X-Git-Url: https://git.argeo.org/?a=blobdiff_plain;f=org.argeo.cms%2Fsrc%2Forg%2Fargeo%2Fcms%2Fauth%2FRemoteSessionLoginModule.java;h=d801b5e57978aed234b519c0a657e9d2861fd240;hb=0bd819f841b28c7eb869362e67cf424a9e99f862;hp=05c5cf4422de810d817e3c919b4cfd66ee96b9de;hpb=4d675e1c871cfd8e4481e03cd496ab975b8b367d;p=lgpl%2Fargeo-commons.git

diff --git a/org.argeo.cms/src/org/argeo/cms/auth/RemoteSessionLoginModule.java b/org.argeo.cms/src/org/argeo/cms/auth/RemoteSessionLoginModule.java
index 05c5cf442..d801b5e57 100644
--- a/org.argeo.cms/src/org/argeo/cms/auth/RemoteSessionLoginModule.java
+++ b/org.argeo.cms/src/org/argeo/cms/auth/RemoteSessionLoginModule.java
@@ -14,11 +14,12 @@ import javax.security.auth.callback.UnsupportedCallbackException;
 import javax.security.auth.login.LoginException;
 import javax.security.auth.spi.LoginModule;
 
-import org.argeo.api.cms.CmsConstants;
 import org.argeo.api.cms.CmsLog;
+import org.argeo.cms.CmsDeployProperty;
 import org.argeo.cms.internal.auth.CmsSessionImpl;
 import org.argeo.cms.internal.runtime.CmsContextImpl;
-import org.osgi.service.http.HttpContext;
+import org.argeo.cms.internal.runtime.CmsStateImpl;
+import org.argeo.util.http.HttpHeader;
 import org.osgi.service.useradmin.Authorization;
 
 /** Use the HTTP session as the basis for authentication. */
@@ -32,8 +33,6 @@ public class RemoteSessionLoginModule implements LoginModule {
 	private RemoteAuthRequest request = null;
 	private RemoteAuthResponse response = null;
 
-//	private BundleContext bc;
-
 	private Authorization authorization;
 	private Locale locale;
 
@@ -41,8 +40,6 @@ public class RemoteSessionLoginModule implements LoginModule {
 	@Override
 	public void initialize(Subject subject, CallbackHandler callbackHandler, Map<String, ?> sharedState,
 			Map<String, ?> options) {
-//		bc = FrameworkUtil.getBundle(RemoteSessionLoginModule.class).getBundleContext();
-//		assert bc != null;
 		this.subject = subject;
 		this.callbackHandler = callbackHandler;
 		this.sharedState = (Map<String, Object>) sharedState;
@@ -77,7 +74,7 @@ public class RemoteSessionLoginModule implements LoginModule {
 					log.trace("Retrieved authorization from " + cmsSession);
 			}
 		} else {
-			authorization = (Authorization) request.getAttribute(HttpContext.AUTHORIZATION);
+			authorization = (Authorization) request.getAttribute(RemoteAuthRequest.AUTHORIZATION);
 			if (authorization == null) {// search by session ID
 				RemoteAuthSession httpSession = request.getSession();
 				if (httpSession == null) {
@@ -108,7 +105,7 @@ public class RemoteSessionLoginModule implements LoginModule {
 		} else {
 			if (log.isTraceEnabled())
 				log.trace("HTTP login: " + true);
-			request.setAttribute(HttpContext.AUTHORIZATION, authorization);
+			request.setAttribute(RemoteAuthRequest.AUTHORIZATION, authorization);
 			return true;
 		}
 	}
@@ -117,7 +114,7 @@ public class RemoteSessionLoginModule implements LoginModule {
 	public boolean commit() throws LoginException {
 		byte[] outToken = (byte[]) sharedState.get(CmsAuthUtils.SHARED_STATE_SPNEGO_OUT_TOKEN);
 		if (outToken != null) {
-			response.setHeader(CmsAuthUtils.HEADER_WWW_AUTHENTICATE,
+			response.setHeader(HttpHeader.WWW_AUTHENTICATE.getName(),
 					"Negotiate " + java.util.Base64.getEncoder().encodeToString(outToken));
 		}
 
@@ -155,7 +152,7 @@ public class RemoteSessionLoginModule implements LoginModule {
 	}
 
 	private void extractHttpAuth(final RemoteAuthRequest httpRequest) {
-		String authHeader = httpRequest.getHeader(CmsAuthUtils.HEADER_AUTHORIZATION);
+		String authHeader = httpRequest.getHeader(HttpHeader.AUTHORIZATION.getName());
 		extractHttpAuth(authHeader);
 	}
 
@@ -164,7 +161,7 @@ public class RemoteSessionLoginModule implements LoginModule {
 			StringTokenizer st = new StringTokenizer(authHeader);
 			if (st.hasMoreTokens()) {
 				String basic = st.nextToken();
-				if (basic.equalsIgnoreCase("Basic")) {
+				if (basic.equalsIgnoreCase(HttpHeader.BASIC)) {
 					try {
 						// TODO manipulate char[]
 						Base64.Decoder decoder = Base64.getDecoder();
@@ -182,7 +179,7 @@ public class RemoteSessionLoginModule implements LoginModule {
 					} catch (Exception e) {
 						throw new IllegalStateException("Couldn't retrieve authentication", e);
 					}
-				} else if (basic.equalsIgnoreCase("Negotiate")) {
+				} else if (basic.equalsIgnoreCase(HttpHeader.NEGOTIATE)) {
 					String spnegoToken = st.nextToken();
 					Base64.Decoder decoder = Base64.getDecoder();
 					byte[] authToken = decoder.decode(spnegoToken);
@@ -210,8 +207,8 @@ public class RemoteSessionLoginModule implements LoginModule {
 			if (log.isDebugEnabled())
 				log.debug("Client certificate " + certDn + " verified by servlet container");
 		} // Reverse proxy verified the client certificate
-		String clientDnHttpHeader = CmsContextImpl.getCmsContext().getCmsState()
-				.getDeployProperty(CmsConstants.HTTP_PROXY_SSL_DN);
+		String clientDnHttpHeader = CmsStateImpl.getDeployProperty(CmsContextImpl.getCmsContext().getCmsState(),
+				CmsDeployProperty.HTTP_PROXY_SSL_HEADER_DN);
 		if (clientDnHttpHeader != null) {
 			String certDn = req.getHeader(clientDnHttpHeader);
 			// TODO retrieve more cf. https://httpd.apache.org/docs/current/mod/mod_ssl.html