X-Git-Url: https://git.argeo.org/?a=blobdiff_plain;f=org.argeo.cms%2Fsrc%2Forg%2Fargeo%2Fcms%2Fsecurity%2FJcrKeyring.java;h=c75d38fc88f54c18fc80414ccba8b29acd076a09;hb=1b09095425a7c067c097eb91bed5b4a4a33f0dc8;hp=04e3eb9db76a99ff9d90113477de5cbf8f60fea5;hpb=6d206b9052689ffa880cd4593bfefa704dc0dd46;p=lgpl%2Fargeo-commons.git diff --git a/org.argeo.cms/src/org/argeo/cms/security/JcrKeyring.java b/org.argeo.cms/src/org/argeo/cms/security/JcrKeyring.java index 04e3eb9db..c75d38fc8 100644 --- a/org.argeo.cms/src/org/argeo/cms/security/JcrKeyring.java +++ b/org.argeo.cms/src/org/argeo/cms/security/JcrKeyring.java @@ -46,6 +46,7 @@ import org.argeo.cms.ArgeoTypes; import org.argeo.cms.CmsException; import org.argeo.jcr.ArgeoJcrException; import org.argeo.jcr.JcrUtils; +import org.argeo.node.NodeConstants; import org.argeo.node.NodeUtils; import org.argeo.node.security.PBEKeySpecCallback; @@ -67,6 +68,7 @@ public class JcrKeyring extends AbstractKeyring implements ArgeoNames { private String cipherName = DEFAULT_CIPHER_NAME; private final Repository repository; + // TODO remove thread local session ; open a session each time private ThreadLocal sessionThreadLocal = new ThreadLocal() { @Override @@ -84,13 +86,13 @@ public class JcrKeyring extends AbstractKeyring implements ArgeoNames { * handling the PBE callback. We keep one per thread in case multiple users are * accessing the same instance of a keyring. */ -// private ThreadLocal notYetSavedKeyring = new ThreadLocal() { -// -// @Override -// protected Node initialValue() { -// return null; -// } -// }; + // private ThreadLocal notYetSavedKeyring = new ThreadLocal() { + // + // @Override + // protected Node initialValue() { + // return null; + // } + // }; public JcrKeyring(Repository repository) { this.repository = repository; @@ -107,7 +109,7 @@ public class JcrKeyring extends AbstractKeyring implements ArgeoNames { private Session login() { try { - return repository.login(); + return repository.login(NodeConstants.HOME); } catch (RepositoryException e) { throw new CmsException("Cannot login key ring session", e); } @@ -115,15 +117,18 @@ public class JcrKeyring extends AbstractKeyring implements ArgeoNames { @Override protected synchronized Boolean isSetup() { + Session session = null; try { -// if (notYetSavedKeyring.get() != null) -// return true; - - session().refresh(true); - Node userHome = NodeUtils.getUserHome(session()); + // if (notYetSavedKeyring.get() != null) + // return true; + session = session(); + session.refresh(true); + Node userHome = NodeUtils.getUserHome(session); return userHome.hasNode(ARGEO_KEYRING); } catch (RepositoryException e) { throw new ArgeoJcrException("Cannot check whether keyring is setup", e); + } finally { + JcrUtils.logoutQuietly(session); } } @@ -177,7 +182,7 @@ public class JcrKeyring extends AbstractKeyring implements ArgeoNames { // binary = session().getValueFactory().createBinary(in); // keyring.setProperty(ARGEO_PASSWORD, binary); -// notYetSavedKeyring.set(keyring); + // notYetSavedKeyring.set(keyring); } catch (Exception e) { throw new ArgeoJcrException("Cannot setup keyring", e); } finally { @@ -189,14 +194,16 @@ public class JcrKeyring extends AbstractKeyring implements ArgeoNames { @Override protected synchronized void handleKeySpecCallback(PBEKeySpecCallback pbeCallback) { + Session session = null; try { - session().refresh(true); - Node userHome = NodeUtils.getUserHome(session()); + session = session(); + session.refresh(true); + Node userHome = NodeUtils.getUserHome(session); Node keyring; if (userHome.hasNode(ARGEO_KEYRING)) keyring = userHome.getNode(ARGEO_KEYRING); -// else if (notYetSavedKeyring.get() != null) -// keyring = notYetSavedKeyring.get(); + // else if (notYetSavedKeyring.get() != null) + // keyring = notYetSavedKeyring.get(); else throw new ArgeoJcrException("Keyring not setup"); @@ -206,10 +213,12 @@ public class JcrKeyring extends AbstractKeyring implements ArgeoNames { (int) keyring.getProperty(ARGEO_KEY_LENGTH).getLong(), keyring.getProperty(ARGEO_SECRET_KEY_ENCRYPTION).getString()); -// if (notYetSavedKeyring.get() != null) -// notYetSavedKeyring.remove(); + // if (notYetSavedKeyring.get() != null) + // notYetSavedKeyring.remove(); } catch (RepositoryException e) { throw new ArgeoJcrException("Cannot handle key spec callback", e); + } finally { + JcrUtils.logoutQuietly(session); } }