X-Git-Url: https://git.argeo.org/?a=blobdiff_plain;f=org.argeo.cms%2Fsrc%2Forg%2Fargeo%2Fcms%2Futil%2FUserMenu.java;h=801a2611bf9b861bebfdc7021bbe738acfffd7f9;hb=24e6079ae3db662b9acb900bbfdaa826fb0f2c9e;hp=1c35600012d9c47e33d031e376bb1d98d627310f;hpb=93a457cf047cebb0170abd0f37a9b4291a2ae3e9;p=lgpl%2Fargeo-commons.git
diff --git a/org.argeo.cms/src/org/argeo/cms/util/UserMenu.java b/org.argeo.cms/src/org/argeo/cms/util/UserMenu.java
index 1c3560001..801a2611b 100644
--- a/org.argeo.cms/src/org/argeo/cms/util/UserMenu.java
+++ b/org.argeo.cms/src/org/argeo/cms/util/UserMenu.java
@@ -1,6 +1,12 @@
package org.argeo.cms.util;
+import static org.argeo.cms.auth.AuthConstants.ACCESS_CONTROL_CONTEXT;
+import static org.argeo.cms.auth.AuthConstants.LOGIN_CONTEXT_ANONYMOUS;
+import static org.argeo.cms.auth.AuthConstants.LOGIN_CONTEXT_USER;
+
import java.io.IOException;
+import java.security.AccessController;
+import java.security.PrivilegedAction;
import javax.security.auth.Subject;
import javax.security.auth.callback.Callback;
@@ -10,13 +16,15 @@ import javax.security.auth.callback.PasswordCallback;
import javax.security.auth.callback.UnsupportedCallbackException;
import javax.security.auth.login.LoginContext;
import javax.security.auth.login.LoginException;
+import javax.servlet.http.HttpServletRequest;
+import javax.servlet.http.HttpSession;
import org.argeo.cms.CmsException;
import org.argeo.cms.CmsMsg;
-import org.argeo.cms.CmsSession;
import org.argeo.cms.CmsStyles;
-import org.argeo.cms.KernelHeader;
-import org.argeo.cms.auth.ArgeoLoginContext;
+import org.argeo.cms.CmsView;
+import org.argeo.cms.auth.AuthConstants;
+import org.argeo.cms.auth.CurrentUser;
import org.eclipse.rap.rwt.RWT;
import org.eclipse.swt.SWT;
import org.eclipse.swt.events.MouseAdapter;
@@ -42,13 +50,8 @@ public class UserMenu extends Shell implements CmsStyles, CallbackHandler {
super(source.getDisplay(), SWT.NO_TRIM | SWT.BORDER | SWT.ON_TOP);
setData(RWT.CUSTOM_VARIANT, CMS_USER_MENU);
- // Authentication authentication = SecurityContextHolder.getContext()
- // .getAuthentication();
- // if (authentication == null)
- // throw new CmsException("No authentication available");
-
- String username = CurrentUserUtils.getUsername();
- if (username.equalsIgnoreCase(KernelHeader.ROLE_ANONYMOUS)) {
+ String username = CurrentUser.getUsername(CmsUtils.getCmsView().getSubject());
+ if (username.equalsIgnoreCase(AuthConstants.ROLE_ANONYMOUS)) {
username = null;
anonymousUi();
} else {
@@ -78,15 +81,6 @@ public class UserMenu extends Shell implements CmsStyles, CallbackHandler {
c.setLayout(new GridLayout());
c.setLayoutData(CmsUtils.fillAll());
- // String username = SecurityContextHolder.getContext()
- // .getAuthentication().getName();
- //
- // Label l = new Label(c, SWT.NONE);
- // l.setData(RWT.CUSTOM_VARIANT, CMS_USER_MENU_ITEM);
- // l.setData(RWT.MARKUP_ENABLED, true);
- // l.setLayoutData(CmsUtils.fillWidth());
- // l.setText("" + username + "");
-
specificUserUi(c);
Label l = new Label(c, SWT.NONE);
@@ -105,12 +99,6 @@ public class UserMenu extends Shell implements CmsStyles, CallbackHandler {
});
}
- // protected String getUsername() {
- // // String username = SecurityContextHolder.getContext()
- // // .getAuthentication().getName();
- // return CurrentUserUtils.getUsername();
- // }
-
/** To be overridden */
protected void specificUserUi(Composite parent) {
@@ -160,22 +148,31 @@ public class UserMenu extends Shell implements CmsStyles, CallbackHandler {
}
protected void login() {
- CmsSession cmsSession = (CmsSession) getDisplay().getData(
- CmsSession.KEY);
+ CmsView cmsSession = (CmsView) getDisplay().getData(CmsView.KEY);
Subject subject = cmsSession.getSubject();
try {
//
// LOGIN
//
- new ArgeoLoginContext(KernelHeader.LOGIN_CONTEXT_ANONYMOUS, subject)
- .logout();
- LoginContext loginContext = new ArgeoLoginContext(
- KernelHeader.LOGIN_CONTEXT_USER, subject, this);
+ new LoginContext(LOGIN_CONTEXT_ANONYMOUS, subject).logout();
+ LoginContext loginContext = new LoginContext(LOGIN_CONTEXT_USER,
+ subject, this);
loginContext.login();
+
+ // save context in session
+ final HttpSession httpSession = RWT.getRequest().getSession();
+ Subject.doAs(subject, new PrivilegedAction() {
+
+ @Override
+ public Void run() {
+ httpSession.setAttribute(ACCESS_CONTROL_CONTEXT,
+ AccessController.getContext());
+ return null;
+ }
+ });
} catch (LoginException e1) {
try {
- new ArgeoLoginContext(KernelHeader.LOGIN_CONTEXT_ANONYMOUS,
- subject).login();
+ new LoginContext(LOGIN_CONTEXT_ANONYMOUS, subject).login();
} catch (LoginException e) {
throw new CmsException("Cannot authenticate anonymous", e1);
}
@@ -187,17 +184,18 @@ public class UserMenu extends Shell implements CmsStyles, CallbackHandler {
}
protected void logout() {
- final CmsSession cmsSession = (CmsSession) getDisplay().getData(
- CmsSession.KEY);
+ final CmsView cmsSession = (CmsView) getDisplay().getData(CmsView.KEY);
Subject subject = cmsSession.getSubject();
try {
//
// LOGOUT
//
- new ArgeoLoginContext(KernelHeader.LOGIN_CONTEXT_USER, subject)
- .logout();
- new ArgeoLoginContext(KernelHeader.LOGIN_CONTEXT_ANONYMOUS, subject)
- .login();
+ new LoginContext(LOGIN_CONTEXT_USER, subject).logout();
+ new LoginContext(LOGIN_CONTEXT_ANONYMOUS, subject).login();
+
+ HttpServletRequest httpRequest = RWT.getRequest();
+ HttpSession httpSession = httpRequest.getSession();
+ httpSession.setAttribute(ACCESS_CONTROL_CONTEXT, null);
} catch (LoginException e1) {
throw new CmsException("Cannot authenticate anonymous", e1);
}