X-Git-Url: https://git.argeo.org/?a=blobdiff_plain;f=org.argeo.cms%2Fsrc%2Forg%2Fargeo%2Fcms%2Finternal%2Fkernel%2FKernelUtils.java;h=1d7e0868e1e6102bce439f7d7ad31fb3c3aec64a;hb=a4a78ecbc3cfd119477264534c7d0cab541ae6ad;hp=912d9fa995d2c58ea38fb350361ca4c219fa5092;hpb=50911fdcc6df5cd35e71a0a4ecddf03f98f742a2;p=lgpl%2Fargeo-commons.git diff --git a/org.argeo.cms/src/org/argeo/cms/internal/kernel/KernelUtils.java b/org.argeo.cms/src/org/argeo/cms/internal/kernel/KernelUtils.java index 912d9fa99..1d7e0868e 100644 --- a/org.argeo.cms/src/org/argeo/cms/internal/kernel/KernelUtils.java +++ b/org.argeo.cms/src/org/argeo/cms/internal/kernel/KernelUtils.java @@ -3,25 +3,19 @@ package org.argeo.cms.internal.kernel; import java.io.File; import java.io.IOException; import java.net.URI; -import java.util.Collections; import java.util.Dictionary; import java.util.Enumeration; import java.util.Hashtable; -import java.util.List; import java.util.Properties; +import javax.security.auth.Subject; +import javax.security.auth.login.LoginContext; +import javax.security.auth.login.LoginException; import javax.servlet.http.HttpServletRequest; import org.apache.commons.logging.Log; import org.argeo.cms.CmsException; import org.argeo.cms.KernelHeader; -import org.argeo.cms.internal.auth.GrantedAuthorityPrincipal; -import org.springframework.security.authentication.AnonymousAuthenticationToken; -import org.springframework.security.authentication.AuthenticationManager; -import org.springframework.security.core.Authentication; -import org.springframework.security.core.context.SecurityContextHolder; -import org.springframework.security.core.userdetails.User; -import org.springframework.security.core.userdetails.UserDetails; /** Package utilities */ class KernelUtils implements KernelConstants { @@ -76,24 +70,38 @@ class KernelUtils implements KernelConstants { } // Security - static void anonymousLogin(AuthenticationManager authenticationManager) { + static Subject anonymousLogin() { + Subject subject = new Subject(); + LoginContext lc; try { - List anonAuthorities = Collections - .singletonList(new GrantedAuthorityPrincipal( - KernelHeader.ROLE_ANONYMOUS)); - UserDetails anonUser = new User(KernelHeader.USERNAME_ANONYMOUS, - "", true, true, true, true, anonAuthorities); - AnonymousAuthenticationToken anonToken = new AnonymousAuthenticationToken( - DEFAULT_SECURITY_KEY, anonUser, anonAuthorities); - Authentication authentication = authenticationManager - .authenticate(anonToken); - SecurityContextHolder.getContext() - .setAuthentication(authentication); - } catch (Exception e) { - throw new CmsException("Cannot authenticate", e); + lc = new LoginContext(KernelHeader.LOGIN_CONTEXT_ANONYMOUS, subject); + lc.login(); + return subject; + } catch (LoginException e) { + throw new CmsException("Cannot login as anonymous", e); } } + // @Deprecated + // static void anonymousLogin(AuthenticationManager authenticationManager) { + // try { + // List anonAuthorities = Collections + // .singletonList(new GrantedAuthorityPrincipal( + // KernelHeader.ROLE_ANONYMOUS)); + // UserDetails anonUser = new User(KernelHeader.USERNAME_ANONYMOUS, + // "", true, true, true, true, anonAuthorities); + // AnonymousAuthenticationToken anonToken = new + // AnonymousAuthenticationToken( + // DEFAULT_SECURITY_KEY, anonUser, anonAuthorities); + // Authentication authentication = authenticationManager + // .authenticate(anonToken); + // SecurityContextHolder.getContext() + // .setAuthentication(authentication); + // } catch (Exception e) { + // throw new CmsException("Cannot authenticate", e); + // } + // } + // HTTP static void logRequestHeaders(Log log, HttpServletRequest request) { if (!log.isDebugEnabled())