X-Git-Url: https://git.argeo.org/?a=blobdiff_plain;ds=sidebyside;f=org.argeo.cms%2Fsrc%2Forg%2Fargeo%2Fcms%2Finternal%2Fauth%2FCmsSessionImpl.java;h=f40c6fffd561d6315239c96109863fa2d9c35495;hb=043d226a5504a212eb5673c3ed4441c1167724d7;hp=b6966765d9534ea1469188dc5a81c06b1cf80fa3;hpb=3df0adaee4a48c10452fb2064fb8e608b9c985d1;p=lgpl%2Fargeo-commons.git diff --git a/org.argeo.cms/src/org/argeo/cms/internal/auth/CmsSessionImpl.java b/org.argeo.cms/src/org/argeo/cms/internal/auth/CmsSessionImpl.java index b6966765d..f40c6fffd 100644 --- a/org.argeo.cms/src/org/argeo/cms/internal/auth/CmsSessionImpl.java +++ b/org.argeo.cms/src/org/argeo/cms/internal/auth/CmsSessionImpl.java @@ -1,5 +1,6 @@ package org.argeo.cms.internal.auth; +import java.io.Serializable; import java.security.AccessControlContext; import java.security.AccessController; import java.security.PrivilegedAction; @@ -10,7 +11,6 @@ import java.util.Collection; import java.util.HashMap; import java.util.HashSet; import java.util.Hashtable; -import java.util.LinkedHashSet; import java.util.Locale; import java.util.Map; import java.util.Set; @@ -40,15 +40,16 @@ import org.osgi.framework.ServiceRegistration; import org.osgi.service.useradmin.Authorization; /** Default CMS session implementation. */ -public class CmsSessionImpl implements CmsSession { +public class CmsSessionImpl implements CmsSession, Serializable { + private static final long serialVersionUID = 1867719354246307225L; private final static BundleContext bc = FrameworkUtil.getBundle(CmsSessionImpl.class).getBundleContext(); private final static Log log = LogFactory.getLog(CmsSessionImpl.class); // private final Subject initialSubject; - private final AccessControlContext initialContext; + private transient AccessControlContext accessControlContext; private final UUID uuid; private final String localSessionId; - private final Authorization authorization; + private Authorization authorization; private final LdapName userDn; private final boolean anonymous; @@ -60,14 +61,14 @@ public class CmsSessionImpl implements CmsSession { private Map dataSessions = new HashMap<>(); private Set dataSessionsInUse = new HashSet<>(); - private LinkedHashSet additionalDataSessions = new LinkedHashSet<>(); + private Set additionalDataSessions = new HashSet<>(); private Map views = new HashMap<>(); public CmsSessionImpl(Subject initialSubject, Authorization authorization, Locale locale, String localSessionId) { this.creationTime = ZonedDateTime.now(); this.locale = locale; - this.initialContext = Subject.doAs(initialSubject, new PrivilegedAction() { + this.accessControlContext = Subject.doAs(initialSubject, new PrivilegedAction() { @Override public AccessControlContext run() { @@ -120,23 +121,28 @@ public class CmsSessionImpl implements CmsSession { lc.logout(); } catch (LoginException e) { log.warn("Could not logout " + getSubject() + ": " + e); + } finally { + accessControlContext = null; } log.debug("Closed " + this); } private Subject getSubject() { - return Subject.getSubject(initialContext); + return Subject.getSubject(accessControlContext); } public Set getSecretKeys() { + checkValid(); return getSubject().getPrivateCredentials(SecretKey.class); } public Session newDataSession(String cn, String workspace, Repository repository) { + checkValid(); return login(repository, workspace); } public synchronized Session getDataSession(String cn, String workspace, Repository repository) { + checkValid(); // FIXME make it more robust if (workspace == null) workspace = NodeConstants.SYS_WORKSPACE; @@ -207,12 +213,18 @@ public class CmsSessionImpl implements CmsSession { return !isClosed(); } - protected boolean isClosed() { + private void checkValid() { + if (!isValid()) + throw new IllegalStateException("CMS session " + uuid + " is not valid since " + end); + } + + final protected boolean isClosed() { return getEnd() != null; } @Override public Authorization getAuthorization() { + checkValid(); return authorization; } @@ -258,6 +270,7 @@ public class CmsSessionImpl implements CmsSession { @Override public void registerView(String uid, Object view) { + checkValid(); if (views.containsKey(uid)) throw new IllegalArgumentException("View " + uid + " is already registered."); views.put(uid, view);