projects / lgpl / argeo-commons.git / blobdiff
summary | shortlog | log | commit | commitdiff | tree
raw | inline | side by side
Use versions 1.1.3
[lgpl/argeo-commons.git] / security / runtime / org.argeo.security.core / src / main / java / org / argeo / security / core / KeyBasedSystemExecutionService.java
diff --git a/security/runtime/org.argeo.security.core/src/main/java/org/argeo/security/core/KeyBasedSystemExecutionService.java b/security/runtime/org.argeo.security.core/src/main/java/org/argeo/security/core/KeyBasedSystemExecutionService.java
index a02221e323ce7dba34de0b03e46f5e5b8137948c..3235a9602bdad53f8aed8dcfe05765644353fdf1 100644 (file)
--- a/security/runtime/org.argeo.security.core/src/main/java/org/argeo/security/core/KeyBasedSystemExecutionService.java
+++ b/security/runtime/org.argeo.security.core/src/main/java/org/argeo/security/core/KeyBasedSystemExecutionService.java
@@ -1,5 +1,9 @@
 package org.argeo.security.core;
 
+import java.security.AccessController;
+
+import javax.security.auth.Subject;
+
 import org.argeo.ArgeoException;
 import org.argeo.security.SystemExecutionService;
 import org.springframework.core.task.SimpleAsyncTaskExecutor;
@@ -39,12 +43,21 @@ public class KeyBasedSystemExecutionService implements SystemExecutionService,
                                                .getContext();
                                Authentication currentAuth = securityContext
                                                .getAuthentication();
-                               if (currentAuth != null) {
+                               if (currentAuth != null)
                                        throw new ArgeoException(
                                                        "System execution on an already authenticated thread: "
                                                                        + currentAuth + ", THREAD="
                                                                        + Thread.currentThread().getId());
-                               }
+
+                               Subject subject = Subject.getSubject(AccessController
+                                               .getContext());
+                               if (subject != null
+                                               && !subject.getPrincipals(Authentication.class)
+                                                               .isEmpty())
+                                       throw new ArgeoException(
+                                                       "There is already an authenticated subject: "
+                                                                       + subject);
+
                                Authentication auth = authenticationManager
                                                .authenticate(new InternalAuthentication(
                                                                systemAuthenticationKey));
Argeo Commons - Lightweight integration framework in pure Java/OSGi