X-Git-Url: https://git.argeo.org/?a=blobdiff_plain;f=org.argeo.cms%2Fsrc%2Forg%2Fargeo%2Fcms%2Futil%2FUserMenu.java;h=801a2611bf9b861bebfdc7021bbe738acfffd7f9;hb=0a7d938324d33848ac7dc4ef4007c73a714171ee;hp=622ce1c31ead869dbc97fe62ad0165af1fe9488a;hpb=0aace113e5cd3c265f2a1c7aeec5bac565fe581a;p=lgpl%2Fargeo-commons.git

diff --git a/org.argeo.cms/src/org/argeo/cms/util/UserMenu.java b/org.argeo.cms/src/org/argeo/cms/util/UserMenu.java
index 622ce1c31..801a2611b 100644
--- a/org.argeo.cms/src/org/argeo/cms/util/UserMenu.java
+++ b/org.argeo.cms/src/org/argeo/cms/util/UserMenu.java
@@ -1,6 +1,12 @@
 package org.argeo.cms.util;
 
+import static org.argeo.cms.auth.AuthConstants.ACCESS_CONTROL_CONTEXT;
+import static org.argeo.cms.auth.AuthConstants.LOGIN_CONTEXT_ANONYMOUS;
+import static org.argeo.cms.auth.AuthConstants.LOGIN_CONTEXT_USER;
+
 import java.io.IOException;
+import java.security.AccessController;
+import java.security.PrivilegedAction;
 
 import javax.security.auth.Subject;
 import javax.security.auth.callback.Callback;
@@ -10,14 +16,15 @@ import javax.security.auth.callback.PasswordCallback;
 import javax.security.auth.callback.UnsupportedCallbackException;
 import javax.security.auth.login.LoginContext;
 import javax.security.auth.login.LoginException;
+import javax.servlet.http.HttpServletRequest;
+import javax.servlet.http.HttpSession;
 
-import org.argeo.ArgeoException;
-import org.argeo.cms.CmsLogin;
+import org.argeo.cms.CmsException;
 import org.argeo.cms.CmsMsg;
-import org.argeo.cms.CmsSession;
 import org.argeo.cms.CmsStyles;
-import org.argeo.cms.KernelHeader;
-import org.argeo.cms.auth.ArgeoLoginContext;
+import org.argeo.cms.CmsView;
+import org.argeo.cms.auth.AuthConstants;
+import org.argeo.cms.auth.CurrentUser;
 import org.eclipse.rap.rwt.RWT;
 import org.eclipse.swt.SWT;
 import org.eclipse.swt.events.MouseAdapter;
@@ -28,29 +35,23 @@ import org.eclipse.swt.events.TraverseEvent;
 import org.eclipse.swt.events.TraverseListener;
 import org.eclipse.swt.layout.GridData;
 import org.eclipse.swt.layout.GridLayout;
+import org.eclipse.swt.widgets.Composite;
 import org.eclipse.swt.widgets.Control;
 import org.eclipse.swt.widgets.Label;
 import org.eclipse.swt.widgets.Shell;
 import org.eclipse.swt.widgets.Text;
-import org.springframework.security.core.context.SecurityContextHolder;
 
 /** The site-related user menu */
 public class UserMenu extends Shell implements CmsStyles, CallbackHandler {
 	private static final long serialVersionUID = -5788157651532106301L;
-
-	private CmsLogin cmsLogin;
-	// private String username = null;
 	private Text username, password;
 
-	public UserMenu(CmsLogin cmsLogin, Control source) {
+	public UserMenu(Control source) {
 		super(source.getDisplay(), SWT.NO_TRIM | SWT.BORDER | SWT.ON_TOP);
-		this.cmsLogin = cmsLogin;
-
 		setData(RWT.CUSTOM_VARIANT, CMS_USER_MENU);
 
-		String username = SecurityContextHolder.getContext()
-				.getAuthentication().getName();
-		if (username.equals("anonymous")) {
+		String username = CurrentUser.getUsername(CmsUtils.getCmsView().getSubject());
+		if (username.equalsIgnoreCase(AuthConstants.ROLE_ANONYMOUS)) {
 			username = null;
 			anonymousUi();
 		} else {
@@ -70,28 +71,19 @@ public class UserMenu extends Shell implements CmsStyles, CallbackHandler {
 				close();
 				dispose();
 			}
-
 		});
-
 		open();
-
 	}
 
 	protected void userUi() {
-		setLayout(new GridLayout());
-
-		String username = SecurityContextHolder.getContext()
-				.getAuthentication().getName();
+		setLayout(CmsUtils.noSpaceGridLayout());
+		Composite c = new Composite(this, SWT.NONE);
+		c.setLayout(new GridLayout());
+		c.setLayoutData(CmsUtils.fillAll());
 
-		Label l = new Label(this, SWT.NONE);
-		l.setData(RWT.CUSTOM_VARIANT, CMS_USER_MENU_ITEM);
-		l.setData(RWT.MARKUP_ENABLED, true);
-		l.setLayoutData(CmsUtils.fillWidth());
-		l.setText("<b>" + username + "</b>");
+		specificUserUi(c);
 
-		final CmsSession cmsSession = (CmsSession) getDisplay().getData(
-				CmsSession.KEY);
-		l = new Label(this, SWT.NONE);
+		Label l = new Label(c, SWT.NONE);
 		l.setData(RWT.CUSTOM_VARIANT, CMS_USER_MENU_ITEM);
 		l.setText(CmsMsg.logout.lead());
 		GridData lData = CmsUtils.fillWidth();
@@ -102,46 +94,43 @@ public class UserMenu extends Shell implements CmsStyles, CallbackHandler {
 			private static final long serialVersionUID = 6444395812777413116L;
 
 			public void mouseDown(MouseEvent e) {
-				Subject subject = new Subject();
-				try {
-					new ArgeoLoginContext(KernelHeader.LOGIN_CONTEXT_USER,
-							subject).logout();
-					new ArgeoLoginContext(KernelHeader.LOGIN_CONTEXT_ANONYMOUS,
-							subject).login();
-				} catch (LoginException e1) {
-					throw new ArgeoException("Cannot authenticate anonymous",
-							e1);
-				}
-				// SecurityContextHolder.getContext().setAuthentication(null);
-				// HttpSession httpSession = RWT.getRequest().getSession();
-				// httpSession.removeAttribute(SPRING_SECURITY_CONTEXT_KEY);
-				close();
-				dispose();
-				cmsSession.authChange();
+				logout();
 			}
 		});
 	}
 
+	/** To be overridden */
+	protected void specificUserUi(Composite parent) {
+
+	}
+
 	protected void anonymousUi() {
-		Integer textWidth = 150;
+		setLayout(CmsUtils.noSpaceGridLayout());
+
+		// We need a composite for the traversal
+		Composite c = new Composite(this, SWT.NONE);
+		c.setLayout(new GridLayout());
+		c.setLayoutData(CmsUtils.fillAll());
+
+		Integer textWidth = 120;
 		setData(RWT.CUSTOM_VARIANT, CMS_USER_MENU);
-		setLayout(new GridLayout(2, false));
 
-		new Label(this, SWT.NONE).setText(CmsMsg.username.lead());
-		username = new Text(this, SWT.BORDER);
+		// new Label(this, SWT.NONE).setText(CmsMsg.username.lead());
+		username = new Text(c, SWT.BORDER);
+		username.setMessage(CmsMsg.username.lead());
 		username.setData(RWT.CUSTOM_VARIANT, CMS_LOGIN_DIALOG_USERNAME);
 		GridData gd = CmsUtils.fillWidth();
 		gd.widthHint = textWidth;
 		username.setLayoutData(gd);
 
-		new Label(this, SWT.NONE).setText(CmsMsg.password.lead());
-		password = new Text(this, SWT.BORDER | SWT.PASSWORD);
+		// new Label(this, SWT.NONE).setText(CmsMsg.password.lead());
+		password = new Text(c, SWT.BORDER | SWT.PASSWORD);
+		password.setMessage(CmsMsg.password.lead());
 		password.setData(RWT.CUSTOM_VARIANT, CMS_LOGIN_DIALOG_PASSWORD);
 		gd = CmsUtils.fillWidth();
 		gd.widthHint = textWidth;
 		password.setLayoutData(gd);
 
-		// Listeners
 		TraverseListener tl = new TraverseListener() {
 			private static final long serialVersionUID = -1158892811534971856L;
 
@@ -150,29 +139,69 @@ public class UserMenu extends Shell implements CmsStyles, CallbackHandler {
 					login();
 			}
 		};
+		c.addTraverseListener(tl);
 		username.addTraverseListener(tl);
 		password.addTraverseListener(tl);
+		setTabList(new Control[] { c });
+		c.setTabList(new Control[] { username, password });
+		c.setFocus();
 	}
 
 	protected void login() {
-		CmsSession cmsSession = (CmsSession) getDisplay().getData(
-				CmsSession.KEY);
-
-		Subject subject = new Subject();
+		CmsView cmsSession = (CmsView) getDisplay().getData(CmsView.KEY);
+		Subject subject = cmsSession.getSubject();
 		try {
-			new ArgeoLoginContext(KernelHeader.LOGIN_CONTEXT_ANONYMOUS, subject)
-					.logout();
-			LoginContext loginContext = new ArgeoLoginContext(
-					KernelHeader.LOGIN_CONTEXT_USER, subject, this);
+			//
+			// LOGIN
+			//
+			new LoginContext(LOGIN_CONTEXT_ANONYMOUS, subject).logout();
+			LoginContext loginContext = new LoginContext(LOGIN_CONTEXT_USER,
+					subject, this);
 			loginContext.login();
+
+			// save context in session
+			final HttpSession httpSession = RWT.getRequest().getSession();
+			Subject.doAs(subject, new PrivilegedAction<Void>() {
+
+				@Override
+				public Void run() {
+					httpSession.setAttribute(ACCESS_CONTROL_CONTEXT,
+							AccessController.getContext());
+					return null;
+				}
+			});
 		} catch (LoginException e1) {
-			throw new ArgeoException("Cannot authenticate anonymous", e1);
+			try {
+				new LoginContext(LOGIN_CONTEXT_ANONYMOUS, subject).login();
+			} catch (LoginException e) {
+				throw new CmsException("Cannot authenticate anonymous", e1);
+			}
+			throw new CmsException("Cannot authenticate", e1);
 		}
+		close();
+		dispose();
+		cmsSession.authChange();
+	}
 
-		// cmsLogin.logInWithPassword(username, password);
+	protected void logout() {
+		final CmsView cmsSession = (CmsView) getDisplay().getData(CmsView.KEY);
+		Subject subject = cmsSession.getSubject();
+		try {
+			//
+			// LOGOUT
+			//
+			new LoginContext(LOGIN_CONTEXT_USER, subject).logout();
+			new LoginContext(LOGIN_CONTEXT_ANONYMOUS, subject).login();
+
+			HttpServletRequest httpRequest = RWT.getRequest();
+			HttpSession httpSession = httpRequest.getSession();
+			httpSession.setAttribute(ACCESS_CONTROL_CONTEXT, null);
+		} catch (LoginException e1) {
+			throw new CmsException("Cannot authenticate anonymous", e1);
+		}
 		close();
 		dispose();
-		// refreshUi(source.getParent());
+		cmsSession.navigateTo("~");
 		cmsSession.authChange();
 	}
 
@@ -181,12 +210,6 @@ public class UserMenu extends Shell implements CmsStyles, CallbackHandler {
 			UnsupportedCallbackException {
 		((NameCallback) callbacks[0]).setName(username.getText());
 		((PasswordCallback) callbacks[1]).setPassword(password.getTextChars());
-		// while (!isDisposed())
-		// try {
-		// Thread.sleep(500);
-		// } catch (InterruptedException e) {
-		// // silent
-		// }
 	}
 
 }