Improve authenticated application context initialization

ASSIGNED - bug 17: Generalize agent management and registration beyond JMS
https://bugzilla.argeo.org/show_bug.cgi?id=17

git-svn-id: https://svn.argeo.org/commons/trunk@4481 4cfe0d0a-d680-48aa-b62c-e0a02a3f76cc

diff --git a/security/runtime/org.argeo.security.core/src/main/java/org/argeo/security/core/AbstractSystemExecution.java b/security/runtime/org.argeo.security.core/src/main/java/org/argeo/security/core/AbstractSystemExecution.java
index 23a111b9430e51e50c5c5b507a560c7514ed2bde..856ceee60e0a0e55fb672f781e21adbac2936595 100644 (file)
--- a/security/runtime/org.argeo.security.core/src/main/java/org/argeo/security/core/AbstractSystemExecution.java
+++ b/security/runtime/org.argeo.security.core/src/main/java/org/argeo/security/core/AbstractSystemExecution.java
@@ -68,11 +68,18 @@ public abstract class AbstractSystemExecution {
                if (securityContext.getAuthentication() != null) {
                        securityContext.setAuthentication(null);
                        authenticatedBySelf.set(false);
-                       if (log.isTraceEnabled())
+                       if (log.isTraceEnabled()) {
                                log.trace("System deauthenticated");
+                               // Thread.dumpStack();
+                       }
                }
        }
 
+       /** Whether the current thread was authenticated by this component. */
+       protected Boolean isAuthenticatedBySelf() {
+               return authenticatedBySelf.get();
+       }
+
        public void setAuthenticationManager(
                        AuthenticationManager authenticationManager) {
                this.authenticationManager = authenticationManager;

diff --git a/security/runtime/org.argeo.security.core/src/main/java/org/argeo/security/core/AuthenticatedApplicationContextInitialization.java b/security/runtime/org.argeo.security.core/src/main/java/org/argeo/security/core/AuthenticatedApplicationContextInitialization.java
new file mode 100644 (file)
index 0000000..51d4b19
--- /dev/null
+++ b/security/runtime/org.argeo.security.core/src/main/java/org/argeo/security/core/AuthenticatedApplicationContextInitialization.java
@@ -0,0 +1,77 @@
+package org.argeo.security.core;
+
+import java.beans.PropertyDescriptor;
+
+import org.apache.commons.logging.Log;
+import org.apache.commons.logging.LogFactory;
+import org.springframework.beans.BeansException;
+import org.springframework.beans.PropertyValues;
+import org.springframework.beans.factory.config.InstantiationAwareBeanPostProcessor;
+import org.springframework.context.ApplicationEvent;
+import org.springframework.context.ApplicationListener;
+import org.springframework.context.event.ContextRefreshedEvent;
+
+/**
+ * Executes with a system authentication the instantiation and initialization
+ * methods of the application context where it has been defined.
+ */
+public class AuthenticatedApplicationContextInitialization extends
+               AbstractSystemExecution implements InstantiationAwareBeanPostProcessor,
+               ApplicationListener {
+       private Log log = LogFactory
+                       .getLog(AuthenticatedApplicationContextInitialization.class);
+
+       @SuppressWarnings("rawtypes")
+       public Object postProcessBeforeInstantiation(Class beanClass,
+                       String beanName) throws BeansException {
+               // we authenticate when any beans is instantiated
+               // we will deauthenticate only when the application context has been
+               // refreshed in order to be able to deal with factory beans has well
+               if (!isAuthenticatedBySelf()) {
+                       authenticateAsSystem();
+                       if (log.isDebugEnabled())
+                               log.debug("Application context initialization authenticated for thread "
+                                               + Thread.currentThread().getName());
+               }
+               return null;
+       }
+
+       public boolean postProcessAfterInstantiation(Object bean, String beanName)
+                       throws BeansException {
+               return true;
+       }
+
+       public PropertyValues postProcessPropertyValues(PropertyValues pvs,
+                       PropertyDescriptor[] pds, Object bean, String beanName)
+                       throws BeansException {
+               return pvs;
+       }
+
+       public Object postProcessBeforeInitialization(Object bean, String beanName)
+                       throws BeansException {
+               // authenticateAsSystem();
+               return bean;
+       }
+
+       public Object postProcessAfterInitialization(Object bean, String beanName)
+                       throws BeansException {
+               // NOTE: in case there was an exception in on the initialization method
+               // we expect the underlying thread to die and thus the system
+               // authentication to be lost. We have currently no way to catch the
+               // exception and perform the deauthentication by ourselves.
+               // deauthenticateAsSystem();
+               return bean;
+       }
+
+       public void onApplicationEvent(ApplicationEvent event) {
+               if (event instanceof ContextRefreshedEvent) {
+                       // make sure that we have deauthenticated after the application
+                       // context was initialized/refreshed
+                       deauthenticateAsSystem();
+                       if (log.isDebugEnabled())
+                               log.debug("Application context initialization deauthenticated for thread "
+                                               + Thread.currentThread().getName());
+               }
+       }
+
+}

diff --git a/security/runtime/org.argeo.security.core/src/main/java/org/argeo/security/core/SystemExecutionBeanPostProcessor.java b/security/runtime/org.argeo.security.core/src/main/java/org/argeo/security/core/SystemExecutionBeanPostProcessor.java
deleted file mode 100644 (file)
index a2086bb..0000000
--- a/security/runtime/org.argeo.security.core/src/main/java/org/argeo/security/core/SystemExecutionBeanPostProcessor.java
+++ /dev/null
@@ -1,61 +0,0 @@
-package org.argeo.security.core;
-
-import java.beans.PropertyDescriptor;
-
-import org.springframework.beans.BeansException;
-import org.springframework.beans.PropertyValues;
-import org.springframework.beans.factory.config.InstantiationAwareBeanPostProcessor;
-import org.springframework.context.ApplicationEvent;
-import org.springframework.context.ApplicationListener;
-import org.springframework.context.event.ContextRefreshedEvent;
-
-/**
- * Executes with a system authentication the instantiation and initialization
- * methods of the application context where it has been defined.
- */
-public class SystemExecutionBeanPostProcessor extends AbstractSystemExecution
-               implements InstantiationAwareBeanPostProcessor, ApplicationListener {
-
-       @SuppressWarnings("rawtypes")
-       public Object postProcessBeforeInstantiation(Class beanClass,
-                       String beanName) throws BeansException {
-               authenticateAsSystem();
-               return null;
-       }
-
-       public boolean postProcessAfterInstantiation(Object bean, String beanName)
-                       throws BeansException {
-               return true;
-       }
-
-       public PropertyValues postProcessPropertyValues(PropertyValues pvs,
-                       PropertyDescriptor[] pds, Object bean, String beanName)
-                       throws BeansException {
-               return pvs;
-       }
-
-       public Object postProcessBeforeInitialization(Object bean, String beanName)
-                       throws BeansException {
-               authenticateAsSystem();
-               return bean;
-       }
-
-       public Object postProcessAfterInitialization(Object bean, String beanName)
-                       throws BeansException {
-               // NOTE: in case there was an exception in on the initialization method
-               // we expect the underlying thread to die and thus the system
-               // authentication to be lost. We have currently no way to catch the
-               // exception and perform the deauthentication by ourselves.
-               deauthenticateAsSystem();
-               return bean;
-       }
-
-       public void onApplicationEvent(ApplicationEvent event) {
-               if (event instanceof ContextRefreshedEvent) {
-                       // make sure that we have deauthenticated after the application
-                       // context was initialized/refreshed
-                       deauthenticateAsSystem();
-               }
-       }
-
-}