Login module chained with Spring Security JAAS login module, instead of extending it

author Mathieu Baudier <mbaudier@argeo.org>

Sat, 7 Feb 2015 21:54:08 +0000 (21:54 +0000)

committer Mathieu Baudier <mbaudier@argeo.org>

Sat, 7 Feb 2015 21:54:08 +0000 (21:54 +0000)
author Mathieu Baudier <mbaudier@argeo.org>
Sat, 7 Feb 2015 21:54:08 +0000 (21:54 +0000)
committer Mathieu Baudier <mbaudier@argeo.org>
Sat, 7 Feb 2015 21:54:08 +0000 (21:54 +0000)
diff --git a/org.argeo.security.core/src/org/argeo/security/core/SpringLoginModule.java b/org.argeo.security.core/src/org/argeo/security/core/SpringLoginModule.java

index 75051d27b79c7a69a545651419de43aafd88fe8e..6ec4fc68ad474ea20a1a407cf65fc13a87c554c7 100644 (file)
--- a/org.argeo.security.core/src/org/argeo/security/core/SpringLoginModule.java
+++ b/org.argeo.security.core/src/org/argeo/security/core/SpringLoginModule.java
@@ -27,6 +27,7 @@ import javax.security.auth.callback.CallbackHandler;
  import javax.security.auth.callback.NameCallback;
  import javax.security.auth.callback.PasswordCallback;
  import javax.security.auth.login.LoginException;
+import javax.security.auth.spi.LoginModule;
  
  import org.apache.commons.logging.Log;
  import org.apache.commons.logging.LogFactory;
@@ -37,19 +38,16 @@ import org.osgi.framework.BundleContext;
  import org.springframework.security.authentication.AnonymousAuthenticationToken;
  import org.springframework.security.authentication.AuthenticationManager;
  import org.springframework.security.authentication.BadCredentialsException;
-import org.springframework.security.authentication.jaas.SecurityContextLoginModule;
  import org.springframework.security.core.Authentication;
  import org.springframework.security.core.authority.SimpleGrantedAuthority;
  import org.springframework.security.core.context.SecurityContextHolder;
  
  /** Login module which caches one subject per thread. */
-public class SpringLoginModule extends SecurityContextLoginModule {
+public class SpringLoginModule implements LoginModule {
         final static String NODE_REPO_URI = "argeo.node.repo.uri";
  
         private final static Log log = LogFactory.getLog(SpringLoginModule.class);
  
-       // private AuthenticationManager authenticationManager;
-
         private CallbackHandler callbackHandler;
  
         private Subject subject;
@@ -71,7 +69,6 @@ public class SpringLoginModule extends SecurityContextLoginModule {
         @SuppressWarnings("rawtypes")
         public void initialize(Subject subject, CallbackHandler callbackHandler,
                         Map sharedState, Map options) {
-               super.initialize(subject, callbackHandler, sharedState, options);
                 this.callbackHandler = callbackHandler;
                 this.subject = subject;
         }
@@ -92,7 +89,7 @@ public class SpringLoginModule extends SecurityContextLoginModule {
                                                 throw new LoginException(
                                                                 "Already authenticated with a different auth");
                                 }
-                               return super.login();
+                               return true;
                         }
  
                         if (remote && anonymous)
@@ -199,7 +196,7 @@ public class SpringLoginModule extends SecurityContextLoginModule {
                         if (selectedLocale != null)
                                 LocaleUtils.threadLocale.set(selectedLocale);
  
-                       return super.login();
+                       return true;
                 } catch (LoginException e) {
                         throw e;
                 } catch (ThreadDeath e) {
@@ -218,17 +215,17 @@ public class SpringLoginModule extends SecurityContextLoginModule {
         @Override
         public boolean logout() throws LoginException {
                 subject.getPrincipals().clear();
-               return super.logout();
+               return true;
         }
  
         @Override
         public boolean commit() throws LoginException {
-               return super.commit();
+               return true;
         }
  
         @Override
         public boolean abort() throws LoginException {
-               return super.abort();
+               return true;
         }
  
         /**
@@ -242,11 +239,6 @@ public class SpringLoginModule extends SecurityContextLoginModule {
                                 (Authentication) authentication);
         }
  
-       // public void setAuthenticationManager(
-       // AuthenticationManager authenticationManager) {
-       // this.authenticationManager = authenticationManager;
-       // }
-
         /** Authenticates on a remote node */
         public void setRemote(Boolean remote) {
                 this.remote = remote;
author	Mathieu Baudier <mbaudier@argeo.org>
	Sat, 7 Feb 2015 21:54:08 +0000 (21:54 +0000)
committer	Mathieu Baudier <mbaudier@argeo.org>
	Sat, 7 Feb 2015 21:54:08 +0000 (21:54 +0000)