X-Git-Url: https://git.argeo.org/?a=blobdiff_plain;ds=sidebyside;f=org.argeo.cms%2Fsrc%2Forg%2Fargeo%2Fcms%2Finternal%2Fauth%2FCmsSessionImpl.java;h=4f5a85ddfc998a0bbd24b33d4b4fc567bf21e565;hb=ae3512aea50717cfaf0392421b66c7c028cbd36b;hp=2e074e7781e57c5438272a6fc11221164512994f;hpb=eb4324be6ac9cdff15828a21ee7d3f6ca2f19fb9;p=lgpl%2Fargeo-commons.git diff --git a/org.argeo.cms/src/org/argeo/cms/internal/auth/CmsSessionImpl.java b/org.argeo.cms/src/org/argeo/cms/internal/auth/CmsSessionImpl.java index 2e074e778..4f5a85ddf 100644 --- a/org.argeo.cms/src/org/argeo/cms/internal/auth/CmsSessionImpl.java +++ b/org.argeo.cms/src/org/argeo/cms/internal/auth/CmsSessionImpl.java @@ -1,9 +1,6 @@ package org.argeo.cms.internal.auth; import java.io.Serializable; -import java.security.AccessControlContext; -import java.security.AccessController; -import java.security.PrivilegedAction; import java.time.ZonedDateTime; import java.util.ArrayList; import java.util.Collections; @@ -12,11 +9,9 @@ import java.util.List; import java.util.Locale; import java.util.Map; import java.util.Objects; -import java.util.Set; import java.util.UUID; import java.util.function.Consumer; -import javax.crypto.SecretKey; import javax.security.auth.Subject; import javax.security.auth.login.LoginContext; import javax.security.auth.login.LoginException; @@ -27,17 +22,14 @@ import org.argeo.api.cms.CmsConstants; import org.argeo.api.cms.CmsLog; import org.argeo.api.cms.CmsSession; import org.argeo.cms.internal.runtime.CmsContextImpl; -import org.osgi.framework.ServiceRegistration; import org.osgi.service.useradmin.Authorization; /** Default CMS session implementation. */ public class CmsSessionImpl implements CmsSession, Serializable { private static final long serialVersionUID = 1867719354246307225L; -// private final static BundleContext bc = FrameworkUtil.getBundle(CmsSessionImpl.class).getBundleContext(); private final static CmsLog log = CmsLog.getLog(CmsSessionImpl.class); - // private final Subject initialSubject; - private transient AccessControlContext accessControlContext; + private transient Subject subject; private final UUID uuid; private final String localSessionId; private Authorization authorization; @@ -49,8 +41,6 @@ public class CmsSessionImpl implements CmsSession, Serializable { private ZonedDateTime end; private final Locale locale; - private ServiceRegistration serviceRegistration; - private Map views = new HashMap<>(); private List> onCloseCallbacks = Collections.synchronizedList(new ArrayList<>()); @@ -61,15 +51,7 @@ public class CmsSessionImpl implements CmsSession, Serializable { this.creationTime = ZonedDateTime.now(); this.locale = locale; - this.accessControlContext = Subject.doAs(initialSubject, new PrivilegedAction() { - - @Override - public AccessControlContext run() { - return AccessController.getContext(); - } - - }); - // this.initialSubject = initialSubject; + this.subject = initialSubject; this.localSessionId = localSessionId; this.authorization = authorization; if (authorization.getName() != null) { @@ -94,15 +76,15 @@ public class CmsSessionImpl implements CmsSession, Serializable { try { LoginContext lc; if (isAnonymous()) { - lc = new LoginContext(CmsAuth.LOGIN_CONTEXT_ANONYMOUS, getSubject()); + lc = CmsAuth.ANONYMOUS.newLoginContext(getSubject()); } else { - lc = new LoginContext(CmsAuth.LOGIN_CONTEXT_USER, getSubject()); + lc = CmsAuth.USER.newLoginContext(getSubject()); } lc.logout(); } catch (LoginException e) { log.warn("Could not logout " + getSubject() + ": " + e); } finally { - accessControlContext = null; + subject = null; } log.debug("Closed " + this); } @@ -113,13 +95,13 @@ public class CmsSessionImpl implements CmsSession, Serializable { } public Subject getSubject() { - return Subject.getSubject(accessControlContext); + return subject; } - public Set getSecretKeys() { - checkValid(); - return getSubject().getPrivateCredentials(SecretKey.class); - } +// public Set getSecretKeys() { +// checkValid(); +// return getSubject().getPrivateCredentials(SecretKey.class); +// } @Override public boolean isValid() {