X-Git-Url: https://git.argeo.org/?a=blobdiff_plain;f=org.argeo.security.ui.rcp%2Fsrc%2Forg%2Fargeo%2Fsecurity%2Fui%2Frcp%2FAbstractSecureApplication.java;fp=org.argeo.security.ui.rcp%2Fsrc%2Forg%2Fargeo%2Fsecurity%2Fui%2Frcp%2FAbstractSecureApplication.java;h=75184cbab6110c7848a040285dd78870bc00c0cf;hb=d33e8191813f561cee96fbbbd3f74737070140d0;hp=0000000000000000000000000000000000000000;hpb=959ea5e8b3cc27eaf6cb31c37d7fc28f2719f6f3;p=lgpl%2Fargeo-commons.git

diff --git a/org.argeo.security.ui.rcp/src/org/argeo/security/ui/rcp/AbstractSecureApplication.java b/org.argeo.security.ui.rcp/src/org/argeo/security/ui/rcp/AbstractSecureApplication.java
new file mode 100644
index 000000000..75184cbab
--- /dev/null
+++ b/org.argeo.security.ui.rcp/src/org/argeo/security/ui/rcp/AbstractSecureApplication.java
@@ -0,0 +1,166 @@
+/*
+ * Copyright (C) 2007-2012 Argeo GmbH
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ *         http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+package org.argeo.security.ui.rcp;
+
+import java.security.PrivilegedAction;
+
+import javax.security.auth.Subject;
+import javax.security.auth.login.LoginException;
+
+import org.apache.commons.logging.Log;
+import org.apache.commons.logging.LogFactory;
+import org.argeo.OperatingSystem;
+import org.eclipse.equinox.app.IApplication;
+import org.eclipse.equinox.app.IApplicationContext;
+import org.eclipse.equinox.security.auth.ILoginContext;
+import org.eclipse.swt.widgets.Display;
+import org.eclipse.ui.IWorkbench;
+import org.eclipse.ui.PlatformUI;
+import org.eclipse.ui.application.WorkbenchAdvisor;
+
+/**
+ * RCP workbench initialization
+ */
+public abstract class AbstractSecureApplication implements IApplication {
+	final static String NODE_REPO_URI = "argeo.node.repo.uri";
+
+	private static final Log log = LogFactory
+			.getLog(AbstractSecureApplication.class);
+
+	protected WorkbenchAdvisor createWorkbenchAdvisor(String username) {
+		return new SecureWorkbenchAdvisor(username);
+	}
+
+	public Object start(IApplicationContext context) throws Exception {
+		// wait for the system to be initialized
+		// try {
+		// Thread.sleep(3000);
+		// } catch (Exception e2) {
+		// // silent
+		// }
+
+		boolean remote = System.getProperty(NODE_REPO_URI) != null;
+
+		// choose login context
+		final ILoginContext loginContext;
+		if (remote) {
+			loginContext = SecureApplicationActivator
+					.createLoginContext(SecureApplicationActivator.CONTEXT_REMOTE);
+		} else {
+			if (OperatingSystem.os == OperatingSystem.WINDOWS)
+				loginContext = SecureApplicationActivator
+						.createLoginContext(SecureApplicationActivator.CONTEXT_WINDOWS);
+			else
+				loginContext = SecureApplicationActivator
+						.createLoginContext(SecureApplicationActivator.CONTEXT_NIX);
+		}
+
+		final Display display = PlatformUI.createDisplay();
+
+		// login
+		Subject subject = null;
+		try {
+			loginContext.login();
+			subject = loginContext.getSubject();
+		} catch (LoginException e) {
+			log.error("Error when logging in.", e);
+			display.dispose();
+			try {
+				Thread.sleep(2000);
+			} catch (InterruptedException e1) {
+				// silent
+			}
+			return null;
+		}
+
+		// identify after successful login
+		if (log.isDebugEnabled())
+			log.debug("subject=" + subject);
+		final String username = subject.getPrincipals().iterator().next()
+				.getName();
+		if (log.isDebugEnabled())
+			log.debug(username + " logged in");
+//		display.disposeExec(new Runnable() {
+//			public void run() {
+//				log.debug("Display disposed");
+//				logout(loginContext, username);
+//			}
+//		});
+
+		try {
+			PrivilegedAction<?> privilegedAction = new PrivilegedAction<Object>() {
+				public Object run() {
+					int result = PlatformUI.createAndRunWorkbench(display,
+							createWorkbenchAdvisor(username));
+					return new Integer(result);
+				}
+			};
+
+			Integer returnCode = (Integer) Subject.doAs(subject,
+					privilegedAction);
+			logout(loginContext, username);
+			return processReturnCode(returnCode);
+		} catch (Exception e) {
+			if (subject != null)
+				logout(loginContext, username);
+			log.error("Unexpected error", e);
+		} finally {
+			display.dispose();
+		}
+		return null;
+	}
+
+	protected Integer processReturnCode(Integer returnCode) {
+		if (returnCode == PlatformUI.RETURN_RESTART)
+			return IApplication.EXIT_RESTART;
+		else
+			return IApplication.EXIT_OK;
+	}
+
+	static void logout(ILoginContext secureContext, String username) {
+		try {
+			secureContext.logout();
+			log.info("Logged out " + (username != null ? username : "")
+					+ " (THREAD=" + Thread.currentThread().getId() + ")");
+		} catch (LoginException e) {
+			log.error("Erorr when logging out", e);
+		}
+	}
+
+	public void stop() {
+		final IWorkbench workbench;
+		try {
+			workbench = PlatformUI.getWorkbench();
+		} catch (Exception e) {
+			return;
+		}
+		if (workbench == null)
+			return;
+		final Display display = workbench.getDisplay();
+		if (display != null && !display.isDisposed())
+			display.syncExec(new Runnable() {
+
+				public void run() {
+					if (!display.isDisposed())
+						workbench.close();
+				}
+			});
+
+		if (log.isDebugEnabled())
+			log.debug("workbench stopped");
+	}
+
+}