X-Git-Url: https://git.argeo.org/?a=blobdiff_plain;f=org.argeo.cms%2Fsrc%2Forg%2Fargeo%2Fcms%2Finternal%2Fkernel%2FNodeHttp.java;h=9d0bac5dc79dbe95c35b2ff3a4b4a343a6e64f20;hb=8f00f7a33c89ebfd27126a4d7a16535c088ddc0a;hp=418771d981669295308a51958aa6b979e0a38385;hpb=9417e33dda6b8987312a89ca44cdb2f511f04050;p=lgpl%2Fargeo-commons.git

diff --git a/org.argeo.cms/src/org/argeo/cms/internal/kernel/NodeHttp.java b/org.argeo.cms/src/org/argeo/cms/internal/kernel/NodeHttp.java
index 418771d98..9d0bac5dc 100644
--- a/org.argeo.cms/src/org/argeo/cms/internal/kernel/NodeHttp.java
+++ b/org.argeo.cms/src/org/argeo/cms/internal/kernel/NodeHttp.java
@@ -30,7 +30,6 @@ import org.osgi.service.http.NamespaceException;
 import org.springframework.security.authentication.AuthenticationManager;
 import org.springframework.security.authentication.UsernamePasswordAuthenticationToken;
 import org.springframework.security.core.Authentication;
-import org.springframework.security.core.context.SecurityContext;
 import org.springframework.security.core.context.SecurityContextHolder;
 
 /**
@@ -73,20 +72,34 @@ class NodeHttp implements KernelConstants, ArgeoJcrConstants {
 		// DAV
 		sessionProvider = new OpenInViewSessionProvider();
 
+		registerRepositoryServlets(ALIAS_NODE, node);
 		try {
-			registerWebdavServlet(ALIAS_NODE, node, true);
-			registerWebdavServlet(ALIAS_NODE, node, false);
-			registerRemotingServlet(ALIAS_NODE, node, true);
-			registerRemotingServlet(ALIAS_NODE, node, false);
-
 			httpService.registerFilter("/", rootFilter, null, null);
 		} catch (Exception e) {
-			throw new CmsException("Could not initialise http", e);
+			throw new CmsException(
+					"Could not register root filter", e);
 		}
 	}
 
 	public void destroy() {
 		sessionProvider.destroy();
+		unregisterRepositoryServlets(ALIAS_NODE);
+	}
+
+	void registerRepositoryServlets(String alias, Repository repository) {
+		try {
+			registerWebdavServlet(alias, repository, true);
+			registerWebdavServlet(alias, repository, false);
+			registerRemotingServlet(alias, repository, true);
+			registerRemotingServlet(alias, repository, false);
+		} catch (Exception e) {
+			throw new CmsException(
+					"Could not register servlets for repository " + alias, e);
+		}
+	}
+
+	void unregisterRepositoryServlets(String alias) {
+		// FIXME unregister servlets
 	}
 
 	void registerWebdavServlet(String alias, Repository repository,
@@ -123,11 +136,11 @@ class NodeHttp implements KernelConstants, ArgeoJcrConstants {
 		httpService.registerServlet(path, (Servlet) remotingServlet, ip, null);
 	}
 
-	private Boolean isSessionAuthenticated(HttpSession httpSession) {
-		SecurityContext contextFromSession = (SecurityContext) httpSession
-				.getAttribute(SPRING_SECURITY_CONTEXT_KEY);
-		return contextFromSession != null;
-	}
+//	private Boolean isSessionAuthenticated(HttpSession httpSession) {
+//		SecurityContext contextFromSession = (SecurityContext) httpSession
+//				.getAttribute(SPRING_SECURITY_CONTEXT_KEY);
+//		return contextFromSession != null;
+//	}
 
 	private void requestBasicAuth(HttpSession httpSession,
 			HttpServletResponse response) {
@@ -207,7 +220,7 @@ class NodeHttp implements KernelConstants, ArgeoJcrConstants {
 			int pathLength = path.length();
 			if (pathLength != 0 && (path.charAt(0) == '/')
 					&& !servletPath.endsWith("rwt-resources")
-					&& !path.equals("/")) {
+					&& path.lastIndexOf('/')!=0) {
 				String newLocation = request.getServletPath() + "#" + path;
 				response.setHeader("Location", newLocation);
 				response.setStatus(HttpServletResponse.SC_FOUND);
@@ -263,10 +276,10 @@ class NodeHttp implements KernelConstants, ArgeoJcrConstants {
 				FilterChain filterChain) throws IOException, ServletException {
 
 			// Authenticate from session
-			if (isSessionAuthenticated(httpSession)) {
-				filterChain.doFilter(request, response);
-				return;
-			}
+//			if (isSessionAuthenticated(httpSession)) {
+//				filterChain.doFilter(request, response);
+//				return;
+//			}
 
 			KernelUtils.anonymousLogin(authenticationManager);
 			filterChain.doFilter(request, response);
@@ -293,9 +306,9 @@ class NodeHttp implements KernelConstants, ArgeoJcrConstants {
 				UsernamePasswordAuthenticationToken token = basicAuth(basicAuth);
 				Authentication auth = authenticationManager.authenticate(token);
 				SecurityContextHolder.getContext().setAuthentication(auth);
-				httpSession.setAttribute(SPRING_SECURITY_CONTEXT_KEY,
-						SecurityContextHolder.getContext());
-				httpSession.setAttribute(ATTR_AUTH, Boolean.FALSE);
+//				httpSession.setAttribute(SPRING_SECURITY_CONTEXT_KEY,
+//						SecurityContextHolder.getContext());
+//				httpSession.setAttribute(ATTR_AUTH, Boolean.FALSE);
 				filterChain.doFilter(request, response);
 				return;
 			}