Fix various issues raised when adapting upper layers

[lgpl/argeo-commons.git] / org.argeo.cms / src / org / argeo / cms / auth / HttpSessionLoginModule.java
diff --git a/org.argeo.cms/src/org/argeo/cms/auth/HttpSessionLoginModule.java b/org.argeo.cms/src/org/argeo/cms/auth/HttpSessionLoginModule.java

index 8cb524fbe344bd6b864a40b5bfd0f89555ba7a3a..8cc3941bc191b9b883306706f0d95f0ee8361fad 100644 (file)
--- a/org.argeo.cms/src/org/argeo/cms/auth/HttpSessionLoginModule.java
+++ b/org.argeo.cms/src/org/argeo/cms/auth/HttpSessionLoginModule.java
@@ -13,12 +13,10 @@ import javax.security.auth.callback.CallbackHandler;
  import javax.security.auth.callback.UnsupportedCallbackException;
  import javax.security.auth.login.LoginException;
  import javax.security.auth.spi.LoginModule;
-import javax.servlet.http.HttpServletRequest;
-import javax.servlet.http.HttpServletResponse;
-import javax.servlet.http.HttpSession;
  
  import org.apache.commons.logging.Log;
  import org.apache.commons.logging.LogFactory;
+import org.argeo.cms.internal.auth.CmsSessionImpl;
  import org.argeo.cms.internal.kernel.Activator;
  import org.osgi.framework.BundleContext;
  import org.osgi.framework.FrameworkUtil;
@@ -33,8 +31,8 @@ public class HttpSessionLoginModule implements LoginModule {
         private CallbackHandler callbackHandler = null;
         private Map<String, Object> sharedState = null;
  
-       private HttpServletRequest request = null;
-       private HttpServletResponse response = null;
+       private HttpRequest request = null;
+       private HttpResponse response = null;
  
         private BundleContext bc;
  
@@ -71,9 +69,9 @@ public class HttpSessionLoginModule implements LoginModule {
                                 return false;
                         // TODO factorize with below
                         String httpSessionId = httpSession.getId();
-                       if (log.isTraceEnabled())
-                               log.trace("HTTP login: " + request.getPathInfo() + " #" + httpSessionId);
-                       CmsSession cmsSession = CmsAuthUtils.cmsSessionFromHttpSession(bc, httpSessionId);
+//                     if (log.isTraceEnabled())
+//                             log.trace("HTTP login: " + request.getPathInfo() + " #" + httpSessionId);
+                       CmsSessionImpl cmsSession = CmsAuthUtils.cmsSessionFromHttpSession(bc, httpSessionId);
                         if (cmsSession != null) {
                                 authorization = cmsSession.getAuthorization();
                                 locale = cmsSession.getLocale();
@@ -83,17 +81,17 @@ public class HttpSessionLoginModule implements LoginModule {
                 } else {
                         authorization = (Authorization) request.getAttribute(HttpContext.AUTHORIZATION);
                         if (authorization == null) {// search by session ID
-                               HttpSession httpSession = request.getSession(false);
+                               HttpSession httpSession = request.getSession();
                                 if (httpSession == null) {
                                         // TODO make sure this is always safe
                                         if (log.isTraceEnabled())
                                                 log.trace("Create http session");
-                                       httpSession = request.getSession(true);
+                                       httpSession = request.createSession();
                                 }
                                 String httpSessionId = httpSession.getId();
-                               if (log.isTraceEnabled())
-                                       log.trace("HTTP login: " + request.getPathInfo() + " #" + httpSessionId);
-                               CmsSession cmsSession = CmsAuthUtils.cmsSessionFromHttpSession(bc, httpSessionId);
+//                             if (log.isTraceEnabled())
+//                                     log.trace("HTTP login: " + request.getPathInfo() + " #" + httpSessionId);
+                               CmsSessionImpl cmsSession = CmsAuthUtils.cmsSessionFromHttpSession(bc, httpSessionId);
                                 if (cmsSession != null) {
                                         authorization = cmsSession.getAuthorization();
                                         locale = cmsSession.getLocale();
@@ -158,7 +156,7 @@ public class HttpSessionLoginModule implements LoginModule {
                 return true;
         }
  
-       private void extractHttpAuth(final HttpServletRequest httpRequest) {
+       private void extractHttpAuth(final HttpRequest httpRequest) {
                 String authHeader = httpRequest.getHeader(CmsAuthUtils.HEADER_AUTHORIZATION);
                 extractHttpAuth(authHeader);
         }
@@ -205,7 +203,7 @@ public class HttpSessionLoginModule implements LoginModule {
                 // }
         }
  
-       private void extractClientCertificate(HttpServletRequest req) {
+       private void extractClientCertificate(HttpRequest req) {
                 X509Certificate[] certs = (X509Certificate[]) req.getAttribute("javax.servlet.request.X509Certificate");
                 if (null != certs && certs.length > 0) {// Servlet container verified the client certificate
                         String certDn = certs[0].getSubjectX500Principal().getName();