X-Git-Url: https://git.argeo.org/?a=blobdiff_plain;f=org.argeo.cms%2Fsrc%2Forg%2Fargeo%2Fcms%2Finternal%2Fhttp%2FCmsAuthenticator.java;h=a66a7397ec790cb9ed96f693d19dbb62d860cfa9;hb=592f9df9d821a36868d3d49f87c1b848867e3e89;hp=5d96244d8ed4cdb1cbb9e77e8346f2168e430af3;hpb=5b6b49fa655c7b3ae3dcc06d6c504e3d0225684f;p=lgpl%2Fargeo-commons.git diff --git a/org.argeo.cms/src/org/argeo/cms/internal/http/CmsAuthenticator.java b/org.argeo.cms/src/org/argeo/cms/internal/http/CmsAuthenticator.java index 5d96244d8..a66a7397e 100644 --- a/org.argeo.cms/src/org/argeo/cms/internal/http/CmsAuthenticator.java +++ b/org.argeo.cms/src/org/argeo/cms/internal/http/CmsAuthenticator.java @@ -5,11 +5,12 @@ import javax.security.auth.login.LoginContext; import javax.security.auth.login.LoginException; import org.argeo.api.cms.CmsAuth; -import org.argeo.cms.auth.CurrentUser; +import org.argeo.cms.CurrentUser; import org.argeo.cms.auth.RemoteAuthCallbackHandler; import org.argeo.cms.auth.RemoteAuthRequest; import org.argeo.cms.auth.RemoteAuthResponse; import org.argeo.cms.auth.RemoteAuthUtils; +import org.argeo.cms.http.RemoteAuthHttpExchange; import com.sun.net.httpserver.Authenticator; import com.sun.net.httpserver.HttpExchange; @@ -23,8 +24,6 @@ public class CmsAuthenticator extends Authenticator { @Override public Result authenticate(HttpExchange exch) { -// if (log.isTraceEnabled()) -// HttpUtils.logRequestHeaders(log, request); RemoteAuthHttpExchange remoteAuthExchange = new RemoteAuthHttpExchange(exch); ClassLoader currentThreadContextClassLoader = Thread.currentThread().getContextClassLoader(); Thread.currentThread().setContextClassLoader(CmsAuthenticator.class.getClassLoader()); @@ -49,20 +48,6 @@ public class CmsAuthenticator extends Authenticator { Subject subject = lc.getSubject(); -// CurrentSubject.callAs(subject, () -> { -// RemoteAuthUtils.configureRequestSecurity(remoteAuthExchange); -// return null; -// }); -// Subject.doAs(subject, new PrivilegedAction() { -// -// @Override -// public Void run() { -// // TODO also set login context in order to log out ? -// RemoteAuthUtils.configureRequestSecurity(new ServletHttpRequest(request)); -// return null; -// } -// -// }); String username = CurrentUser.getUsername(subject); HttpPrincipal httpPrincipal = new HttpPrincipal(username, httpAuthRealm); return new Authenticator.Success(httpPrincipal);