X-Git-Url: https://git.argeo.org/?a=blobdiff_plain;f=org.argeo.cms%2Fsrc%2Forg%2Fargeo%2Fcms%2Fauth%2FRemoteSessionLoginModule.java;h=d801b5e57978aed234b519c0a657e9d2861fd240;hb=0bd819f841b28c7eb869362e67cf424a9e99f862;hp=8f05096906e12d613cd77343c120a0235d4765b2;hpb=4e548693acc16f97b74eaaa95d6841054a172b85;p=lgpl%2Fargeo-commons.git

diff --git a/org.argeo.cms/src/org/argeo/cms/auth/RemoteSessionLoginModule.java b/org.argeo.cms/src/org/argeo/cms/auth/RemoteSessionLoginModule.java
index 8f0509690..d801b5e57 100644
--- a/org.argeo.cms/src/org/argeo/cms/auth/RemoteSessionLoginModule.java
+++ b/org.argeo.cms/src/org/argeo/cms/auth/RemoteSessionLoginModule.java
@@ -19,6 +19,7 @@ import org.argeo.cms.CmsDeployProperty;
 import org.argeo.cms.internal.auth.CmsSessionImpl;
 import org.argeo.cms.internal.runtime.CmsContextImpl;
 import org.argeo.cms.internal.runtime.CmsStateImpl;
+import org.argeo.util.http.HttpHeader;
 import org.osgi.service.useradmin.Authorization;
 
 /** Use the HTTP session as the basis for authentication. */
@@ -32,8 +33,6 @@ public class RemoteSessionLoginModule implements LoginModule {
 	private RemoteAuthRequest request = null;
 	private RemoteAuthResponse response = null;
 
-//	private BundleContext bc;
-
 	private Authorization authorization;
 	private Locale locale;
 
@@ -41,8 +40,6 @@ public class RemoteSessionLoginModule implements LoginModule {
 	@Override
 	public void initialize(Subject subject, CallbackHandler callbackHandler, Map<String, ?> sharedState,
 			Map<String, ?> options) {
-//		bc = FrameworkUtil.getBundle(RemoteSessionLoginModule.class).getBundleContext();
-//		assert bc != null;
 		this.subject = subject;
 		this.callbackHandler = callbackHandler;
 		this.sharedState = (Map<String, Object>) sharedState;
@@ -117,7 +114,7 @@ public class RemoteSessionLoginModule implements LoginModule {
 	public boolean commit() throws LoginException {
 		byte[] outToken = (byte[]) sharedState.get(CmsAuthUtils.SHARED_STATE_SPNEGO_OUT_TOKEN);
 		if (outToken != null) {
-			response.setHeader(CmsAuthUtils.HEADER_WWW_AUTHENTICATE,
+			response.setHeader(HttpHeader.WWW_AUTHENTICATE.getName(),
 					"Negotiate " + java.util.Base64.getEncoder().encodeToString(outToken));
 		}
 
@@ -155,7 +152,7 @@ public class RemoteSessionLoginModule implements LoginModule {
 	}
 
 	private void extractHttpAuth(final RemoteAuthRequest httpRequest) {
-		String authHeader = httpRequest.getHeader(CmsAuthUtils.HEADER_AUTHORIZATION);
+		String authHeader = httpRequest.getHeader(HttpHeader.AUTHORIZATION.getName());
 		extractHttpAuth(authHeader);
 	}
 
@@ -164,7 +161,7 @@ public class RemoteSessionLoginModule implements LoginModule {
 			StringTokenizer st = new StringTokenizer(authHeader);
 			if (st.hasMoreTokens()) {
 				String basic = st.nextToken();
-				if (basic.equalsIgnoreCase("Basic")) {
+				if (basic.equalsIgnoreCase(HttpHeader.BASIC)) {
 					try {
 						// TODO manipulate char[]
 						Base64.Decoder decoder = Base64.getDecoder();
@@ -182,7 +179,7 @@ public class RemoteSessionLoginModule implements LoginModule {
 					} catch (Exception e) {
 						throw new IllegalStateException("Couldn't retrieve authentication", e);
 					}
-				} else if (basic.equalsIgnoreCase("Negotiate")) {
+				} else if (basic.equalsIgnoreCase(HttpHeader.NEGOTIATE)) {
 					String spnegoToken = st.nextToken();
 					Base64.Decoder decoder = Base64.getDecoder();
 					byte[] authToken = decoder.decode(spnegoToken);