X-Git-Url: https://git.argeo.org/?a=blobdiff_plain;f=org.argeo.cms%2Fsrc%2Forg%2Fargeo%2Fcms%2Finternal%2Fauth%2FCmsSessionImpl.java;h=e78567b07df03ebcbfd44d286f5f8c424ea36615;hb=0bd819f841b28c7eb869362e67cf424a9e99f862;hp=a3670c0cb4b8cbf4313a7a8eea3aa82a26b77b57;hpb=c2366f32052deada7d96f635e86f745f438f094e;p=lgpl%2Fargeo-commons.git diff --git a/org.argeo.cms/src/org/argeo/cms/internal/auth/CmsSessionImpl.java b/org.argeo.cms/src/org/argeo/cms/internal/auth/CmsSessionImpl.java index a3670c0cb..e78567b07 100644 --- a/org.argeo.cms/src/org/argeo/cms/internal/auth/CmsSessionImpl.java +++ b/org.argeo.cms/src/org/argeo/cms/internal/auth/CmsSessionImpl.java @@ -6,34 +6,27 @@ import java.security.AccessController; import java.security.PrivilegedAction; import java.time.ZonedDateTime; import java.util.ArrayList; -import java.util.Collection; import java.util.Collections; import java.util.HashMap; -import java.util.Hashtable; import java.util.List; import java.util.Locale; import java.util.Map; +import java.util.Objects; import java.util.Set; import java.util.UUID; import java.util.function.Consumer; import javax.crypto.SecretKey; -import javax.naming.InvalidNameException; -import javax.naming.ldap.LdapName; import javax.security.auth.Subject; import javax.security.auth.login.LoginContext; import javax.security.auth.login.LoginException; import javax.security.auth.x500.X500Principal; import org.argeo.api.cms.CmsAuth; +import org.argeo.api.cms.CmsConstants; import org.argeo.api.cms.CmsLog; import org.argeo.api.cms.CmsSession; import org.argeo.cms.internal.runtime.CmsContextImpl; -import org.argeo.cms.security.NodeSecurityUtils; -import org.osgi.framework.BundleContext; -import org.osgi.framework.FrameworkUtil; -import org.osgi.framework.InvalidSyntaxException; -import org.osgi.framework.ServiceReference; import org.osgi.framework.ServiceRegistration; import org.osgi.service.useradmin.Authorization; @@ -48,7 +41,8 @@ public class CmsSessionImpl implements CmsSession, Serializable { private final UUID uuid; private final String localSessionId; private Authorization authorization; - private final LdapName userDn; +// private final LdapName userDn; + private final String userDn; private final boolean anonymous; private final ZonedDateTime creationTime; @@ -61,7 +55,10 @@ public class CmsSessionImpl implements CmsSession, Serializable { private List> onCloseCallbacks = Collections.synchronizedList(new ArrayList<>()); - public CmsSessionImpl(Subject initialSubject, Authorization authorization, Locale locale, String localSessionId) { + public CmsSessionImpl(UUID uuid, Subject initialSubject, Authorization authorization, Locale locale, + String localSessionId) { + Objects.requireNonNull(uuid); + this.creationTime = ZonedDateTime.now(); this.locale = locale; this.accessControlContext = Subject.doAs(initialSubject, new PrivilegedAction() { @@ -75,25 +72,14 @@ public class CmsSessionImpl implements CmsSession, Serializable { // this.initialSubject = initialSubject; this.localSessionId = localSessionId; this.authorization = authorization; - if (authorization.getName() != null) - try { - this.userDn = new LdapName(authorization.getName()); - this.anonymous = false; - } catch (InvalidNameException e) { - throw new IllegalArgumentException("Invalid user name " + authorization.getName(), e); - } - else { - this.userDn = NodeSecurityUtils.ROLE_ANONYMOUS_NAME; + if (authorization.getName() != null) { + this.userDn = authorization.getName(); + this.anonymous = false; + } else { + this.userDn = CmsConstants.ROLE_ANONYMOUS; this.anonymous = true; } - // TODO use time-based UUID? - this.uuid = UUID.randomUUID(); - // register as service -// Hashtable props = new Hashtable<>(); -// props.put(CmsSession.USER_DN, userDn.toString()); -// props.put(CmsSession.SESSION_UUID, uuid.toString()); -// props.put(CmsSession.SESSION_LOCAL_ID, localSessionId); -// serviceRegistration = bc.registerService(CmsSession.class, this, props); + this.uuid = uuid; } public void close() { @@ -130,10 +116,10 @@ public class CmsSessionImpl implements CmsSession, Serializable { return Subject.getSubject(accessControlContext); } - public Set getSecretKeys() { - checkValid(); - return getSubject().getPrivateCredentials(SecretKey.class); - } +// public Set getSecretKeys() { +// checkValid(); +// return getSubject().getPrivateCredentials(SecretKey.class); +// } @Override public boolean isValid() { @@ -165,7 +151,7 @@ public class CmsSessionImpl implements CmsSession, Serializable { } @Override - public LdapName getUserDn() { + public String getUserDn() { return userDn; } @@ -210,57 +196,4 @@ public class CmsSessionImpl implements CmsSession, Serializable { public String toString() { return "CMS Session " + userDn + " localId=" + localSessionId + ", uuid=" + uuid; } - -// public static CmsSessionImpl getByLocalId(String localId) { -// Collection> sr; -// try { -// sr = bc.getServiceReferences(CmsSession.class, "(" + CmsSession.SESSION_LOCAL_ID + "=" + localId + ")"); -// } catch (InvalidSyntaxException e) { -// throw new IllegalArgumentException("Cannot get CMS session for id " + localId, e); -// } -// ServiceReference cmsSessionRef; -// if (sr.size() == 1) { -// cmsSessionRef = sr.iterator().next(); -// return (CmsSessionImpl) bc.getService(cmsSessionRef); -// } else if (sr.size() == 0) { -// return null; -// } else -// throw new IllegalStateException(sr.size() + " CMS sessions registered for " + localId); -// -// } -// -// public static CmsSessionImpl getByUuid(Object uuid) { -// Collection> sr; -// try { -// sr = bc.getServiceReferences(CmsSession.class, "(" + CmsSession.SESSION_UUID + "=" + uuid + ")"); -// } catch (InvalidSyntaxException e) { -// throw new IllegalArgumentException("Cannot get CMS session for uuid " + uuid, e); -// } -// ServiceReference cmsSessionRef; -// if (sr.size() == 1) { -// cmsSessionRef = sr.iterator().next(); -// return (CmsSessionImpl) bc.getService(cmsSessionRef); -// } else if (sr.size() == 0) { -// return null; -// } else -// throw new IllegalStateException(sr.size() + " CMS sessions registered for " + uuid); -// -// } -// -// public static void closeInvalidSessions() { -// Collection> srs; -// try { -// srs = bc.getServiceReferences(CmsSession.class, null); -// for (ServiceReference sr : srs) { -// CmsSession cmsSession = bc.getService(sr); -// if (!cmsSession.isValid()) { -// ((CmsSessionImpl) cmsSession).close(); -// if (log.isDebugEnabled()) -// log.debug("Closed expired CMS session " + cmsSession); -// } -// } -// } catch (InvalidSyntaxException e) { -// throw new IllegalArgumentException("Cannot get CMS sessions", e); -// } -// } }