X-Git-Url: https://git.argeo.org/?a=blobdiff_plain;f=org.argeo.cms%2Fsrc%2Forg%2Fargeo%2Fcms%2Fauth%2FRemoteSessionLoginModule.java;h=3abcf8c9483d52176d9cb058723577f9c1a7963a;hb=3d3c654c9d973c62ca22f1c9010bb2e7e1847d09;hp=ecbc844b5141c4c4ef7908fdc3bb1addf1057a09;hpb=4185ff8826f893a4a1f054f61a11b89333c3e85d;p=lgpl%2Fargeo-commons.git

diff --git a/org.argeo.cms/src/org/argeo/cms/auth/RemoteSessionLoginModule.java b/org.argeo.cms/src/org/argeo/cms/auth/RemoteSessionLoginModule.java
index ecbc844b5..3abcf8c94 100644
--- a/org.argeo.cms/src/org/argeo/cms/auth/RemoteSessionLoginModule.java
+++ b/org.argeo.cms/src/org/argeo/cms/auth/RemoteSessionLoginModule.java
@@ -14,18 +14,18 @@ import javax.security.auth.callback.UnsupportedCallbackException;
 import javax.security.auth.login.LoginException;
 import javax.security.auth.spi.LoginModule;
 
-import org.apache.commons.logging.Log;
-import org.apache.commons.logging.LogFactory;
+import org.argeo.api.cms.CmsConstants;
+import org.argeo.api.cms.CmsLog;
+import org.argeo.cms.CmsDeployProperty;
 import org.argeo.cms.internal.auth.CmsSessionImpl;
-import org.argeo.cms.internal.kernel.Activator;
-import org.osgi.framework.BundleContext;
-import org.osgi.framework.FrameworkUtil;
+import org.argeo.cms.internal.runtime.CmsContextImpl;
+import org.argeo.cms.internal.runtime.CmsStateImpl;
 import org.osgi.service.http.HttpContext;
 import org.osgi.service.useradmin.Authorization;
 
 /** Use the HTTP session as the basis for authentication. */
 public class RemoteSessionLoginModule implements LoginModule {
-	private final static Log log = LogFactory.getLog(RemoteSessionLoginModule.class);
+	private final static CmsLog log = CmsLog.getLog(RemoteSessionLoginModule.class);
 
 	private Subject subject = null;
 	private CallbackHandler callbackHandler = null;
@@ -34,7 +34,7 @@ public class RemoteSessionLoginModule implements LoginModule {
 	private RemoteAuthRequest request = null;
 	private RemoteAuthResponse response = null;
 
-	private BundleContext bc;
+//	private BundleContext bc;
 
 	private Authorization authorization;
 	private Locale locale;
@@ -43,8 +43,8 @@ public class RemoteSessionLoginModule implements LoginModule {
 	@Override
 	public void initialize(Subject subject, CallbackHandler callbackHandler, Map<String, ?> sharedState,
 			Map<String, ?> options) {
-		bc = FrameworkUtil.getBundle(RemoteSessionLoginModule.class).getBundleContext();
-		assert bc != null;
+//		bc = FrameworkUtil.getBundle(RemoteSessionLoginModule.class).getBundleContext();
+//		assert bc != null;
 		this.subject = subject;
 		this.callbackHandler = callbackHandler;
 		this.sharedState = (Map<String, Object>) sharedState;
@@ -54,25 +54,25 @@ public class RemoteSessionLoginModule implements LoginModule {
 	public boolean login() throws LoginException {
 		if (callbackHandler == null)
 			return false;
-		RemoteAuthCallback httpCallback = new RemoteAuthCallback();
+		RemoteAuthCallback remoteAuthCallback = new RemoteAuthCallback();
 		try {
-			callbackHandler.handle(new Callback[] { httpCallback });
+			callbackHandler.handle(new Callback[] { remoteAuthCallback });
 		} catch (IOException e) {
 			throw new LoginException("Cannot handle http callback: " + e.getMessage());
 		} catch (UnsupportedCallbackException e) {
 			return false;
 		}
-		request = httpCallback.getRequest();
+		request = remoteAuthCallback.getRequest();
 		if (request == null) {
-			RemoteAuthSession httpSession = httpCallback.getHttpSession();
+			RemoteAuthSession httpSession = remoteAuthCallback.getHttpSession();
 			if (httpSession == null)
 				return false;
 			// TODO factorize with below
 			String httpSessionId = httpSession.getId();
 //			if (log.isTraceEnabled())
 //				log.trace("HTTP login: " + request.getPathInfo() + " #" + httpSessionId);
-			CmsSessionImpl cmsSession = CmsAuthUtils.cmsSessionFromHttpSession(bc, httpSessionId);
-			if (cmsSession != null) {
+			CmsSessionImpl cmsSession = CmsContextImpl.getCmsContext().getCmsSessionByLocalId(httpSessionId);
+			if (cmsSession != null && !cmsSession.isAnonymous()) {
 				authorization = cmsSession.getAuthorization();
 				locale = cmsSession.getLocale();
 				if (log.isTraceEnabled())
@@ -91,8 +91,8 @@ public class RemoteSessionLoginModule implements LoginModule {
 				String httpSessionId = httpSession.getId();
 //				if (log.isTraceEnabled())
 //					log.trace("HTTP login: " + request.getPathInfo() + " #" + httpSessionId);
-				CmsSessionImpl cmsSession = CmsAuthUtils.cmsSessionFromHttpSession(bc, httpSessionId);
-				if (cmsSession != null) {
+				CmsSessionImpl cmsSession = CmsContextImpl.getCmsContext().getCmsSessionByLocalId(httpSessionId);
+				if (cmsSession != null && !cmsSession.isAnonymous()) {
 					authorization = cmsSession.getAuthorization();
 					locale = cmsSession.getLocale();
 					if (log.isTraceEnabled())
@@ -212,7 +212,8 @@ public class RemoteSessionLoginModule implements LoginModule {
 			if (log.isDebugEnabled())
 				log.debug("Client certificate " + certDn + " verified by servlet container");
 		} // Reverse proxy verified the client certificate
-		String clientDnHttpHeader = Activator.getHttpProxySslHeader();
+		String clientDnHttpHeader = CmsStateImpl.getDeployProperty(CmsContextImpl.getCmsContext().getCmsState(),
+				CmsDeployProperty.HTTP_PROXY_SSL_HEADER_DN);
 		if (clientDnHttpHeader != null) {
 			String certDn = req.getHeader(clientDnHttpHeader);
 			// TODO retrieve more cf. https://httpd.apache.org/docs/current/mod/mod_ssl.html