X-Git-Url: https://git.argeo.org/?a=blobdiff_plain;f=org.argeo.cms%2Fsrc%2Forg%2Fargeo%2Fcms%2Finternal%2Fhttp%2FCmsAuthenticator.java;h=164e9b9b2b24245f913773796d661fc362409a63;hb=138e686fbf65683c3c94a52f1cfbaf8e02362e19;hp=61d2d306604e950ea83e66f207d100216584bec2;hpb=c2eb0b8ebd1c9df4923f5fb2298a4ae04237f65d;p=lgpl%2Fargeo-commons.git diff --git a/org.argeo.cms/src/org/argeo/cms/internal/http/CmsAuthenticator.java b/org.argeo.cms/src/org/argeo/cms/internal/http/CmsAuthenticator.java index 61d2d3066..164e9b9b2 100644 --- a/org.argeo.cms/src/org/argeo/cms/internal/http/CmsAuthenticator.java +++ b/org.argeo.cms/src/org/argeo/cms/internal/http/CmsAuthenticator.java @@ -5,13 +5,11 @@ import javax.security.auth.login.LoginContext; import javax.security.auth.login.LoginException; import org.argeo.api.cms.CmsAuth; -import org.argeo.api.cms.CmsLog; import org.argeo.cms.auth.CurrentUser; import org.argeo.cms.auth.RemoteAuthCallbackHandler; import org.argeo.cms.auth.RemoteAuthRequest; import org.argeo.cms.auth.RemoteAuthResponse; import org.argeo.cms.auth.RemoteAuthUtils; -import org.argeo.util.CurrentSubject; import com.sun.net.httpserver.Authenticator; import com.sun.net.httpserver.HttpExchange; @@ -21,7 +19,7 @@ public class CmsAuthenticator extends Authenticator { // final static String HEADER_AUTHORIZATION = "Authorization"; // final static String HEADER_WWW_AUTHENTICATE = "WWW-Authenticate"; - private final static CmsLog log = CmsLog.getLog(CmsAuthenticator.class); +// private final static CmsLog log = CmsLog.getLog(CmsAuthenticator.class); // TODO make it configurable private final String httpAuthRealm = "Argeo"; @@ -39,9 +37,9 @@ public class CmsAuthenticator extends Authenticator { lc = CmsAuth.USER.newLoginContext(new RemoteAuthCallbackHandler(remoteAuthExchange, remoteAuthExchange)); lc.login(); } catch (LoginException e) { - // FIXME better analyse failure so as not to try endlessly - if (authIsRequired(remoteAuthExchange,remoteAuthExchange)) { - int statusCode = RemoteAuthUtils.askForWwwAuth(remoteAuthExchange, httpAuthRealm, forceBasic); + if (authIsRequired(remoteAuthExchange, remoteAuthExchange)) { + int statusCode = RemoteAuthUtils.askForWwwAuth(remoteAuthExchange, remoteAuthExchange, httpAuthRealm, + forceBasic); return new Authenticator.Retry(statusCode); } else { @@ -55,10 +53,10 @@ public class CmsAuthenticator extends Authenticator { Subject subject = lc.getSubject(); - CurrentSubject.callAs(subject, () -> { - RemoteAuthUtils.configureRequestSecurity(remoteAuthExchange); - return null; - }); +// CurrentSubject.callAs(subject, () -> { +// RemoteAuthUtils.configureRequestSecurity(remoteAuthExchange); +// return null; +// }); // Subject.doAs(subject, new PrivilegedAction() { // // @Override @@ -74,8 +72,7 @@ public class CmsAuthenticator extends Authenticator { return new Authenticator.Success(httpPrincipal); } - protected boolean authIsRequired(RemoteAuthRequest remoteAuthRequest, - RemoteAuthResponse remoteAuthResponse) { + protected boolean authIsRequired(RemoteAuthRequest remoteAuthRequest, RemoteAuthResponse remoteAuthResponse) { return true; }