Jackrabbit security improved

[lgpl/argeo-commons.git] / security / plugins / org.argeo.security.ui.application / src / main / java / org / argeo / security / ui / application / AbstractSecureApplication.java
diff --git a/security/plugins/org.argeo.security.ui.application/src/main/java/org/argeo/security/ui/application/AbstractSecureApplication.java b/security/plugins/org.argeo.security.ui.application/src/main/java/org/argeo/security/ui/application/AbstractSecureApplication.java

index 9550660004fbb22a4c9376c3ca42ae3c4073195d..d866cb69ce77bcf18bb1de655444b6f765f03d22 100644 (file)
--- a/security/plugins/org.argeo.security.ui.application/src/main/java/org/argeo/security/ui/application/AbstractSecureApplication.java
+++ b/security/plugins/org.argeo.security.ui.application/src/main/java/org/argeo/security/ui/application/AbstractSecureApplication.java
@@ -3,9 +3,11 @@ package org.argeo.security.ui.application;
  import java.security.PrivilegedAction;
  
  import javax.security.auth.Subject;
+import javax.security.auth.login.LoginException;
  
  import org.apache.commons.logging.Log;
  import org.apache.commons.logging.LogFactory;
+import org.argeo.eclipse.ui.dialogs.Error;
  import org.eclipse.core.runtime.IStatus;
  import org.eclipse.core.runtime.Status;
  import org.eclipse.equinox.app.IApplication;
@@ -17,8 +19,8 @@ import org.eclipse.ui.PlatformUI;
  import org.eclipse.ui.application.WorkbenchAdvisor;
  
  /**
- * Common base class for authenticated access to the Eclipse UI framework (RAP and
- * RCP)
+ * Common base class for authenticated access to the Eclipse UI framework (RAP
+ * and RCP)
   */
  public abstract class AbstractSecureApplication implements IApplication {
         private static final Log log = LogFactory
@@ -30,34 +32,42 @@ public abstract class AbstractSecureApplication implements IApplication {
  
                 Integer returnCode = null;
                 Display display = PlatformUI.createDisplay();
-
-               // Force login
-
                 try {
-                       String username = null;
-                       Exception loginException = null;
                         Subject subject = null;
-                       try {
-                               SecureApplicationActivator.getLoginContext().login();
-                               subject = SecureApplicationActivator.getLoginContext()
-                                               .getSubject();
-
-                               // username = CurrentUser.getUsername();
-                       } catch (Exception e) {
-                               loginException = e;
-                               e.printStackTrace();
+                       Boolean retry = true;
+                       while (retry) {
+                               try {
+                                       SecureApplicationActivator.getLoginContext().login();
+                                       subject = SecureApplicationActivator.getLoginContext()
+                                                       .getSubject();
+                                       retry = false;
+                               } catch (LoginException e) {
+                                       Error.show("Cannot login", e);
+                                       retry = true;
+                               } catch (Exception e) {
+                                       Error.show("Unexpected exception while trying to login", e);
+                                       retry = false;
+                               }
                         }
+
                         if (subject == null) {
-                               IStatus status = new Status(IStatus.ERROR,
-                                               "org.argeo.security.application", "Login is mandatory",
-                                               loginException);
-                               ErrorDialog.openError(null, "Error", "Shutdown...", status);
-                               return status.getSeverity();
+                               // IStatus status = new Status(IStatus.ERROR,
+                               // "org.argeo.security.application", "Login is mandatory",
+                               // loginException);
+                               // ErrorDialog.openError(null, "Error", "Shutdown...", status);
+                               // return status.getSeverity();
+
+                               // TODO: log as anonymous
                         }
  
-                       returnCode = (Integer) Subject.doAs(subject, getRunAction(display));
-                       SecureApplicationActivator.getLoginContext().logout();
-                       return processReturnCode(returnCode);
+                       if (subject != null) {
+                               returnCode = (Integer) Subject.doAs(subject,
+                                               getRunAction(display));
+                               SecureApplicationActivator.getLoginContext().logout();
+                               return processReturnCode(returnCode);
+                       } else {
+                               return -1;
+                       }
                 } catch (Exception e) {
                         // e.printStackTrace();
                         IStatus status = new Status(IStatus.ERROR,