X-Git-Url: https://git.argeo.org/?a=blobdiff_plain;f=org.argeo.cms%2Fsrc%2Forg%2Fargeo%2Fcms%2Finternal%2Fhttp%2FCmsAuthenticator.java;h=caa7810098e30d012e02202944b9a52d388d15c3;hb=c9100383d67d1be4c5797f084169a3faf513f5fb;hp=164e9b9b2b24245f913773796d661fc362409a63;hpb=6254373e6005cf77f218ab5b8c54fdc72bb97ca4;p=lgpl%2Fargeo-commons.git diff --git a/org.argeo.cms/src/org/argeo/cms/internal/http/CmsAuthenticator.java b/org.argeo.cms/src/org/argeo/cms/internal/http/CmsAuthenticator.java index 164e9b9b2..caa781009 100644 --- a/org.argeo.cms/src/org/argeo/cms/internal/http/CmsAuthenticator.java +++ b/org.argeo.cms/src/org/argeo/cms/internal/http/CmsAuthenticator.java @@ -15,20 +15,14 @@ import com.sun.net.httpserver.Authenticator; import com.sun.net.httpserver.HttpExchange; import com.sun.net.httpserver.HttpPrincipal; +/** An {@link Authenticator} implementation based on CMS authentication. */ public class CmsAuthenticator extends Authenticator { -// final static String HEADER_AUTHORIZATION = "Authorization"; -// final static String HEADER_WWW_AUTHENTICATE = "WWW-Authenticate"; - -// private final static CmsLog log = CmsLog.getLog(CmsAuthenticator.class); - // TODO make it configurable private final String httpAuthRealm = "Argeo"; private final boolean forceBasic = false; @Override public Result authenticate(HttpExchange exch) { -// if (log.isTraceEnabled()) -// HttpUtils.logRequestHeaders(log, request); RemoteAuthHttpExchange remoteAuthExchange = new RemoteAuthHttpExchange(exch); ClassLoader currentThreadContextClassLoader = Thread.currentThread().getContextClassLoader(); Thread.currentThread().setContextClassLoader(CmsAuthenticator.class.getClassLoader()); @@ -53,20 +47,6 @@ public class CmsAuthenticator extends Authenticator { Subject subject = lc.getSubject(); -// CurrentSubject.callAs(subject, () -> { -// RemoteAuthUtils.configureRequestSecurity(remoteAuthExchange); -// return null; -// }); -// Subject.doAs(subject, new PrivilegedAction() { -// -// @Override -// public Void run() { -// // TODO also set login context in order to log out ? -// RemoteAuthUtils.configureRequestSecurity(new ServletHttpRequest(request)); -// return null; -// } -// -// }); String username = CurrentUser.getUsername(subject); HttpPrincipal httpPrincipal = new HttpPrincipal(username, httpAuthRealm); return new Authenticator.Success(httpPrincipal);