X-Git-Url: https://git.argeo.org/?a=blobdiff_plain;f=org.argeo.cms%2Fsrc%2Forg%2Fargeo%2Fcms%2Fauth%2FRemoteSessionLoginModule.java;h=b5734afd3221957b1fe80a7ef82ffc21f3090993;hb=c2366f32052deada7d96f635e86f745f438f094e;hp=4d3617eefc4150e01fdc07075b87d61ae03ce252;hpb=b71546ddc74d6ca49d252806aafd491c75dfe1fb;p=lgpl%2Fargeo-commons.git diff --git a/org.argeo.cms/src/org/argeo/cms/auth/RemoteSessionLoginModule.java b/org.argeo.cms/src/org/argeo/cms/auth/RemoteSessionLoginModule.java index 4d3617eef..b5734afd3 100644 --- a/org.argeo.cms/src/org/argeo/cms/auth/RemoteSessionLoginModule.java +++ b/org.argeo.cms/src/org/argeo/cms/auth/RemoteSessionLoginModule.java @@ -14,11 +14,11 @@ import javax.security.auth.callback.UnsupportedCallbackException; import javax.security.auth.login.LoginException; import javax.security.auth.spi.LoginModule; +import org.argeo.api.cms.CmsConstants; import org.argeo.api.cms.CmsLog; import org.argeo.cms.internal.auth.CmsSessionImpl; -import org.argeo.cms.internal.kernel.Activator; -import org.osgi.framework.BundleContext; -import org.osgi.framework.FrameworkUtil; +import org.argeo.cms.internal.runtime.CmsContextImpl; +import org.argeo.cms.internal.runtime.KernelUtils; import org.osgi.service.http.HttpContext; import org.osgi.service.useradmin.Authorization; @@ -33,7 +33,7 @@ public class RemoteSessionLoginModule implements LoginModule { private RemoteAuthRequest request = null; private RemoteAuthResponse response = null; - private BundleContext bc; +// private BundleContext bc; private Authorization authorization; private Locale locale; @@ -42,8 +42,8 @@ public class RemoteSessionLoginModule implements LoginModule { @Override public void initialize(Subject subject, CallbackHandler callbackHandler, Map sharedState, Map options) { - bc = FrameworkUtil.getBundle(RemoteSessionLoginModule.class).getBundleContext(); - assert bc != null; +// bc = FrameworkUtil.getBundle(RemoteSessionLoginModule.class).getBundleContext(); +// assert bc != null; this.subject = subject; this.callbackHandler = callbackHandler; this.sharedState = (Map) sharedState; @@ -70,8 +70,8 @@ public class RemoteSessionLoginModule implements LoginModule { String httpSessionId = httpSession.getId(); // if (log.isTraceEnabled()) // log.trace("HTTP login: " + request.getPathInfo() + " #" + httpSessionId); - CmsSessionImpl cmsSession = CmsAuthUtils.cmsSessionFromHttpSession(bc, httpSessionId); - if (cmsSession != null) { + CmsSessionImpl cmsSession = CmsContextImpl.getCmsContext().getCmsSessionByLocalId(httpSessionId); + if (cmsSession != null && !cmsSession.isAnonymous()) { authorization = cmsSession.getAuthorization(); locale = cmsSession.getLocale(); if (log.isTraceEnabled()) @@ -90,8 +90,8 @@ public class RemoteSessionLoginModule implements LoginModule { String httpSessionId = httpSession.getId(); // if (log.isTraceEnabled()) // log.trace("HTTP login: " + request.getPathInfo() + " #" + httpSessionId); - CmsSessionImpl cmsSession = CmsAuthUtils.cmsSessionFromHttpSession(bc, httpSessionId); - if (cmsSession != null) { + CmsSessionImpl cmsSession = CmsContextImpl.getCmsContext().getCmsSessionByLocalId(httpSessionId); + if (cmsSession != null && !cmsSession.isAnonymous()) { authorization = cmsSession.getAuthorization(); locale = cmsSession.getLocale(); if (log.isTraceEnabled()) @@ -211,7 +211,7 @@ public class RemoteSessionLoginModule implements LoginModule { if (log.isDebugEnabled()) log.debug("Client certificate " + certDn + " verified by servlet container"); } // Reverse proxy verified the client certificate - String clientDnHttpHeader = Activator.getHttpProxySslHeader(); + String clientDnHttpHeader = KernelUtils.getFrameworkProp(CmsConstants.HTTP_PROXY_SSL_DN); if (clientDnHttpHeader != null) { String certDn = req.getHeader(clientDnHttpHeader); // TODO retrieve more cf. https://httpd.apache.org/docs/current/mod/mod_ssl.html