X-Git-Url: https://git.argeo.org/?a=blobdiff_plain;f=security%2Fplugins%2Forg.argeo.security.equinox%2Fsrc%2Fmain%2Fjava%2Forg%2Fargeo%2Fsecurity%2Fequinox%2FSpringLoginModule.java;h=dada3440525caf6c95b3e0172c25c33201223713;hb=8b8ee149b20e2578a55e17413fa5f7399ff7ba14;hp=ad6390d367a13333fc9f459a0199b7cc78bd121e;hpb=528580a33f630f79c61caa1378b581cc13b2b8ed;p=lgpl%2Fargeo-commons.git diff --git a/security/plugins/org.argeo.security.equinox/src/main/java/org/argeo/security/equinox/SpringLoginModule.java b/security/plugins/org.argeo.security.equinox/src/main/java/org/argeo/security/equinox/SpringLoginModule.java index ad6390d36..dada34405 100644 --- a/security/plugins/org.argeo.security.equinox/src/main/java/org/argeo/security/equinox/SpringLoginModule.java +++ b/security/plugins/org.argeo.security.equinox/src/main/java/org/argeo/security/equinox/SpringLoginModule.java @@ -7,7 +7,6 @@ import javax.security.auth.callback.Callback; import javax.security.auth.callback.CallbackHandler; import javax.security.auth.callback.NameCallback; import javax.security.auth.callback.PasswordCallback; -import javax.security.auth.callback.TextOutputCallback; import javax.security.auth.login.LoginException; import org.apache.commons.logging.Log; @@ -21,6 +20,8 @@ import org.springframework.security.providers.jaas.SecurityContextLoginModule; /** Login module which caches one subject per thread. */ public class SpringLoginModule extends SecurityContextLoginModule { + final static String NODE_REPO_URI = "argeo.node.repo.uri"; + private final static Log log = LogFactory.getLog(SpringLoginModule.class); private AuthenticationManager authenticationManager; @@ -28,8 +29,10 @@ public class SpringLoginModule extends SecurityContextLoginModule { private CallbackHandler callbackHandler; private Subject subject; - - private Long waitBetweenFailedLoginAttempts = 5*1000l; + + private Long waitBetweenFailedLoginAttempts = 5 * 1000l; + + private Boolean remote = false; public SpringLoginModule() { @@ -61,18 +64,20 @@ public class SpringLoginModule extends SecurityContextLoginModule { subject.getPublicCredentials().clear(); // ask for username and password - Callback label = new TextOutputCallback( - TextOutputCallback.INFORMATION, "Required login"); NameCallback nameCallback = new NameCallback("User"); PasswordCallback passwordCallback = new PasswordCallback( "Password", false); - // NameCallback urlCallback = new NameCallback("Site URL"); + NameCallback urlCallback = new NameCallback("Site URL"); if (callbackHandler == null) throw new LoginException("No call back handler available"); - callbackHandler.handle(new Callback[] { label, nameCallback, - passwordCallback }); + if (remote) + callbackHandler.handle(new Callback[] { nameCallback, + passwordCallback, urlCallback }); + else + callbackHandler.handle(new Callback[] { nameCallback, + passwordCallback }); // Set user name and password String username = nameCallback.getName(); @@ -83,12 +88,16 @@ public class SpringLoginModule extends SecurityContextLoginModule { if (passwordCallback.getPassword() != null) password = String.valueOf(passwordCallback.getPassword()); - // String url = urlCallback.getName(); + String url = remote ? urlCallback.getName() : null; + if (remote && (url == null || url.trim().equals(""))) + // for convenience, may be removed in the future + url = System.getProperty(NODE_REPO_URI); + // TODO: set it via system properties String workspace = null; SiteAuthenticationToken credentials = new SiteAuthenticationToken( - username, password, null, workspace); + username, password, url, workspace); Authentication authentication; try { @@ -138,4 +147,8 @@ public class SpringLoginModule extends SecurityContextLoginModule { AuthenticationManager authenticationManager) { this.authenticationManager = authenticationManager; } + + public void setRemote(Boolean remote) { + this.remote = remote; + } }