X-Git-Url: https://git.argeo.org/?a=blobdiff_plain;f=jcr%2Forg.argeo.cms.jcr%2Fsrc%2Forg%2Fargeo%2Fcms%2Fjcr%2FCmsJcrUtils.java;h=3849c5b97fac4c90611a8987f8d93ba7e84f0882;hb=c424738be0c47c808f8cc64c2a51a67eb8e3d584;hp=b5d9adfcaedbef28390945b1458c191a922b9588;hpb=8282011b0e20e80704b209ad55fa9fb132e16280;p=lgpl%2Fargeo-commons.git

diff --git a/jcr/org.argeo.cms.jcr/src/org/argeo/cms/jcr/CmsJcrUtils.java b/jcr/org.argeo.cms.jcr/src/org/argeo/cms/jcr/CmsJcrUtils.java
index b5d9adfca..3849c5b97 100644
--- a/jcr/org.argeo.cms.jcr/src/org/argeo/cms/jcr/CmsJcrUtils.java
+++ b/jcr/org.argeo.cms.jcr/src/org/argeo/cms/jcr/CmsJcrUtils.java
@@ -20,6 +20,7 @@ import javax.security.auth.login.LoginException;
 
 import org.argeo.api.cms.CmsAuth;
 import org.argeo.api.cms.CmsConstants;
+import org.argeo.jcr.JcrUtils;
 
 /** Utilities related to Argeo model in JCR */
 public class CmsJcrUtils {
@@ -239,34 +240,39 @@ public class CmsJcrUtils {
 	/**
 	 * Open a JCR session with full read/write rights on the data, as
 	 * {@link CmsConstants#ROLE_USER_ADMIN}, using the
-	 * {@link CmsAuth#LOGIN_CONTEXT_DATA_ADMIN} login context. For security
-	 * hardened deployement, use {@link AuthPermission} on this login context.
+	 * {@link CmsAuth#LOGIN_CONTEXT_DATA_ADMIN} login context. For security hardened
+	 * deployement, use {@link AuthPermission} on this login context.
 	 */
 	public static Session openDataAdminSession(Repository repository, String workspaceName) {
-		ClassLoader currentCl = Thread.currentThread().getContextClassLoader();
 		LoginContext loginContext;
 		try {
-			loginContext = new LoginContext(CmsAuth.LOGIN_CONTEXT_DATA_ADMIN);
+			loginContext = CmsAuth.DATA_ADMIN.newLoginContext();
 			loginContext.login();
 		} catch (LoginException e1) {
 			throw new RuntimeException("Could not login as data admin", e1);
 		} finally {
-			Thread.currentThread().setContextClassLoader(currentCl);
 		}
-		return Subject.doAs(loginContext.getSubject(), new PrivilegedAction<Session>() {
 
-			@Override
-			public Session run() {
-				try {
-					return repository.login(workspaceName);
-				} catch (NoSuchWorkspaceException e) {
-					throw new IllegalArgumentException("No workspace " + workspaceName + " available", e);
-				} catch (RepositoryException e) {
-					throw new RuntimeException("Cannot open data admin session", e);
+		ClassLoader currentCl = Thread.currentThread().getContextClassLoader();
+		try {
+			Thread.currentThread().setContextClassLoader(CmsJcrUtils.class.getClassLoader());
+			return Subject.doAs(loginContext.getSubject(), new PrivilegedAction<Session>() {
+
+				@Override
+				public Session run() {
+					try {
+						return JcrUtils.loginOrCreateWorkspace(repository, workspaceName);
+					} catch (NoSuchWorkspaceException e) {// should not happen
+						throw new IllegalArgumentException("No workspace " + workspaceName + " available", e);
+					} catch (RepositoryException e) {
+						throw new RuntimeException("Cannot open data admin session", e);
+					}
 				}
-			}
 
-		});
+			});
+		} finally {
+			Thread.currentThread().setContextClassLoader(currentCl);
+		}
 	}
 
 	/** Singleton. */