X-Git-Url: https://git.argeo.org/?a=blobdiff_plain;f=org.argeo.cms%2Fsrc%2Forg%2Fargeo%2Fcms%2Finternal%2Fkernel%2FKernelUtils.java;h=1d7e0868e1e6102bce439f7d7ad31fb3c3aec64a;hb=a4a78ecbc3cfd119477264534c7d0cab541ae6ad;hp=0a9e6c53e44a2c24d7b438b526ce15ddda5f8214;hpb=2c6cfdaa28c8108817155d724b87bbbfd0392c7c;p=lgpl%2Fargeo-commons.git

diff --git a/org.argeo.cms/src/org/argeo/cms/internal/kernel/KernelUtils.java b/org.argeo.cms/src/org/argeo/cms/internal/kernel/KernelUtils.java
index 0a9e6c53e..1d7e0868e 100644
--- a/org.argeo.cms/src/org/argeo/cms/internal/kernel/KernelUtils.java
+++ b/org.argeo.cms/src/org/argeo/cms/internal/kernel/KernelUtils.java
@@ -2,29 +2,25 @@ package org.argeo.cms.internal.kernel;
 
 import java.io.File;
 import java.io.IOException;
-import java.util.Collections;
+import java.net.URI;
 import java.util.Dictionary;
 import java.util.Enumeration;
 import java.util.Hashtable;
-import java.util.List;
 import java.util.Properties;
 
+import javax.security.auth.Subject;
+import javax.security.auth.login.LoginContext;
+import javax.security.auth.login.LoginException;
 import javax.servlet.http.HttpServletRequest;
 
 import org.apache.commons.logging.Log;
 import org.argeo.cms.CmsException;
 import org.argeo.cms.KernelHeader;
-import org.argeo.cms.internal.auth.GrantedAuthorityPrincipal;
-import org.springframework.security.authentication.AnonymousAuthenticationToken;
-import org.springframework.security.authentication.AuthenticationManager;
-import org.springframework.security.core.Authentication;
-import org.springframework.security.core.context.SecurityContextHolder;
-import org.springframework.security.core.userdetails.User;
-import org.springframework.security.core.userdetails.UserDetails;
 
 /** Package utilities */
 class KernelUtils implements KernelConstants {
 	private final static String OSGI_INSTANCE_AREA = "osgi.instance.area";
+	private final static String OSGI_CONFIGURATION_AREA = "osgi.configuration.area";
 
 	static Dictionary<String, ?> asDictionary(Properties props) {
 		Hashtable<String, Object> hashtable = new Hashtable<String, Object>();
@@ -51,6 +47,17 @@ class KernelUtils implements KernelConstants {
 				.getAbsoluteFile();
 	}
 
+	static File getOsgiConfigurationFile(String relativePath) {
+		try {
+			return new File(new URI(Activator.getBundleContext().getProperty(
+					OSGI_CONFIGURATION_AREA)
+					+ relativePath)).getCanonicalFile();
+		} catch (Exception e) {
+			throw new CmsException("Cannot get configuration file for "
+					+ relativePath, e);
+		}
+	}
+
 	static String getFrameworkProp(String key, String def) {
 		String value = Activator.getBundleContext().getProperty(key);
 		if (value == null)
@@ -63,24 +70,38 @@ class KernelUtils implements KernelConstants {
 	}
 
 	// Security
-	static void anonymousLogin(AuthenticationManager authenticationManager) {
+	static Subject anonymousLogin() {
+		Subject subject = new Subject();
+		LoginContext lc;
 		try {
-			List<GrantedAuthorityPrincipal> anonAuthorities = Collections
-					.singletonList(new GrantedAuthorityPrincipal(
-							KernelHeader.ROLE_ANONYMOUS));
-			UserDetails anonUser = new User(KernelHeader.USERNAME_ANONYMOUS,
-					"", true, true, true, true, anonAuthorities);
-			AnonymousAuthenticationToken anonToken = new AnonymousAuthenticationToken(
-					DEFAULT_SECURITY_KEY, anonUser, anonAuthorities);
-			Authentication authentication = authenticationManager
-					.authenticate(anonToken);
-			SecurityContextHolder.getContext()
-					.setAuthentication(authentication);
-		} catch (Exception e) {
-			throw new CmsException("Cannot authenticate", e);
+			lc = new LoginContext(KernelHeader.LOGIN_CONTEXT_ANONYMOUS, subject);
+			lc.login();
+			return subject;
+		} catch (LoginException e) {
+			throw new CmsException("Cannot login as anonymous", e);
 		}
 	}
 
+	// @Deprecated
+	// static void anonymousLogin(AuthenticationManager authenticationManager) {
+	// try {
+	// List<GrantedAuthorityPrincipal> anonAuthorities = Collections
+	// .singletonList(new GrantedAuthorityPrincipal(
+	// KernelHeader.ROLE_ANONYMOUS));
+	// UserDetails anonUser = new User(KernelHeader.USERNAME_ANONYMOUS,
+	// "", true, true, true, true, anonAuthorities);
+	// AnonymousAuthenticationToken anonToken = new
+	// AnonymousAuthenticationToken(
+	// DEFAULT_SECURITY_KEY, anonUser, anonAuthorities);
+	// Authentication authentication = authenticationManager
+	// .authenticate(anonToken);
+	// SecurityContextHolder.getContext()
+	// .setAuthentication(authentication);
+	// } catch (Exception e) {
+	// throw new CmsException("Cannot authenticate", e);
+	// }
+	// }
+
 	// HTTP
 	static void logRequestHeaders(Log log, HttpServletRequest request) {
 		if (!log.isDebugEnabled())