projects / lgpl / argeo-commons.git / blobdiff
summary | shortlog | log | commit | commitdiff | tree
raw | inline | side by side
Improve RAP security
[lgpl/argeo-commons.git] / security / runtime / org.argeo.security.core / src / main / java / org / argeo / security / core / KeyBasedSystemExecutionService.java
diff --git a/security/runtime/org.argeo.security.core/src/main/java/org/argeo/security/core/KeyBasedSystemExecutionService.java b/security/runtime/org.argeo.security.core/src/main/java/org/argeo/security/core/KeyBasedSystemExecutionService.java
index 08ef6428ad925f9cc19db8ffece144002df41218..a02221e323ce7dba34de0b03e46f5e5b8137948c 100644 (file)
--- a/security/runtime/org.argeo.security.core/src/main/java/org/argeo/security/core/KeyBasedSystemExecutionService.java
+++ b/security/runtime/org.argeo.security.core/src/main/java/org/argeo/security/core/KeyBasedSystemExecutionService.java
@@ -1,5 +1,6 @@
 package org.argeo.security.core;
 
+import org.argeo.ArgeoException;
 import org.argeo.security.SystemExecutionService;
 import org.springframework.core.task.SimpleAsyncTaskExecutor;
 import org.springframework.core.task.TaskExecutor;
@@ -36,6 +37,14 @@ public class KeyBasedSystemExecutionService implements SystemExecutionService,
                        public void run() {
                                SecurityContext securityContext = SecurityContextHolder
                                                .getContext();
+                               Authentication currentAuth = securityContext
+                                               .getAuthentication();
+                               if (currentAuth != null) {
+                                       throw new ArgeoException(
+                                                       "System execution on an already authenticated thread: "
+                                                                       + currentAuth + ", THREAD="
+                                                                       + Thread.currentThread().getId());
+                               }
                                Authentication auth = authenticationManager
                                                .authenticate(new InternalAuthentication(
                                                                systemAuthenticationKey));
Argeo Commons - Lightweight integration framework in pure Java/OSGi