package org.argeo.api.cms;
+import javax.security.auth.Subject;
import javax.security.auth.callback.CallbackHandler;
import javax.security.auth.login.LoginContext;
import javax.security.auth.login.LoginException;
return new LoginContext(getLoginContextName(), callbackHandler);
}
+ public LoginContext newLoginContext(Subject subject, CallbackHandler callbackHandler) throws LoginException {
+ return new LoginContext(getLoginContextName(), subject, callbackHandler);
+ }
+
+ public LoginContext newLoginContext(Subject subject) throws LoginException {
+ return new LoginContext(getLoginContextName(), subject);
+ }
+
/*
* LOGIN CONTEXTS
*/
package org.argeo.cms.auth;
-import java.security.AccessController;
import java.util.Map;
import java.util.Set;
import javax.security.auth.spi.LoginModule;
import org.argeo.cms.security.PBEKeySpecCallback;
+import org.argeo.util.CurrentSubject;
import org.argeo.util.PasswordEncryption;
/** Adds a secret key to the private credentials */
Map<String, ?> options) {
this.subject = subject;
if (subject == null) {
- subject = Subject.getSubject(AccessController.getContext());
+ this.subject = CurrentSubject.current();
}
this.callbackHandler = callbackHandler;
}
RemoteAuthSession getSession();
- @Deprecated
RemoteAuthSession createSession();
Locale getLocale();
package org.argeo.cms.auth;
-import java.net.InetAddress;
-import java.net.UnknownHostException;
import java.util.Locale;
import java.util.Map;
import javax.security.auth.spi.LoginModule;
import javax.security.auth.x500.X500Principal;
-import org.argeo.api.cms.CmsLog;
import org.argeo.cms.internal.runtime.CmsContextImpl;
import org.argeo.osgi.useradmin.OsUserUtils;
import org.argeo.util.directory.ldap.IpaUtils;
/** Login module for when the system is owned by a single user. */
public class SingleUserLoginModule implements LoginModule {
- private final static CmsLog log = CmsLog.getLog(SingleUserLoginModule.class);
+// private final static CmsLog log = CmsLog.getLog(SingleUserLoginModule.class);
private Subject subject;
private Map<String, Object> sharedState = null;
try {
LoginContext lc;
if (isAnonymous()) {
- lc = new LoginContext(CmsAuth.LOGIN_CONTEXT_ANONYMOUS, getSubject());
+ lc = CmsAuth.ANONYMOUS.newLoginContext(getSubject());
} else {
- lc = new LoginContext(CmsAuth.LOGIN_CONTEXT_USER, getSubject());
+ lc = CmsAuth.USER.newLoginContext(getSubject());
}
lc.logout();
} catch (LoginException e) {
} catch (Exception e) {
log.error("CMS activator shutdown failed", e);
}
-
+
new GogoShellKiller().start();
}
- private void initSecurity() {
+ protected void initSecurity() {
// code-level permissions
String osgiSecurity = bundleContext.getProperty(Constants.FRAMEWORK_SECURITY);
if (osgiSecurity != null && Constants.FRAMEWORK_SECURITY_OSGI.equals(osgiSecurity)) {
// bundleContext.registerService(ArgeoLogger.class, logger, null);
// }
-
public static <T> void registerService(Class<T> clss, T service, Dictionary<String, ?> properties) {
if (bundleContext != null) {
bundleContext.registerService(clss, service, properties);
bundleContext = null;
}
-
public static BundleContext getBundleContext() {
return bundleContext;
}