw le;
+                       throw new RuntimeException("Unexpected exception when handling", e);
                }
 
                // Set user name and password
@@ -99,20 +96,20 @@ public class SpringLoginModule extends SecurityContextLoginModule {
                SiteAuthenticationToken credentials = new SiteAuthenticationToken(
                                username, password, null, workspace);
 
-               try {
-                       Authentication authentication = authenticationManager
-                                       .authenticate(credentials);
-                       registerAuthentication(authentication);
-                       boolean res = super.login();
-                       return res;
-               } catch (BadCredentialsException bce) {
-                       throw bce;
-               } catch (Exception e) {
-                       LoginException loginException = new LoginException(
-                                       "Bad credentials");
-                       loginException.initCause(e);
-                       throw loginException;
-               }
+               // try {
+               Authentication authentication = authenticationManager
+                               .authenticate(credentials);
+               registerAuthentication(authentication);
+               boolean res = super.login();
+               return res;
+               // } catch (BadCredentialsException bce) {
+               // throw bce;
+               // } catch (LoginException e) {
+               // // LoginException loginException = new LoginException(
+               // // "Bad credentials");
+               // // loginException.initCause(e);
+               // throw e;
+               // }
        }
 
        @Override