X-Git-Url: https://git.argeo.org/?a=blobdiff_plain;f=security%2Fplugins%2Forg.argeo.security.ui.rap%2Fsrc%2Fmain%2Fjava%2Forg%2Fargeo%2Fsecurity%2Fui%2Frap%2FSecureEntryPoint.java;h=6da17d73399006eea930bc75809c1104aafebb96;hb=cd50e3711d3b86921f11d9e021fc6a43bef0d400;hp=0e5ad6ec02abb356a53510542d6973b5626f22f3;hpb=b52c8b344846458c2bc36c3e1354893f205f3fd7;p=lgpl%2Fargeo-commons.git diff --git a/security/plugins/org.argeo.security.ui.rap/src/main/java/org/argeo/security/ui/rap/SecureEntryPoint.java b/security/plugins/org.argeo.security.ui.rap/src/main/java/org/argeo/security/ui/rap/SecureEntryPoint.java index 0e5ad6ec0..6da17d733 100644 --- a/security/plugins/org.argeo.security.ui.rap/src/main/java/org/argeo/security/ui/rap/SecureEntryPoint.java +++ b/security/plugins/org.argeo.security.ui.rap/src/main/java/org/argeo/security/ui/rap/SecureEntryPoint.java @@ -1,3 +1,18 @@ +/* + * Copyright (C) 2007-2012 Argeo GmbH + * + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ package org.argeo.security.ui.rap; import java.security.PrivilegedAction; @@ -11,6 +26,7 @@ import org.apache.commons.logging.Log; import org.apache.commons.logging.LogFactory; import org.argeo.ArgeoException; import org.argeo.eclipse.ui.ErrorFeedback; +import org.argeo.util.LocaleUtils; import org.eclipse.equinox.security.auth.ILoginContext; import org.eclipse.jface.dialogs.MessageDialog; import org.eclipse.rwt.RWT; @@ -55,6 +71,7 @@ public class SecureEntryPoint implements IEntryPoint { // around too long RWT.getRequest().getSession().setMaxInactiveInterval(loginTimeout); + // Try to load security context thanks to the session processing filter HttpServletRequest httpRequest = RWT.getRequest(); HttpSession httpSession = httpRequest.getSession(); Object contextFromSessionObject = httpSession @@ -63,10 +80,10 @@ public class SecureEntryPoint implements IEntryPoint { SecurityContextHolder .setContext((SecurityContext) contextFromSessionObject); - if (log.isDebugEnabled()) - log.debug("THREAD=" + Thread.currentThread().getId() - + ", sessionStore=" + RWT.getSessionStore().getId() - + ", remote user=" + httpRequest.getRemoteUser()); +// if (log.isDebugEnabled()) +// log.debug("THREAD=" + Thread.currentThread().getId() +// + ", sessionStore=" + RWT.getSessionStore().getId() +// + ", remote user=" + httpRequest.getRemoteUser()); // create display final Display display = PlatformUI.createDisplay(); @@ -80,9 +97,13 @@ public class SecureEntryPoint implements IEntryPoint { loginContext.login(); subject = loginContext.getSubject(); + // add security context to session if (httpSession.getAttribute(SPRING_SECURITY_CONTEXT_KEY) == null) httpSession.setAttribute(SPRING_SECURITY_CONTEXT_KEY, SecurityContextHolder.getContext()); + // add thread locale to RWT session + log.info("Locale "+LocaleUtils.threadLocale.get()); + RWT.setLocale(LocaleUtils.threadLocale.get()); // Once the user is logged in, she can have a longer session // timeout @@ -125,7 +146,7 @@ public class SecureEntryPoint implements IEntryPoint { return new Integer(result); } }); - logout(loginContext, username); + // logout(loginContext, username); } finally { display.dispose(); } @@ -179,6 +200,11 @@ public class SecureEntryPoint implements IEntryPoint { protected void logout(ILoginContext secureContext, String username) { try { + HttpServletRequest httpRequest = RWT.getRequest(); + HttpSession httpSession = httpRequest.getSession(); + httpSession.setAttribute(SPRING_SECURITY_CONTEXT_KEY, null); + RWT.getRequest().getSession().setMaxInactiveInterval(1); + SecurityContextHolder.clearContext(); secureContext.logout(); log.info("Logged out " + (username != null ? username : "") + " (THREAD=" + Thread.currentThread().getId() + ")");