X-Git-Url: https://git.argeo.org/?a=blobdiff_plain;f=security%2Fplugins%2Forg.argeo.security.equinox%2Fsrc%2Fmain%2Fjava%2Forg%2Fargeo%2Fsecurity%2Fequinox%2FSpringLoginModule.java;fp=security%2Fplugins%2Forg.argeo.security.equinox%2Fsrc%2Fmain%2Fjava%2Forg%2Fargeo%2Fsecurity%2Fequinox%2FSpringLoginModule.java;h=71ce5715bc937f5d6a4d310d913aa24af8c3da71;hb=484dcb1507e4e35cc282e50522ea7eac7e99a7f9;hp=dada3440525caf6c95b3e0172c25c33201223713;hpb=366325583b0b101f3e78fcfda65d3f856cef8617;p=lgpl%2Fargeo-commons.git

diff --git a/security/plugins/org.argeo.security.equinox/src/main/java/org/argeo/security/equinox/SpringLoginModule.java b/security/plugins/org.argeo.security.equinox/src/main/java/org/argeo/security/equinox/SpringLoginModule.java
index dada34405..71ce5715b 100644
--- a/security/plugins/org.argeo.security.equinox/src/main/java/org/argeo/security/equinox/SpringLoginModule.java
+++ b/security/plugins/org.argeo.security.equinox/src/main/java/org/argeo/security/equinox/SpringLoginModule.java
@@ -11,7 +11,7 @@ import javax.security.auth.login.LoginException;
 
 import org.apache.commons.logging.Log;
 import org.apache.commons.logging.LogFactory;
-import org.argeo.security.SiteAuthenticationToken;
+import org.argeo.security.NodeAuthenticationToken;
 import org.springframework.security.Authentication;
 import org.springframework.security.AuthenticationManager;
 import org.springframework.security.BadCredentialsException;
@@ -63,23 +63,30 @@ public class SpringLoginModule extends SecurityContextLoginModule {
 			if (subject.getPublicCredentials() != null)
 				subject.getPublicCredentials().clear();
 
+			if (callbackHandler == null)
+				throw new LoginException("No call back handler available");
+
 			// ask for username and password
 			NameCallback nameCallback = new NameCallback("User");
 			PasswordCallback passwordCallback = new PasswordCallback(
 					"Password", false);
-
-			NameCallback urlCallback = new NameCallback("Site URL");
-
-			if (callbackHandler == null)
-				throw new LoginException("No call back handler available");
+			final String defaultNodeUrl = "http://localhost:7070/org.argeo.jcr.webapp/remoting/node";
+			final String defaultSecurityWorkspace = "security";
+			NameCallback urlCallback = new NameCallback("Site URL",
+					defaultNodeUrl);
+			NameCallback securityWorkspaceCallback = new NameCallback(
+					"Security Workspace", defaultSecurityWorkspace);
+
+			// handle callbacks
 			if (remote)
 				callbackHandler.handle(new Callback[] { nameCallback,
-						passwordCallback, urlCallback });
+						passwordCallback, urlCallback,
+						securityWorkspaceCallback });
 			else
 				callbackHandler.handle(new Callback[] { nameCallback,
 						passwordCallback });
 
-			// Set user name and password
+			// create credentials
 			String username = nameCallback.getName();
 			if (username == null || username.trim().equals(""))
 				return false;
@@ -88,16 +95,15 @@ public class SpringLoginModule extends SecurityContextLoginModule {
 			if (passwordCallback.getPassword() != null)
 				password = String.valueOf(passwordCallback.getPassword());
 
-			String url = remote ? urlCallback.getName() : null;
-			if (remote && (url == null || url.trim().equals("")))
-				// for convenience, may be removed in the future
-				url = System.getProperty(NODE_REPO_URI);
-
-			// TODO: set it via system properties
-			String workspace = null;
-
-			SiteAuthenticationToken credentials = new SiteAuthenticationToken(
-					username, password, url, workspace);
+			NodeAuthenticationToken credentials;
+			if (remote) {
+				String url = urlCallback.getName();
+				String workspace = securityWorkspaceCallback.getName();
+				credentials = new NodeAuthenticationToken(username, password,
+						url, workspace);
+			} else {
+				credentials = new NodeAuthenticationToken(username, password);
+			}
 
 			Authentication authentication;
 			try {