X-Git-Url: https://git.argeo.org/?a=blobdiff_plain;f=org.argeo.cms%2Fsrc%2Forg%2Fargeo%2Fcms%2Finternal%2Fkernel%2FKernel.java;h=67f0c3737caab318e3acd0c8a28d0e207ffe0760;hb=f7944a8accf7b9cfc3cffe6e6f5c611cd48f592c;hp=c63184a2435d189f314ebc57319dfabb4469b11b;hpb=35904a4a72fe8a4908c345f73856711c7b4c472c;p=lgpl%2Fargeo-commons.git diff --git a/org.argeo.cms/src/org/argeo/cms/internal/kernel/Kernel.java b/org.argeo.cms/src/org/argeo/cms/internal/kernel/Kernel.java index c63184a24..67f0c3737 100644 --- a/org.argeo.cms/src/org/argeo/cms/internal/kernel/Kernel.java +++ b/org.argeo.cms/src/org/argeo/cms/internal/kernel/Kernel.java @@ -1,17 +1,23 @@ package org.argeo.cms.internal.kernel; import java.lang.management.ManagementFactory; +import java.net.URL; +import java.security.PrivilegedAction; import java.util.HashMap; import java.util.Map; import javax.jcr.Repository; import javax.jcr.RepositoryFactory; +import javax.security.auth.Subject; +import javax.security.auth.login.LoginContext; +import javax.security.auth.login.LoginException; import org.apache.commons.logging.Log; import org.apache.commons.logging.LogFactory; import org.apache.jackrabbit.util.TransientFileFactory; import org.argeo.ArgeoException; import org.argeo.cms.CmsException; +import org.argeo.cms.KernelHeader; import org.argeo.jackrabbit.OsgiJackrabbitRepositoryFactory; import org.argeo.jcr.ArgeoJcrConstants; import org.argeo.security.core.InternalAuthentication; @@ -39,12 +45,42 @@ final class Kernel implements ServiceListener { private final BundleContext bundleContext = Activator.getBundleContext(); - private JackrabbitNode node; - private OsgiJackrabbitRepositoryFactory repositoryFactory; - private NodeSecurity nodeSecurity; - private NodeHttp nodeHttp; + ThreadGroup threadGroup = new ThreadGroup(Kernel.class.getSimpleName()); + JackrabbitNode node; + OsgiJackrabbitRepositoryFactory repositoryFactory; + NodeSecurity nodeSecurity; + NodeHttp nodeHttp; + private KernelThread kernelThread; - void init() { + private final Subject kernelSubject = new Subject(); + + public Kernel() { + URL url = getClass().getClassLoader().getResource( + KernelConstants.JAAS_CONFIG); + System.setProperty("java.security.auth.login.config", + url.toExternalForm()); + try { + LoginContext kernelLc = new LoginContext( + KernelHeader.LOGIN_CONTEXT_SYSTEM, kernelSubject); + kernelLc.login(); + } catch (LoginException e) { + throw new CmsException("Cannot log in kernel", e); + } + } + + final void init() { + Subject.doAs(kernelSubject, new PrivilegedAction() { + + @Override + public Void run() { + doInit(); + return null; + } + + }); + } + + private void doInit() { ClassLoader currentContextCl = Thread.currentThread() .getContextClassLoader(); Thread.currentThread().setContextClassLoader( @@ -68,6 +104,11 @@ final class Kernel implements ServiceListener { ExtendedHttpService httpService = waitForHttpService(); nodeHttp = new NodeHttp(httpService, node, nodeSecurity); + // Kernel thread + kernelThread = new KernelThread(this); + kernelThread.setContextClassLoader(Kernel.class.getClassLoader()); + kernelThread.start(); + // Publish services to OSGi nodeSecurity.publish(); node.publish(repositoryFactory); @@ -94,6 +135,8 @@ final class Kernel implements ServiceListener { void destroy() { long begin = System.currentTimeMillis(); + kernelThread.destroyAndJoin(); + if (nodeHttp != null) nodeHttp.destroy(); if (nodeSecurity != null) @@ -106,6 +149,14 @@ final class Kernel implements ServiceListener { // Clean hanging threads from Jackrabbit TransientFileFactory.shutdown(); + try { + LoginContext kernelLc = new LoginContext( + KernelHeader.LOGIN_CONTEXT_SYSTEM, kernelSubject); + kernelLc.logout(); + } catch (LoginException e) { + throw new CmsException("Cannot log in kernel", e); + } + long duration = System.currentTimeMillis() - begin; log.info("## ARGEO CMS DOWN in " + (duration / 1000) + "." + (duration % 1000) + "s ##");