projects
/
lgpl
/
argeo-commons.git
/ commitdiff
summary
|
shortlog
|
log
|
commit
| commitdiff |
tree
raw
|
patch
|
inline
| side by side (parent:
8f70be7
)
Make username and user role more consistent.
author
Mathieu Baudier <mbaudier@argeo.org>
Mon, 30 Nov 2020 12:04:57 +0000
(13:04 +0100)
committer
Mathieu Baudier <mbaudier@argeo.org>
Mon, 30 Nov 2020 12:04:57 +0000
(13:04 +0100)
org.argeo.cms/src/org/argeo/cms/auth/CmsSession.java
patch
|
blob
|
history
org.argeo.cms/src/org/argeo/cms/internal/auth/CmsSessionImpl.java
patch
|
blob
|
history
org.argeo.cms/src/org/argeo/cms/servlet/ServletAuthUtils.java
patch
|
blob
|
history
org.argeo.enterprise/src/org/argeo/osgi/useradmin/AggregatingAuthorization.java
patch
|
blob
|
history
diff --git
a/org.argeo.cms/src/org/argeo/cms/auth/CmsSession.java
b/org.argeo.cms/src/org/argeo/cms/auth/CmsSession.java
index 8b389087888ac76851425b0bad9f3e2d953c8d40..a0ea6a63fd552b452f2e5e45f7765c24f72fa2a8 100644
(file)
--- a/
org.argeo.cms/src/org/argeo/cms/auth/CmsSession.java
+++ b/
org.argeo.cms/src/org/argeo/cms/auth/CmsSession.java
@@
-22,6
+22,8
@@
public interface CmsSession {
UUID getUuid();
UUID getUuid();
+ String getUserRole();
+
LdapName getUserDn();
String getLocalId();
LdapName getUserDn();
String getLocalId();
diff --git
a/org.argeo.cms/src/org/argeo/cms/internal/auth/CmsSessionImpl.java
b/org.argeo.cms/src/org/argeo/cms/internal/auth/CmsSessionImpl.java
index 211f21c94ead35175e5e730dee0348765f93c3da..9ae0fd8d8b5634091d221633085bd93618df2090 100644
(file)
--- a/
org.argeo.cms/src/org/argeo/cms/internal/auth/CmsSessionImpl.java
+++ b/
org.argeo.cms/src/org/argeo/cms/internal/auth/CmsSessionImpl.java
@@
-24,6
+24,7
@@
import javax.naming.ldap.LdapName;
import javax.security.auth.Subject;
import javax.security.auth.login.LoginContext;
import javax.security.auth.login.LoginException;
import javax.security.auth.Subject;
import javax.security.auth.login.LoginContext;
import javax.security.auth.login.LoginException;
+import javax.security.auth.x500.X500Principal;
import org.apache.commons.logging.Log;
import org.apache.commons.logging.LogFactory;
import org.apache.commons.logging.Log;
import org.apache.commons.logging.LogFactory;
@@
-224,6
+225,11
@@
public class CmsSessionImpl implements CmsSession {
return userDn;
}
return userDn;
}
+ @Override
+ public String getUserRole() {
+ return new X500Principal(authorization.getName()).getName();
+ }
+
@Override
public String getLocalId() {
return localSessionId;
@Override
public String getLocalId() {
return localSessionId;
diff --git
a/org.argeo.cms/src/org/argeo/cms/servlet/ServletAuthUtils.java
b/org.argeo.cms/src/org/argeo/cms/servlet/ServletAuthUtils.java
index 13dfbe638782c3a4243f03d96d0af311e6b471d0..333fa1aa027f481090b4370e1d61ba8be16dcdf4 100644
(file)
--- a/
org.argeo.cms/src/org/argeo/cms/servlet/ServletAuthUtils.java
+++ b/
org.argeo.cms/src/org/argeo/cms/servlet/ServletAuthUtils.java
@@
-8,11
+8,16
@@
import java.util.function.Supplier;
import javax.security.auth.Subject;
import javax.servlet.http.HttpServletRequest;
import javax.security.auth.Subject;
import javax.servlet.http.HttpServletRequest;
+import org.argeo.cms.auth.CmsSession;
import org.argeo.cms.auth.CurrentUser;
import org.argeo.cms.auth.CurrentUser;
+import org.osgi.framework.BundleContext;
+import org.osgi.framework.FrameworkUtil;
import org.osgi.service.http.HttpContext;
/** Authentications utilities when using servlets. */
public class ServletAuthUtils {
import org.osgi.service.http.HttpContext;
/** Authentications utilities when using servlets. */
public class ServletAuthUtils {
+ private static BundleContext bundleContext = FrameworkUtil.getBundle(ServletAuthUtils.class).getBundleContext();
+
/**
* Execute this supplier, using the CMS class loader as context classloader.
* Useful to log in to JCR.
/**
* Execute this supplier, using the CMS class loader as context classloader.
* Useful to log in to JCR.
@@
-50,4
+55,11
@@
public class ServletAuthUtils {
req.setAttribute(HttpContext.REMOTE_USER, null);
req.setAttribute(AccessControlContext.class.getName(), null);
}
req.setAttribute(HttpContext.REMOTE_USER, null);
req.setAttribute(AccessControlContext.class.getName(), null);
}
+
+ public static CmsSession getCmsSession(HttpServletRequest req) {
+ Subject subject = Subject
+ .getSubject((AccessControlContext) req.getAttribute(AccessControlContext.class.getName()));
+ CmsSession cmsSession = CmsSession.getCmsSession(bundleContext, subject);
+ return cmsSession;
+ }
}
}
diff --git
a/org.argeo.enterprise/src/org/argeo/osgi/useradmin/AggregatingAuthorization.java
b/org.argeo.enterprise/src/org/argeo/osgi/useradmin/AggregatingAuthorization.java
index ba9953416c9d5c05c80776e068b8ccf07759f007..05ba94889d403e5d681a3744db1d6d5fde14cf9e 100644
(file)
--- a/
org.argeo.enterprise/src/org/argeo/osgi/useradmin/AggregatingAuthorization.java
+++ b/
org.argeo.enterprise/src/org/argeo/osgi/useradmin/AggregatingAuthorization.java
@@
-6,6
+6,8
@@
import java.util.HashSet;
import java.util.List;
import java.util.Set;
import java.util.List;
import java.util.Set;
+import javax.security.auth.x500.X500Principal;
+
import org.osgi.service.useradmin.Authorization;
/** An {@link Authorization} which combines roles form various auth sources. */
import org.osgi.service.useradmin.Authorization;
/** An {@link Authorization} which combines roles form various auth sources. */
@@
-16,7
+18,7
@@
class AggregatingAuthorization implements Authorization {
private final Set<String> roles;
public AggregatingAuthorization(String name, String displayName, Set<String> systemRoles, String[] roles) {
private final Set<String> roles;
public AggregatingAuthorization(String name, String displayName, Set<String> systemRoles, String[] roles) {
- this.name = n
ame
;
+ this.name = n
ew X500Principal(name).getName()
;
this.displayName = displayName;
this.systemRoles = Collections.unmodifiableSet(new HashSet<>(systemRoles));
Set<String> temp = new HashSet<>();
this.displayName = displayName;
this.systemRoles = Collections.unmodifiableSet(new HashSet<>(systemRoles));
Set<String> temp = new HashSet<>();