import javax.security.auth.Subject;
import javax.security.auth.login.LoginContext;
import javax.security.auth.login.LoginException;
+import javax.security.auth.x500.X500Principal;
import org.apache.commons.logging.Log;
import org.apache.commons.logging.LogFactory;
return userDn;
}
+ @Override
+ public String getUserRole() {
+ return new X500Principal(authorization.getName()).getName();
+ }
+
@Override
public String getLocalId() {
return localSessionId;
import javax.security.auth.Subject;
import javax.servlet.http.HttpServletRequest;
+import org.argeo.cms.auth.CmsSession;
import org.argeo.cms.auth.CurrentUser;
+import org.osgi.framework.BundleContext;
+import org.osgi.framework.FrameworkUtil;
import org.osgi.service.http.HttpContext;
/** Authentications utilities when using servlets. */
public class ServletAuthUtils {
+ private static BundleContext bundleContext = FrameworkUtil.getBundle(ServletAuthUtils.class).getBundleContext();
+
/**
* Execute this supplier, using the CMS class loader as context classloader.
* Useful to log in to JCR.
req.setAttribute(HttpContext.REMOTE_USER, null);
req.setAttribute(AccessControlContext.class.getName(), null);
}
+
+ public static CmsSession getCmsSession(HttpServletRequest req) {
+ Subject subject = Subject
+ .getSubject((AccessControlContext) req.getAttribute(AccessControlContext.class.getName()));
+ CmsSession cmsSession = CmsSession.getCmsSession(bundleContext, subject);
+ return cmsSession;
+ }
}
import java.util.List;
import java.util.Set;
+import javax.security.auth.x500.X500Principal;
+
import org.osgi.service.useradmin.Authorization;
/** An {@link Authorization} which combines roles form various auth sources. */
private final Set<String> roles;
public AggregatingAuthorization(String name, String displayName, Set<String> systemRoles, String[] roles) {
- this.name = name;
+ this.name = new X500Principal(name).getName();
this.displayName = displayName;
this.systemRoles = Collections.unmodifiableSet(new HashSet<>(systemRoles));
Set<String> temp = new HashSet<>();