X-Git-Url: https://git.argeo.org/?a=blobdiff_plain;f=org.argeo.cms%2Fsrc%2Forg%2Fargeo%2Fcms%2Fauth%2FUserAdminLoginModule.java;h=278321c24480de4c08db1debab26301701672d14;hb=54df376a9c2dd458a82eaa09bfbb718fe699dd0d;hp=4c9d094802026535e7525e543eab1494af113f9c;hpb=6254373e6005cf77f218ab5b8c54fdc72bb97ca4;p=lgpl%2Fargeo-commons.git diff --git a/org.argeo.cms/src/org/argeo/cms/auth/UserAdminLoginModule.java b/org.argeo.cms/src/org/argeo/cms/auth/UserAdminLoginModule.java index 4c9d09480..278321c24 100644 --- a/org.argeo.cms/src/org/argeo/cms/auth/UserAdminLoginModule.java +++ b/org.argeo.cms/src/org/argeo/cms/auth/UserAdminLoginModule.java @@ -1,6 +1,6 @@ package org.argeo.cms.auth; -import static org.argeo.util.naming.LdapAttrs.cn; +import static org.argeo.api.acr.ldap.LdapAttrs.cn; import java.io.IOException; import java.security.PrivilegedAction; @@ -24,17 +24,13 @@ import javax.security.auth.login.CredentialNotFoundException; import javax.security.auth.login.LoginException; import javax.security.auth.spi.LoginModule; +import org.argeo.api.acr.ldap.LdapAttrs; import org.argeo.api.cms.CmsConstants; import org.argeo.api.cms.CmsLog; +import org.argeo.cms.directory.ldap.IpaUtils; import org.argeo.cms.internal.runtime.CmsContextImpl; -import org.argeo.cms.security.CryptoKeyring; -import org.argeo.osgi.useradmin.AuthenticatingUser; -import org.argeo.osgi.useradmin.TokenUtils; -import org.argeo.util.directory.ldap.IpaUtils; -import org.argeo.util.naming.LdapAttrs; -import org.osgi.framework.BundleContext; -import org.osgi.framework.FrameworkUtil; -import org.osgi.framework.ServiceReference; +import org.argeo.cms.osgi.useradmin.AuthenticatingUser; +import org.argeo.cms.osgi.useradmin.TokenUtils; import org.osgi.service.useradmin.Authorization; import org.osgi.service.useradmin.Group; import org.osgi.service.useradmin.User; @@ -55,7 +51,7 @@ public class UserAdminLoginModule implements LoginModule { LdapAttrs.uid.name(), LdapAttrs.employeeNumber.name(), LdapAttrs.authPassword.name() }); // private state - private BundleContext bc; +// private BundleContext bc; private User authenticatedUser = null; private Locale locale; @@ -69,7 +65,7 @@ public class UserAdminLoginModule implements LoginModule { Map options) { this.subject = subject; try { - bc = FrameworkUtil.getBundle(UserAdminLoginModule.class).getBundleContext(); +// bc = FrameworkUtil.getBundle(UserAdminLoginModule.class).getBundleContext(); this.callbackHandler = callbackHandler; this.sharedState = (Map) sharedState; } catch (Exception e) { @@ -248,28 +244,28 @@ public class UserAdminLoginModule implements LoginModule { CmsAuthUtils.addAuthorization(subject, authorization); // Unlock keyring (underlying login to the JCR repository) - char[] password = (char[]) sharedState.get(CmsAuthUtils.SHARED_STATE_PWD); - if (password != null) { - ServiceReference keyringSr = bc.getServiceReference(CryptoKeyring.class); - if (keyringSr != null) { - CryptoKeyring keyring = bc.getService(keyringSr); - Subject.doAs(subject, new PrivilegedAction() { - - @Override - public Void run() { - try { - keyring.unlock(password); - } catch (Exception e) { - e.printStackTrace(); - log.warn("Could not unlock keyring with the password provided by " + authorization.getName() - + ": " + e.getMessage()); - } - return null; - } - - }); - } - } +// char[] password = (char[]) sharedState.get(CmsAuthUtils.SHARED_STATE_PWD); +// if (password != null) { +// ServiceReference keyringSr = bc.getServiceReference(CryptoKeyring.class); +// if (keyringSr != null) { +// CryptoKeyring keyring = bc.getService(keyringSr); +// Subject.doAs(subject, new PrivilegedAction() { +// +// @Override +// public Void run() { +// try { +// keyring.unlock(password); +// } catch (Exception e) { +// e.printStackTrace(); +// log.warn("Could not unlock keyring with the password provided by " + authorization.getName() +// + ": " + e.getMessage()); +// } +// return null; +// } +// +// }); +// } +// } // Register CmsSession with initial subject CmsAuthUtils.registerSessionAuthorization(request, subject, authorization, locale);