X-Git-Url: https://git.argeo.org/?a=blobdiff_plain;f=org.argeo.cms%2Fsrc%2Forg%2Fargeo%2Fcms%2Fservlet%2FCmsServletContext.java;h=0d94ff3f10781d7aace56e9eafc8a1b9e64416d7;hb=d4cd517a9ff39f08ab28c129775de19c5c0ec02a;hp=03a7551f01c568c84449fe3f44163c8600be4616;hpb=a2590cf3e2ad039f004f13ef6c97a9f702841e5b;p=lgpl%2Fargeo-commons.git diff --git a/org.argeo.cms/src/org/argeo/cms/servlet/CmsServletContext.java b/org.argeo.cms/src/org/argeo/cms/servlet/CmsServletContext.java index 03a7551f0..0d94ff3f1 100644 --- a/org.argeo.cms/src/org/argeo/cms/servlet/CmsServletContext.java +++ b/org.argeo.cms/src/org/argeo/cms/servlet/CmsServletContext.java @@ -2,8 +2,10 @@ package org.argeo.cms.servlet; import java.io.IOException; import java.net.URL; +import java.security.PrivilegedAction; import java.util.Map; +import javax.security.auth.Subject; import javax.security.auth.login.LoginContext; import javax.security.auth.login.LoginException; import javax.servlet.http.HttpServletRequest; @@ -13,6 +15,7 @@ import org.apache.commons.logging.Log; import org.apache.commons.logging.LogFactory; import org.argeo.api.NodeConstants; import org.argeo.cms.auth.HttpRequestCallbackHandler; +import org.argeo.cms.auth.ServletAuthUtils; import org.argeo.cms.internal.http.HttpUtils; import org.osgi.framework.Bundle; import org.osgi.framework.FrameworkUtil; @@ -50,9 +53,27 @@ public class CmsServletContext extends ServletContextHelper { if (lc == null) return false; } + + Subject subject = lc.getSubject(); + //log.debug("SERVLET CONTEXT: "+subject); + Subject.doAs(subject, new PrivilegedAction() { + + @Override + public Void run() { + // TODO also set login context in order to log out ? + ServletAuthUtils.configureRequestSecurity(request); + return null; + } + + }); return true; } + @Override + public void finishSecurity(HttpServletRequest request, HttpServletResponse response) { + ServletAuthUtils.clearRequestSecurity(request); + } + protected LoginContext processUnauthorized(HttpServletRequest request, HttpServletResponse response) { // anonymous try {