log4j.logger.org.argeo=DEBUG
log4j.logger.org.argeo.jackrabbit.remote.ExtendedDispatcherServlet=WARN
log4j.logger.org.argeo.server.webextender.TomcatDeployer=WARN
+log4j.logger.org.argeo.security.core=TRACE
log4j.logger.org.apache.catalina=INFO
log4j.logger.org.apache.coyote=INFO
import org.eclipse.swt.SWT;
import org.eclipse.swt.graphics.Font;
import org.eclipse.swt.widgets.Composite;
+import org.eclipse.swt.widgets.Display;
+import org.eclipse.swt.widgets.Table;
import org.eclipse.ui.part.ViewPart;
/**
private LogContentProvider logContentProvider;
private SecureLogger argeoLogger;
- private Font font;
-
@Override
public void createPartControl(Composite parent) {
// FIXME doesn't return a monospace font in RAP
- font = JFaceResources.getTextFont();
-// if (font == JFaceResources.getDefaultFont()) {
-// Set<?> keySet = JFaceResources.getFontRegistry().getKeySet();
-// for (Object key : keySet) {
-// System.out.println(key);
-// }
-// }
-
- viewer = new TableViewer(parent, SWT.VIRTUAL | SWT.MULTI | SWT.H_SCROLL
+ Font font = JFaceResources.getTextFontDescriptor().setHeight(8)
+ .createFont(Display.getCurrent());
+ Table table = new Table(parent, SWT.VIRTUAL | SWT.MULTI | SWT.H_SCROLL
| SWT.V_SCROLL | SWT.FULL_SELECTION | SWT.BORDER);
- viewer.getTable().setFont(font);
+ table.setFont(font);
+
+ viewer = new TableViewer(table);
viewer.setLabelProvider(new LabelProvider());
logContentProvider = new LogContentProvider(viewer) {
// }
/** Scroll to the last line */
- protected void scrollToLastLine() {
+ protected synchronized void scrollToLastLine() {
// we try to show last line with two methods
// viewer.reveal(lines.peekLast());
Table table = viewer.getTable();
- TableItem ti = table.getItem(lines.size() - 1);
- if (ti == null)
- System.out.println("tableItem is null");
+ TableItem ti = table.getItem(table.getItemCount() - 1);
table.showItem(ti);
}
import org.argeo.ArgeoLogListener;
import org.argeo.ArgeoLogger;
import org.argeo.security.ui.SecurityUiPlugin;
+import org.eclipse.jface.resource.JFaceResources;
import org.eclipse.jface.viewers.LabelProvider;
import org.eclipse.jface.viewers.TableViewer;
import org.eclipse.swt.SWT;
+import org.eclipse.swt.graphics.Font;
import org.eclipse.swt.widgets.Composite;
+import org.eclipse.swt.widgets.Display;
+import org.eclipse.swt.widgets.Table;
import org.eclipse.ui.part.ViewPart;
/**
@Override
public void createPartControl(Composite parent) {
- viewer = new TableViewer(parent, SWT.VIRTUAL | SWT.MULTI | SWT.H_SCROLL
+ Font font = JFaceResources.getTextFontDescriptor().setHeight(8)
+ .createFont(Display.getCurrent());
+ Table table = new Table(parent, SWT.VIRTUAL | SWT.MULTI | SWT.H_SCROLL
| SWT.V_SCROLL | SWT.FULL_SELECTION | SWT.BORDER);
+ table.setFont(font);
+
+ viewer = new TableViewer(table);
viewer.setLabelProvider(new LabelProvider());
logContentProvider = new LogContentProvider(viewer);
viewer.setContentProvider(logContentProvider);
package org.argeo.security.core;
-import java.security.AccessController;
-
-import javax.security.auth.Subject;
-
import org.apache.commons.logging.Log;
import org.apache.commons.logging.LogFactory;
import org.argeo.ArgeoException;
+import org.argeo.security.SystemAuthentication;
import org.springframework.security.Authentication;
import org.springframework.security.AuthenticationManager;
import org.springframework.security.context.SecurityContext;
static {
// Forces Spring Security to use inheritable strategy
// FIXME find a better place for forcing spring security mode
- // doesn't work for the time besing
+ // doesn't work for the time being
// if (System.getProperty(SecurityContextHolder.SYSTEM_PROPERTY) == null)
// SecurityContextHolder
// .setStrategyName(SecurityContextHolder.MODE_INHERITABLETHREADLOCAL);
private String systemAuthenticationKey;
/** Whether the current thread was authenticated by this component. */
- private InheritableThreadLocal<Boolean> authenticatedBySelf = new InheritableThreadLocal<Boolean>() {
+ private ThreadLocal<Boolean> authenticatedBySelf = new ThreadLocal<Boolean>() {
protected Boolean initialValue() {
return false;
}
return;
SecurityContext securityContext = SecurityContextHolder.getContext();
Authentication currentAuth = securityContext.getAuthentication();
- if (currentAuth != null){
- throw new ArgeoException(
- "System execution on an already authenticated thread: "
- + currentAuth + ", THREAD="
- + Thread.currentThread().getId());
+ if (currentAuth != null) {
+ if (!(currentAuth instanceof SystemAuthentication))
+ throw new ArgeoException(
+ "System execution on an already authenticated thread: "
+ + currentAuth + ", THREAD="
+ + Thread.currentThread().getId());
+ return;
}
- Subject subject = Subject.getSubject(AccessController.getContext());
- if (subject != null
- && !subject.getPrincipals(Authentication.class).isEmpty())
- throw new ArgeoException(
- "There is already an authenticated subject: " + subject);
+ // Subject subject = Subject.getSubject(AccessController.getContext());
+ // if (subject != null
+ // && !subject.getPrincipals(Authentication.class).isEmpty())
+ // throw new ArgeoException(
+ // "There is already an authenticated subject: " + subject);
String key = systemAuthenticationKey != null ? systemAuthenticationKey
: System.getProperty(
log.trace("System authenticated");
}
- /** Removes the authentication from the calling thread. */
- protected void deauthenticateAsSystem() {
- // remove the authentication
- SecurityContext securityContext = SecurityContextHolder.getContext();
- if (securityContext.getAuthentication() != null) {
- securityContext.setAuthentication(null);
- authenticatedBySelf.set(false);
- if (log.isTraceEnabled()) {
- log.trace("System deauthenticated");
- // Thread.dumpStack();
- }
- }
- }
+ // /** Removes the authentication from the calling thread. */
+ // protected void deauthenticateAsSystem() {
+ // // remove the authentication
+ // // SecurityContext securityContext = SecurityContextHolder.getContext();
+ // // securityContext.setAuthentication(null);
+ // // authenticatedBySelf.set(false);
+ // if (log.isTraceEnabled()) {
+ // log.trace("System deauthenticated");
+ // // Thread.dumpStack();
+ // }
+ // }
/**
* Whether the current thread was authenticated by this component or a
import java.beans.PropertyDescriptor;
-import org.apache.commons.logging.Log;
-import org.apache.commons.logging.LogFactory;
import org.springframework.beans.BeansException;
import org.springframework.beans.PropertyValues;
import org.springframework.beans.factory.config.InstantiationAwareBeanPostProcessor;
public class AuthenticatedApplicationContextInitialization extends
AbstractSystemExecution implements InstantiationAwareBeanPostProcessor,
ApplicationListener {
- private Log log = LogFactory
- .getLog(AuthenticatedApplicationContextInitialization.class);
+ // private Log log = LogFactory
+ // .getLog(AuthenticatedApplicationContextInitialization.class);
@SuppressWarnings("rawtypes")
public Object postProcessBeforeInstantiation(Class beanClass,
String beanName) throws BeansException {
- // we authenticate when any beans is instantiated
+ // we authenticate when any bean is instantiated
// we will deauthenticate only when the application context has been
// refreshed in order to be able to deal with factory beans has well
if (!isAuthenticatedBySelf()) {
authenticateAsSystem();
- if (log.isTraceEnabled())
- log.trace("Application context initialization authenticated for thread "
- + Thread.currentThread().getName());
}
return null;
}
if (event instanceof ContextRefreshedEvent) {
// make sure that we have deauthenticated after the application
// context was initialized/refreshed
- deauthenticateAsSystem();
- if (log.isTraceEnabled())
- log.trace("Application context initialization deauthenticated for thread "
- + Thread.currentThread().getName());
+ // deauthenticateAsSystem();
}
}
try {
return runnable.call();
} finally {
- deauthenticateAsSystem();
+// deauthenticateAsSystem();
}
}
};
public class ArgeoLoginModule extends AbstractLoginModule {
private String adminRole = "ROLE_ADMIN";
+ @Override
+ public boolean login() throws LoginException {
+ boolean loginOk = super.login();
+ if (!loginOk) {
+ org.springframework.security.Authentication authen = (org.springframework.security.Authentication) SecurityContextHolder
+ .getContext().getAuthentication();
+ }
+ return loginOk;
+ }
+
+ @Override
+ public boolean commit() throws LoginException {
+ boolean commitOk = super.commit();
+ if (!commitOk) {
+ org.springframework.security.Authentication authen = (org.springframework.security.Authentication) SecurityContextHolder
+ .getContext().getAuthentication();
+ }
+ return commitOk;
+ }
+
/**
* Returns the Spring {@link org.springframework.security.Authentication}
* (which can be null)
protected Set<Principal> getPrincipals() {
// clear already registered Jackrabbit principals
- //clearPrincipals(AdminPrincipal.class);
- //clearPrincipals(AnonymousPrincipal.class);
- //clearPrincipals(GrantedAuthorityPrincipal.class);
+ // clearPrincipals(AdminPrincipal.class);
+ // clearPrincipals(AnonymousPrincipal.class);
+ // clearPrincipals(GrantedAuthorityPrincipal.class);
return syncPrincipals();
}
if (thisCredentials != null)
thisCredentials.clear();
// override credentials since we did not used the one passed to us
-// credentials = new SimpleCredentials(authen.getName(), authen
-// .getCredentials().toString().toCharArray());
+ // credentials = new SimpleCredentials(authen.getName(), authen
+ // .getCredentials().toString().toCharArray());
return principals;
}