X-Git-Url: https://git.argeo.org/?a=blobdiff_plain;f=org.argeo.cms%2Fsrc%2Forg%2Fargeo%2Fcms%2Fauth%2FCmsAuthUtils.java;h=1efb93afdd36b9ad1432f4976d4351c48dfa2277;hb=da9d144b6b241e1526a3bd255dff905a7969a5bc;hp=46adcf8a516db80a509476947cbcb4c9ee5cd364;hpb=c2366f32052deada7d96f635e86f745f438f094e;p=lgpl%2Fargeo-commons.git diff --git a/org.argeo.cms/src/org/argeo/cms/auth/CmsAuthUtils.java b/org.argeo.cms/src/org/argeo/cms/auth/CmsAuthUtils.java index 46adcf8a5..1efb93afd 100644 --- a/org.argeo.cms/src/org/argeo/cms/auth/CmsAuthUtils.java +++ b/org.argeo.cms/src/org/argeo/cms/auth/CmsAuthUtils.java @@ -1,7 +1,6 @@ package org.argeo.cms.auth; import java.security.Principal; -import java.util.Collection; import java.util.Locale; import java.util.Set; import java.util.UUID; @@ -11,20 +10,16 @@ import javax.naming.ldap.LdapName; import javax.security.auth.Subject; import javax.security.auth.x500.X500Principal; -import org.argeo.api.cms.CmsSession; -import org.argeo.api.cms.CmsSessionId; -import org.argeo.api.cms.DataAdminPrincipal; import org.argeo.api.cms.AnonymousPrincipal; import org.argeo.api.cms.CmsConstants; +import org.argeo.api.cms.CmsSessionId; +import org.argeo.api.cms.DataAdminPrincipal; import org.argeo.cms.internal.auth.CmsSessionImpl; import org.argeo.cms.internal.auth.ImpliedByPrincipal; import org.argeo.cms.internal.http.WebCmsSessionImpl; import org.argeo.cms.internal.runtime.CmsContextImpl; import org.argeo.cms.security.NodeSecurityUtils; import org.argeo.osgi.useradmin.AuthenticatingUser; -import org.osgi.framework.BundleContext; -import org.osgi.framework.InvalidSyntaxException; -import org.osgi.framework.ServiceReference; import org.osgi.service.http.HttpContext; import org.osgi.service.useradmin.Authorization; @@ -44,6 +39,8 @@ class CmsAuthUtils { final static String SHARED_STATE_REMOTE_ADDR = "org.argeo.cms.auth.remote.addr"; final static String SHARED_STATE_REMOTE_PORT = "org.argeo.cms.auth.remote.port"; + final static String SINGLE_USER_LOCAL_ID = "single-user"; + static void addAuthorization(Subject subject, Authorization authorization) { assert subject != null; checkSubjectEmpty(subject); @@ -144,7 +141,9 @@ class CmsAuthUtils { if (currentLocalSessionAnonymous) { currentLocalSession.close(); // new CMS session - cmsSession = new WebCmsSessionImpl(subject, authorization, locale, request); + UUID cmsSessionUuid = CmsContextImpl.getCmsContext().getUuidFactory().timeUUID(); + cmsSession = new WebCmsSessionImpl(cmsSessionUuid, subject, authorization, locale, request); + CmsContextImpl.getCmsContext().registerCmsSession(cmsSession); } else if (!authorization.getName().equals(currentLocalSession.getAuthorization().getName())) { throw new IllegalStateException("Inconsistent user " + authorization.getName() + " for existing CMS session " + currentLocalSession); @@ -165,7 +164,8 @@ class CmsAuthUtils { } } else { // new CMS session - cmsSession = new WebCmsSessionImpl(subject, authorization, locale, request); + UUID cmsSessionUuid = CmsContextImpl.getCmsContext().getUuidFactory().timeUUID(); + cmsSession = new WebCmsSessionImpl(cmsSessionUuid, subject, authorization, locale, request); CmsContextImpl.getCmsContext().registerCmsSession(cmsSession); } @@ -182,8 +182,12 @@ class CmsAuthUtils { "Subject already logged with session " + storedSessionId + " (not " + nodeSessionId + ")"); } } else { - CmsSessionImpl cmsSession = new CmsSessionImpl(subject, authorization, locale, "desktop"); - CmsContextImpl.getCmsContext().registerCmsSession(cmsSession); + CmsSessionImpl cmsSession = CmsContextImpl.getCmsContext().getCmsSessionByLocalId(SINGLE_USER_LOCAL_ID); + if (cmsSession == null) { + UUID cmsSessionUuid = CmsContextImpl.getCmsContext().getUuidFactory().timeUUID(); + cmsSession = new CmsSessionImpl(cmsSessionUuid, subject, authorization, locale, SINGLE_USER_LOCAL_ID); + CmsContextImpl.getCmsContext().registerCmsSession(cmsSession); + } CmsSessionId nodeSessionId = new CmsSessionId(cmsSession.getUuid()); subject.getPrivateCredentials().add(nodeSessionId); }