X-Git-Url: https://git.argeo.org/?a=blobdiff_plain;f=org.argeo.cms%2Fsrc%2Forg%2Fargeo%2Fcms%2Fwebsocket%2FCmsWebSocketConfigurator.java;h=f72527af18dee1768d926867ccd27e389eb11113;hb=a940a66aca249a1ce7dea66d43b0e2816845d7d1;hp=fc6513df5a041d6029e6b59903fdd022ec8eeef7;hpb=ef7f248b07ca06a29f6b507bbd8d0fa430a38407;p=lgpl%2Fargeo-commons.git diff --git a/org.argeo.cms/src/org/argeo/cms/websocket/CmsWebSocketConfigurator.java b/org.argeo.cms/src/org/argeo/cms/websocket/CmsWebSocketConfigurator.java index fc6513df5..f72527af1 100644 --- a/org.argeo.cms/src/org/argeo/cms/websocket/CmsWebSocketConfigurator.java +++ b/org.argeo.cms/src/org/argeo/cms/websocket/CmsWebSocketConfigurator.java @@ -1,7 +1,10 @@ package org.argeo.cms.websocket; +import java.security.AccessController; +import java.security.PrivilegedAction; import java.util.List; +import javax.security.auth.Subject; import javax.security.auth.login.LoginContext; import javax.servlet.http.HttpSession; import javax.websocket.Extension; @@ -14,6 +17,7 @@ import org.apache.commons.logging.Log; import org.apache.commons.logging.LogFactory; import org.argeo.cms.auth.HttpRequestCallbackHandler; import org.argeo.node.NodeConstants; +import org.osgi.service.http.context.ServletContextHelper; /** Customises the initialisation of a new web socket. */ public class CmsWebSocketConfigurator extends Configurator { @@ -71,7 +75,15 @@ public class CmsWebSocketConfigurator extends Configurator { lc.login(); if (log.isDebugEnabled()) log.debug("Web socket logged-in as " + lc.getSubject()); - sec.getUserProperties().put(WEBSOCKET_SUBJECT, lc.getSubject()); + Subject.doAs(lc.getSubject(), new PrivilegedAction() { + + @Override + public Void run() { + sec.getUserProperties().put(ServletContextHelper.REMOTE_USER, AccessController.getContext()); + return null; + } + + }); } catch (Exception e) { rejectResponse(response, e); } @@ -86,6 +98,6 @@ public class CmsWebSocketConfigurator extends Configurator { protected void rejectResponse(HandshakeResponse response, Exception e) { // violent implementation, as suggested in // https://stackoverflow.com/questions/21763829/jsr-356-how-to-abort-a-websocket-connection-during-the-handshake - throw new IllegalStateException("Web socket cannot be authenticated"); +// throw new IllegalStateException("Web socket cannot be authenticated"); } }