From: Mathieu Baudier <mbaudier@argeo.org>
Date: Wed, 5 Jan 2022 09:45:02 +0000 (+0100)
Subject: Rename remote auth interfaces
X-Git-Tag: argeo-commons-2.3.5~97
X-Git-Url: https://git.argeo.org/?p=lgpl%2Fargeo-commons.git;a=commitdiff_plain;h=4185ff8826f893a4a1f054f61a11b89333c3e85d

Rename remote auth interfaces
---

diff --git a/org.argeo.cms.servlet/bnd.bnd b/org.argeo.cms.servlet/bnd.bnd
index c8251a7fe..011cbd6a3 100644
--- a/org.argeo.cms.servlet/bnd.bnd
+++ b/org.argeo.cms.servlet/bnd.bnd
@@ -2,6 +2,7 @@ Import-Package:\
 org.osgi.service.http;version=0.0.0,\
 org.osgi.service.http.whiteboard;version=0.0.0,\
 org.osgi.framework.namespace;version=0.0.0,\
+org.argeo.cms.osgi,\
 org.argeo.api,\
 *
 
diff --git a/org.argeo.cms.servlet/src/org/argeo/cms/servlet/CmsServletContext.java b/org.argeo.cms.servlet/src/org/argeo/cms/servlet/CmsServletContext.java
index a5ba6ef82..ba19d0d5f 100644
--- a/org.argeo.cms.servlet/src/org/argeo/cms/servlet/CmsServletContext.java
+++ b/org.argeo.cms.servlet/src/org/argeo/cms/servlet/CmsServletContext.java
@@ -14,7 +14,8 @@ import javax.servlet.http.HttpServletResponse;
 import org.apache.commons.logging.Log;
 import org.apache.commons.logging.LogFactory;
 import org.argeo.api.NodeConstants;
-import org.argeo.cms.auth.HttpRequestCallbackHandler;
+import org.argeo.cms.auth.RemoteAuthCallbackHandler;
+import org.argeo.cms.auth.RemoteAuthUtils;
 import org.argeo.cms.servlet.internal.HttpUtils;
 import org.osgi.framework.Bundle;
 import org.osgi.framework.FrameworkUtil;
@@ -44,7 +45,7 @@ public class CmsServletContext extends ServletContextHelper {
 		LoginContext lc;
 		try {
 			lc = new LoginContext(NodeConstants.LOGIN_CONTEXT_USER,
-					new HttpRequestCallbackHandler(new ServletHttpRequest(request), new ServletHttpResponse(response)));
+					new RemoteAuthCallbackHandler(new ServletHttpRequest(request), new ServletHttpResponse(response)));
 			lc.login();
 		} catch (LoginException e) {
 			lc = processUnauthorized(request, response);
@@ -61,7 +62,7 @@ public class CmsServletContext extends ServletContextHelper {
 			@Override
 			public Void run() {
 				// TODO also set login context in order to log out ?
-				ServletAuthUtils.configureRequestSecurity(new ServletHttpRequest(request));
+				RemoteAuthUtils.configureRequestSecurity(new ServletHttpRequest(request));
 				return null;
 			}
 
@@ -71,14 +72,14 @@ public class CmsServletContext extends ServletContextHelper {
 
 	@Override
 	public void finishSecurity(HttpServletRequest request, HttpServletResponse response) {
-		ServletAuthUtils.clearRequestSecurity(new ServletHttpRequest(request));
+		RemoteAuthUtils.clearRequestSecurity(new ServletHttpRequest(request));
 	}
 
 	protected LoginContext processUnauthorized(HttpServletRequest request, HttpServletResponse response) {
 		// anonymous
 		try {
 			LoginContext lc = new LoginContext(NodeConstants.LOGIN_CONTEXT_ANONYMOUS,
-					new HttpRequestCallbackHandler(new ServletHttpRequest(request), new ServletHttpResponse(response)));
+					new RemoteAuthCallbackHandler(new ServletHttpRequest(request), new ServletHttpResponse(response)));
 			lc.login();
 			return lc;
 		} catch (LoginException e1) {
diff --git a/org.argeo.cms.servlet/src/org/argeo/cms/servlet/ServletAuthUtils.java b/org.argeo.cms.servlet/src/org/argeo/cms/servlet/ServletAuthUtils.java
deleted file mode 100644
index 7719658d7..000000000
--- a/org.argeo.cms.servlet/src/org/argeo/cms/servlet/ServletAuthUtils.java
+++ /dev/null
@@ -1,66 +0,0 @@
-package org.argeo.cms.servlet;
-
-import java.security.AccessControlContext;
-import java.security.AccessController;
-import java.security.PrivilegedAction;
-import java.util.function.Supplier;
-
-import javax.security.auth.Subject;
-
-import org.argeo.api.cms.CmsSession;
-import org.argeo.cms.auth.CurrentUser;
-import org.argeo.cms.auth.HttpRequest;
-import org.argeo.cms.osgi.CmsOsgiUtils;
-import org.osgi.framework.BundleContext;
-import org.osgi.framework.FrameworkUtil;
-
-/** Authentications utilities when using servlets. */
-public class ServletAuthUtils {
-	static final String REMOTE_USER = "org.osgi.service.http.authentication.remote.user";
-	private static BundleContext bundleContext = FrameworkUtil.getBundle(ServletAuthUtils.class).getBundleContext();
-
-	/**
-	 * Execute this supplier, using the CMS class loader as context classloader.
-	 * Useful to log in to JCR.
-	 */
-	public final static <T> T doAs(Supplier<T> supplier, HttpRequest req) {
-		ClassLoader currentContextCl = Thread.currentThread().getContextClassLoader();
-		Thread.currentThread().setContextClassLoader(ServletAuthUtils.class.getClassLoader());
-		try {
-			return Subject.doAs(
-					Subject.getSubject((AccessControlContext) req.getAttribute(AccessControlContext.class.getName())),
-					new PrivilegedAction<T>() {
-
-						@Override
-						public T run() {
-							return supplier.get();
-						}
-
-					});
-		} finally {
-			Thread.currentThread().setContextClassLoader(currentContextCl);
-		}
-	}
-
-	public final static void configureRequestSecurity(HttpRequest req) {
-		if (req.getAttribute(AccessControlContext.class.getName()) != null)
-			throw new IllegalStateException("Request already authenticated.");
-		AccessControlContext acc = AccessController.getContext();
-		req.setAttribute(REMOTE_USER, CurrentUser.getUsername());
-		req.setAttribute(AccessControlContext.class.getName(), acc);
-	}
-
-	public final static void clearRequestSecurity(HttpRequest req) {
-		if (req.getAttribute(AccessControlContext.class.getName()) == null)
-			throw new IllegalStateException("Cannot clear non-authenticated request.");
-		req.setAttribute(REMOTE_USER, null);
-		req.setAttribute(AccessControlContext.class.getName(), null);
-	}
-
-	public static CmsSession getCmsSession(HttpRequest req) {
-		Subject subject = Subject
-				.getSubject((AccessControlContext) req.getAttribute(AccessControlContext.class.getName()));
-		CmsSession cmsSession = CmsOsgiUtils.getCmsSession(bundleContext, subject);
-		return cmsSession;
-	}
-}
diff --git a/org.argeo.cms.servlet/src/org/argeo/cms/servlet/ServletHttpRequest.java b/org.argeo.cms.servlet/src/org/argeo/cms/servlet/ServletHttpRequest.java
index 75a0d8782..95912e407 100644
--- a/org.argeo.cms.servlet/src/org/argeo/cms/servlet/ServletHttpRequest.java
+++ b/org.argeo.cms.servlet/src/org/argeo/cms/servlet/ServletHttpRequest.java
@@ -5,10 +5,10 @@ import java.util.Objects;
 
 import javax.servlet.http.HttpServletRequest;
 
-import org.argeo.cms.auth.HttpRequest;
-import org.argeo.cms.auth.HttpSession;
+import org.argeo.cms.auth.RemoteAuthRequest;
+import org.argeo.cms.auth.RemoteAuthSession;
 
-public class ServletHttpRequest implements HttpRequest {
+public class ServletHttpRequest implements RemoteAuthRequest {
 	private final HttpServletRequest request;
 
 	public ServletHttpRequest(HttpServletRequest request) {
@@ -17,12 +17,12 @@ public class ServletHttpRequest implements HttpRequest {
 	}
 
 	@Override
-	public HttpSession getSession() {
+	public RemoteAuthSession getSession() {
 		return new ServletHttpSession(request.getSession(false));
 	}
 
 	@Override
-	public HttpSession createSession() {
+	public RemoteAuthSession createSession() {
 		return new ServletHttpSession(request.getSession(true));
 	}
 
diff --git a/org.argeo.cms.servlet/src/org/argeo/cms/servlet/ServletHttpResponse.java b/org.argeo.cms.servlet/src/org/argeo/cms/servlet/ServletHttpResponse.java
index 6cbe2c44e..de47365ca 100644
--- a/org.argeo.cms.servlet/src/org/argeo/cms/servlet/ServletHttpResponse.java
+++ b/org.argeo.cms.servlet/src/org/argeo/cms/servlet/ServletHttpResponse.java
@@ -4,9 +4,9 @@ import java.util.Objects;
 
 import javax.servlet.http.HttpServletResponse;
 
-import org.argeo.cms.auth.HttpResponse;
+import org.argeo.cms.auth.RemoteAuthResponse;
 
-public class ServletHttpResponse implements HttpResponse {
+public class ServletHttpResponse implements RemoteAuthResponse {
 	private final HttpServletResponse response;
 
 	public ServletHttpResponse(HttpServletResponse response) {
diff --git a/org.argeo.cms.servlet/src/org/argeo/cms/servlet/ServletHttpSession.java b/org.argeo.cms.servlet/src/org/argeo/cms/servlet/ServletHttpSession.java
index 16537648b..8d087daa7 100644
--- a/org.argeo.cms.servlet/src/org/argeo/cms/servlet/ServletHttpSession.java
+++ b/org.argeo.cms.servlet/src/org/argeo/cms/servlet/ServletHttpSession.java
@@ -1,8 +1,8 @@
 package org.argeo.cms.servlet;
 
-import org.argeo.cms.auth.HttpSession;
+import org.argeo.cms.auth.RemoteAuthSession;
 
-public class ServletHttpSession implements HttpSession {
+public class ServletHttpSession implements RemoteAuthSession {
 	private javax.servlet.http.HttpSession session;
 
 	public ServletHttpSession(javax.servlet.http.HttpSession session) {
diff --git a/org.argeo.cms.swt/src/org/argeo/cms/swt/auth/CmsLogin.java b/org.argeo.cms.swt/src/org/argeo/cms/swt/auth/CmsLogin.java
index e4d08d728..66bccc07a 100644
--- a/org.argeo.cms.swt/src/org/argeo/cms/swt/auth/CmsLogin.java
+++ b/org.argeo.cms.swt/src/org/argeo/cms/swt/auth/CmsLogin.java
@@ -24,7 +24,7 @@ import org.argeo.api.NodeState;
 import org.argeo.api.cms.CmsView;
 import org.argeo.cms.CmsMsg;
 import org.argeo.cms.LocaleUtils;
-import org.argeo.cms.auth.HttpRequestCallback;
+import org.argeo.cms.auth.RemoteAuthCallback;
 import org.argeo.cms.servlet.ServletHttpRequest;
 import org.argeo.cms.servlet.ServletHttpResponse;
 import org.argeo.cms.swt.CmsStyles;
@@ -310,9 +310,9 @@ public class CmsLogin implements CmsStyles, CallbackHandler {
 				((NameCallback) callback).setName(usernameT.getText());
 			else if (callback instanceof PasswordCallback && passwordT != null)
 				((PasswordCallback) callback).setPassword(passwordT.getTextChars());
-			else if (callback instanceof HttpRequestCallback) {
-				((HttpRequestCallback) callback).setRequest(new ServletHttpRequest(UiContext.getHttpRequest()));
-				((HttpRequestCallback) callback).setResponse(new ServletHttpResponse(UiContext.getHttpResponse()));
+			else if (callback instanceof RemoteAuthCallback) {
+				((RemoteAuthCallback) callback).setRequest(new ServletHttpRequest(UiContext.getHttpRequest()));
+				((RemoteAuthCallback) callback).setResponse(new ServletHttpResponse(UiContext.getHttpResponse()));
 			} else if (callback instanceof LanguageCallback) {
 				Locale toUse = null;
 				if (localeChoice != null)
diff --git a/org.argeo.cms/src/org/argeo/cms/auth/AnonymousLoginModule.java b/org.argeo.cms/src/org/argeo/cms/auth/AnonymousLoginModule.java
index c5d067c08..0217eb8ef 100644
--- a/org.argeo.cms/src/org/argeo/cms/auth/AnonymousLoginModule.java
+++ b/org.argeo.cms/src/org/argeo/cms/auth/AnonymousLoginModule.java
@@ -48,7 +48,7 @@ public class AnonymousLoginModule implements LoginModule {
 	public boolean commit() throws LoginException {
 		UserAdmin userAdmin = bc.getService(bc.getServiceReference(UserAdmin.class));
 		Authorization authorization = userAdmin.getAuthorization(null);
-		HttpRequest request = (HttpRequest) sharedState.get(CmsAuthUtils.SHARED_STATE_HTTP_REQUEST);
+		RemoteAuthRequest request = (RemoteAuthRequest) sharedState.get(CmsAuthUtils.SHARED_STATE_HTTP_REQUEST);
 		Locale locale = Locale.getDefault();
 		if (request != null)
 			locale = request.getLocale();
diff --git a/org.argeo.cms/src/org/argeo/cms/auth/CmsAuthUtils.java b/org.argeo.cms/src/org/argeo/cms/auth/CmsAuthUtils.java
index 62888b153..33a9d7ae4 100644
--- a/org.argeo.cms/src/org/argeo/cms/auth/CmsAuthUtils.java
+++ b/org.argeo.cms/src/org/argeo/cms/auth/CmsAuthUtils.java
@@ -122,12 +122,12 @@ class CmsAuthUtils {
 	}
 
 	@SuppressWarnings("unused")
-	synchronized static void registerSessionAuthorization(HttpRequest request, Subject subject,
+	synchronized static void registerSessionAuthorization(RemoteAuthRequest request, Subject subject,
 			Authorization authorization, Locale locale) {
 		// synchronized in order to avoid multiple registrations
 		// TODO move it to a service in order to avoid static synchronization
 		if (request != null) {
-			HttpSession httpSession = request.getSession();
+			RemoteAuthSession httpSession = request.getSession();
 			assert httpSession != null;
 			String httpSessId = httpSession.getId();
 			boolean anonymous = authorization.getName() == null;
diff --git a/org.argeo.cms/src/org/argeo/cms/auth/HttpRequest.java b/org.argeo.cms/src/org/argeo/cms/auth/HttpRequest.java
deleted file mode 100644
index 447225515..000000000
--- a/org.argeo.cms/src/org/argeo/cms/auth/HttpRequest.java
+++ /dev/null
@@ -1,25 +0,0 @@
-package org.argeo.cms.auth;
-
-import java.util.Locale;
-
-/** Transitional interface to decouple from the Servlet API. */
-public interface HttpRequest {
-	HttpSession getSession();
-
-	HttpSession createSession();
-
-	Locale getLocale();
-
-	Object getAttribute(String key);
-
-	void setAttribute(String key, Object object);
-
-	String getHeader(String key);
-
-	String getRemoteAddr();
-
-	int getLocalPort();
-
-	int getRemotePort();
-
-}
diff --git a/org.argeo.cms/src/org/argeo/cms/auth/HttpRequestCallback.java b/org.argeo.cms/src/org/argeo/cms/auth/HttpRequestCallback.java
deleted file mode 100644
index 38e12c0c6..000000000
--- a/org.argeo.cms/src/org/argeo/cms/auth/HttpRequestCallback.java
+++ /dev/null
@@ -1,35 +0,0 @@
-package org.argeo.cms.auth;
-
-import javax.security.auth.callback.Callback;
-
-/** Retrieves credentials from an HTTP request. */
-public class HttpRequestCallback implements Callback {
-	private HttpRequest request;
-	private HttpResponse response;
-	private HttpSession httpSession;
-
-	public HttpRequest getRequest() {
-		return request;
-	}
-
-	public void setRequest(HttpRequest request) {
-		this.request = request;
-	}
-
-	public HttpResponse getResponse() {
-		return response;
-	}
-
-	public void setResponse(HttpResponse response) {
-		this.response = response;
-	}
-
-	public HttpSession getHttpSession() {
-		return httpSession;
-	}
-
-	public void setHttpSession(HttpSession httpSession) {
-		this.httpSession = httpSession;
-	}
-
-}
diff --git a/org.argeo.cms/src/org/argeo/cms/auth/HttpRequestCallbackHandler.java b/org.argeo.cms/src/org/argeo/cms/auth/HttpRequestCallbackHandler.java
deleted file mode 100644
index 934fdd96b..000000000
--- a/org.argeo.cms/src/org/argeo/cms/auth/HttpRequestCallbackHandler.java
+++ /dev/null
@@ -1,43 +0,0 @@
-package org.argeo.cms.auth;
-
-import java.io.IOException;
-
-import javax.security.auth.callback.Callback;
-import javax.security.auth.callback.CallbackHandler;
-import javax.security.auth.callback.LanguageCallback;
-import javax.security.auth.callback.UnsupportedCallbackException;
-
-/**
- * Callback handler populating {@link HttpRequestCallback}s with the provided
- * {@link HttpServletRequest}, and ignoring any other callback.
- */
-public class HttpRequestCallbackHandler implements CallbackHandler {
-	final private HttpRequest request;
-	final private HttpResponse response;
-	final private HttpSession httpSession;
-
-	public HttpRequestCallbackHandler(HttpRequest request, HttpResponse response) {
-		this.request = request;
-		this.httpSession = request.getSession();
-		this.response = response;
-	}
-
-	public HttpRequestCallbackHandler(HttpSession httpSession) {
-		this.httpSession = httpSession;
-		this.request = null;
-		this.response = null;
-	}
-
-	@Override
-	public void handle(Callback[] callbacks) throws IOException, UnsupportedCallbackException {
-		for (Callback callback : callbacks)
-			if (callback instanceof HttpRequestCallback) {
-				((HttpRequestCallback) callback).setRequest(request);
-				((HttpRequestCallback) callback).setResponse(response);
-				((HttpRequestCallback) callback).setHttpSession(httpSession);
-			} else if (callback instanceof LanguageCallback) {
-				((LanguageCallback) callback).setLocale(request.getLocale());
-			}
-	}
-
-}
diff --git a/org.argeo.cms/src/org/argeo/cms/auth/HttpResponse.java b/org.argeo.cms/src/org/argeo/cms/auth/HttpResponse.java
deleted file mode 100644
index 67bad55c4..000000000
--- a/org.argeo.cms/src/org/argeo/cms/auth/HttpResponse.java
+++ /dev/null
@@ -1,7 +0,0 @@
-package org.argeo.cms.auth;
-
-/** Transitional interface to decouple from the Servlet API. */
-public interface HttpResponse {
-	void setHeader(String keys, String value);
-
-}
diff --git a/org.argeo.cms/src/org/argeo/cms/auth/HttpSession.java b/org.argeo.cms/src/org/argeo/cms/auth/HttpSession.java
deleted file mode 100644
index c7e52c128..000000000
--- a/org.argeo.cms/src/org/argeo/cms/auth/HttpSession.java
+++ /dev/null
@@ -1,8 +0,0 @@
-package org.argeo.cms.auth;
-
-/** Transitional interface to decouple from the Servlet API. */
-public interface HttpSession {
-	boolean isValid();
-
-	String getId();
-}
diff --git a/org.argeo.cms/src/org/argeo/cms/auth/HttpSessionLoginModule.java b/org.argeo.cms/src/org/argeo/cms/auth/HttpSessionLoginModule.java
deleted file mode 100644
index 8cc3941bc..000000000
--- a/org.argeo.cms/src/org/argeo/cms/auth/HttpSessionLoginModule.java
+++ /dev/null
@@ -1,229 +0,0 @@
-package org.argeo.cms.auth;
-
-import java.io.IOException;
-import java.security.cert.X509Certificate;
-import java.util.Base64;
-import java.util.Locale;
-import java.util.Map;
-import java.util.StringTokenizer;
-
-import javax.security.auth.Subject;
-import javax.security.auth.callback.Callback;
-import javax.security.auth.callback.CallbackHandler;
-import javax.security.auth.callback.UnsupportedCallbackException;
-import javax.security.auth.login.LoginException;
-import javax.security.auth.spi.LoginModule;
-
-import org.apache.commons.logging.Log;
-import org.apache.commons.logging.LogFactory;
-import org.argeo.cms.internal.auth.CmsSessionImpl;
-import org.argeo.cms.internal.kernel.Activator;
-import org.osgi.framework.BundleContext;
-import org.osgi.framework.FrameworkUtil;
-import org.osgi.service.http.HttpContext;
-import org.osgi.service.useradmin.Authorization;
-
-/** Use the HTTP session as the basis for authentication. */
-public class HttpSessionLoginModule implements LoginModule {
-	private final static Log log = LogFactory.getLog(HttpSessionLoginModule.class);
-
-	private Subject subject = null;
-	private CallbackHandler callbackHandler = null;
-	private Map<String, Object> sharedState = null;
-
-	private HttpRequest request = null;
-	private HttpResponse response = null;
-
-	private BundleContext bc;
-
-	private Authorization authorization;
-	private Locale locale;
-
-	@SuppressWarnings("unchecked")
-	@Override
-	public void initialize(Subject subject, CallbackHandler callbackHandler, Map<String, ?> sharedState,
-			Map<String, ?> options) {
-		bc = FrameworkUtil.getBundle(HttpSessionLoginModule.class).getBundleContext();
-		assert bc != null;
-		this.subject = subject;
-		this.callbackHandler = callbackHandler;
-		this.sharedState = (Map<String, Object>) sharedState;
-	}
-
-	@Override
-	public boolean login() throws LoginException {
-		if (callbackHandler == null)
-			return false;
-		HttpRequestCallback httpCallback = new HttpRequestCallback();
-		try {
-			callbackHandler.handle(new Callback[] { httpCallback });
-		} catch (IOException e) {
-			throw new LoginException("Cannot handle http callback: " + e.getMessage());
-		} catch (UnsupportedCallbackException e) {
-			return false;
-		}
-		request = httpCallback.getRequest();
-		if (request == null) {
-			HttpSession httpSession = httpCallback.getHttpSession();
-			if (httpSession == null)
-				return false;
-			// TODO factorize with below
-			String httpSessionId = httpSession.getId();
-//			if (log.isTraceEnabled())
-//				log.trace("HTTP login: " + request.getPathInfo() + " #" + httpSessionId);
-			CmsSessionImpl cmsSession = CmsAuthUtils.cmsSessionFromHttpSession(bc, httpSessionId);
-			if (cmsSession != null) {
-				authorization = cmsSession.getAuthorization();
-				locale = cmsSession.getLocale();
-				if (log.isTraceEnabled())
-					log.trace("Retrieved authorization from " + cmsSession);
-			}
-		} else {
-			authorization = (Authorization) request.getAttribute(HttpContext.AUTHORIZATION);
-			if (authorization == null) {// search by session ID
-				HttpSession httpSession = request.getSession();
-				if (httpSession == null) {
-					// TODO make sure this is always safe
-					if (log.isTraceEnabled())
-						log.trace("Create http session");
-					httpSession = request.createSession();
-				}
-				String httpSessionId = httpSession.getId();
-//				if (log.isTraceEnabled())
-//					log.trace("HTTP login: " + request.getPathInfo() + " #" + httpSessionId);
-				CmsSessionImpl cmsSession = CmsAuthUtils.cmsSessionFromHttpSession(bc, httpSessionId);
-				if (cmsSession != null) {
-					authorization = cmsSession.getAuthorization();
-					locale = cmsSession.getLocale();
-					if (log.isTraceEnabled())
-						log.trace("Retrieved authorization from " + cmsSession);
-				}
-			}
-			sharedState.put(CmsAuthUtils.SHARED_STATE_HTTP_REQUEST, request);
-			extractHttpAuth(request);
-			extractClientCertificate(request);
-		}
-		if (authorization == null) {
-			if (log.isTraceEnabled())
-				log.trace("HTTP login: " + false);
-			return false;
-		} else {
-			if (log.isTraceEnabled())
-				log.trace("HTTP login: " + true);
-			request.setAttribute(HttpContext.AUTHORIZATION, authorization);
-			return true;
-		}
-	}
-
-	@Override
-	public boolean commit() throws LoginException {
-		byte[] outToken = (byte[]) sharedState.get(CmsAuthUtils.SHARED_STATE_SPNEGO_OUT_TOKEN);
-		if (outToken != null) {
-			response.setHeader(CmsAuthUtils.HEADER_WWW_AUTHENTICATE,
-					"Negotiate " + java.util.Base64.getEncoder().encodeToString(outToken));
-		}
-
-		if (authorization != null) {
-			// Locale locale = request.getLocale();
-			if (locale == null && request != null)
-				locale = request.getLocale();
-			if (locale != null)
-				subject.getPublicCredentials().add(locale);
-			CmsAuthUtils.addAuthorization(subject, authorization);
-			CmsAuthUtils.registerSessionAuthorization(request, subject, authorization, locale);
-			cleanUp();
-			return true;
-		} else {
-			cleanUp();
-			return false;
-		}
-	}
-
-	@Override
-	public boolean abort() throws LoginException {
-		cleanUp();
-		return false;
-	}
-
-	private void cleanUp() {
-		authorization = null;
-		request = null;
-	}
-
-	@Override
-	public boolean logout() throws LoginException {
-		cleanUp();
-		return true;
-	}
-
-	private void extractHttpAuth(final HttpRequest httpRequest) {
-		String authHeader = httpRequest.getHeader(CmsAuthUtils.HEADER_AUTHORIZATION);
-		extractHttpAuth(authHeader);
-	}
-
-	private void extractHttpAuth(String authHeader) {
-		if (authHeader != null) {
-			StringTokenizer st = new StringTokenizer(authHeader);
-			if (st.hasMoreTokens()) {
-				String basic = st.nextToken();
-				if (basic.equalsIgnoreCase("Basic")) {
-					try {
-						// TODO manipulate char[]
-						Base64.Decoder decoder = Base64.getDecoder();
-						String credentials = new String(decoder.decode(st.nextToken()), "UTF-8");
-						// log.debug("Credentials: " + credentials);
-						int p = credentials.indexOf(":");
-						if (p != -1) {
-							final String login = credentials.substring(0, p).trim();
-							final char[] password = credentials.substring(p + 1).trim().toCharArray();
-							sharedState.put(CmsAuthUtils.SHARED_STATE_NAME, login);
-							sharedState.put(CmsAuthUtils.SHARED_STATE_PWD, password);
-						} else {
-							throw new IllegalStateException("Invalid authentication token");
-						}
-					} catch (Exception e) {
-						throw new IllegalStateException("Couldn't retrieve authentication", e);
-					}
-				} else if (basic.equalsIgnoreCase("Negotiate")) {
-					String spnegoToken = st.nextToken();
-					Base64.Decoder decoder = Base64.getDecoder();
-					byte[] authToken = decoder.decode(spnegoToken);
-					sharedState.put(CmsAuthUtils.SHARED_STATE_SPNEGO_TOKEN, authToken);
-				}
-			}
-		}
-
-		// auth token
-		// String mail = request.getParameter(LdapAttrs.mail.name());
-		// String authPassword = request.getParameter(LdapAttrs.authPassword.name());
-		// if (authPassword != null) {
-		// sharedState.put(CmsAuthUtils.SHARED_STATE_PWD, authPassword);
-		// if (mail != null)
-		// sharedState.put(CmsAuthUtils.SHARED_STATE_NAME, mail);
-		// }
-	}
-
-	private void extractClientCertificate(HttpRequest req) {
-		X509Certificate[] certs = (X509Certificate[]) req.getAttribute("javax.servlet.request.X509Certificate");
-		if (null != certs && certs.length > 0) {// Servlet container verified the client certificate
-			String certDn = certs[0].getSubjectX500Principal().getName();
-			sharedState.put(CmsAuthUtils.SHARED_STATE_NAME, certDn);
-			sharedState.put(CmsAuthUtils.SHARED_STATE_CERTIFICATE_CHAIN, certs);
-			if (log.isDebugEnabled())
-				log.debug("Client certificate " + certDn + " verified by servlet container");
-		} // Reverse proxy verified the client certificate
-		String clientDnHttpHeader = Activator.getHttpProxySslHeader();
-		if (clientDnHttpHeader != null) {
-			String certDn = req.getHeader(clientDnHttpHeader);
-			// TODO retrieve more cf. https://httpd.apache.org/docs/current/mod/mod_ssl.html
-			// String issuerDn = req.getHeader("SSL_CLIENT_I_DN");
-			if (certDn != null && !certDn.trim().equals("(null)")) {
-				sharedState.put(CmsAuthUtils.SHARED_STATE_NAME, certDn);
-				sharedState.put(CmsAuthUtils.SHARED_STATE_CERTIFICATE_CHAIN, "");
-				if (log.isDebugEnabled())
-					log.debug("Client certificate " + certDn + " verified by reverse proxy");
-			}
-		}
-	}
-
-}
diff --git a/org.argeo.cms/src/org/argeo/cms/auth/IdentLoginModule.java b/org.argeo.cms/src/org/argeo/cms/auth/IdentLoginModule.java
index f5e4085c3..32219dd87 100644
--- a/org.argeo.cms/src/org/argeo/cms/auth/IdentLoginModule.java
+++ b/org.argeo.cms/src/org/argeo/cms/auth/IdentLoginModule.java
@@ -34,7 +34,7 @@ public class IdentLoginModule implements LoginModule {
 	public boolean login() throws LoginException {
 		if (callbackHandler == null)
 			return false;
-		HttpRequestCallback httpCallback = new HttpRequestCallback();
+		RemoteAuthCallback httpCallback = new RemoteAuthCallback();
 		try {
 			callbackHandler.handle(new Callback[] { httpCallback });
 		} catch (IOException e) {
@@ -42,7 +42,7 @@ public class IdentLoginModule implements LoginModule {
 		} catch (UnsupportedCallbackException e) {
 			return false;
 		}
-		HttpRequest request = httpCallback.getRequest();
+		RemoteAuthRequest request = httpCallback.getRequest();
 		if (request == null)
 			return false;
 		IdentClient identClient = Activator.getIdentClient(request.getRemoteAddr());
diff --git a/org.argeo.cms/src/org/argeo/cms/auth/RemoteAuthCallback.java b/org.argeo.cms/src/org/argeo/cms/auth/RemoteAuthCallback.java
new file mode 100644
index 000000000..d19bac8bc
--- /dev/null
+++ b/org.argeo.cms/src/org/argeo/cms/auth/RemoteAuthCallback.java
@@ -0,0 +1,35 @@
+package org.argeo.cms.auth;
+
+import javax.security.auth.callback.Callback;
+
+/** Retrieves credentials from an HTTP request. */
+public class RemoteAuthCallback implements Callback {
+	private RemoteAuthRequest request;
+	private RemoteAuthResponse response;
+	private RemoteAuthSession httpSession;
+
+	public RemoteAuthRequest getRequest() {
+		return request;
+	}
+
+	public void setRequest(RemoteAuthRequest request) {
+		this.request = request;
+	}
+
+	public RemoteAuthResponse getResponse() {
+		return response;
+	}
+
+	public void setResponse(RemoteAuthResponse response) {
+		this.response = response;
+	}
+
+	public RemoteAuthSession getHttpSession() {
+		return httpSession;
+	}
+
+	public void setHttpSession(RemoteAuthSession httpSession) {
+		this.httpSession = httpSession;
+	}
+
+}
diff --git a/org.argeo.cms/src/org/argeo/cms/auth/RemoteAuthCallbackHandler.java b/org.argeo.cms/src/org/argeo/cms/auth/RemoteAuthCallbackHandler.java
new file mode 100644
index 000000000..68d126b0b
--- /dev/null
+++ b/org.argeo.cms/src/org/argeo/cms/auth/RemoteAuthCallbackHandler.java
@@ -0,0 +1,43 @@
+package org.argeo.cms.auth;
+
+import java.io.IOException;
+
+import javax.security.auth.callback.Callback;
+import javax.security.auth.callback.CallbackHandler;
+import javax.security.auth.callback.LanguageCallback;
+import javax.security.auth.callback.UnsupportedCallbackException;
+
+/**
+ * Callback handler populating {@link RemoteAuthCallback}s with the provided
+ * {@link HttpServletRequest}, and ignoring any other callback.
+ */
+public class RemoteAuthCallbackHandler implements CallbackHandler {
+	final private RemoteAuthRequest request;
+	final private RemoteAuthResponse response;
+	final private RemoteAuthSession httpSession;
+
+	public RemoteAuthCallbackHandler(RemoteAuthRequest request, RemoteAuthResponse response) {
+		this.request = request;
+		this.httpSession = request.getSession();
+		this.response = response;
+	}
+
+	public RemoteAuthCallbackHandler(RemoteAuthSession httpSession) {
+		this.httpSession = httpSession;
+		this.request = null;
+		this.response = null;
+	}
+
+	@Override
+	public void handle(Callback[] callbacks) throws IOException, UnsupportedCallbackException {
+		for (Callback callback : callbacks)
+			if (callback instanceof RemoteAuthCallback) {
+				((RemoteAuthCallback) callback).setRequest(request);
+				((RemoteAuthCallback) callback).setResponse(response);
+				((RemoteAuthCallback) callback).setHttpSession(httpSession);
+			} else if (callback instanceof LanguageCallback) {
+				((LanguageCallback) callback).setLocale(request.getLocale());
+			}
+	}
+
+}
diff --git a/org.argeo.cms/src/org/argeo/cms/auth/RemoteAuthRequest.java b/org.argeo.cms/src/org/argeo/cms/auth/RemoteAuthRequest.java
new file mode 100644
index 000000000..2d1d14b4e
--- /dev/null
+++ b/org.argeo.cms/src/org/argeo/cms/auth/RemoteAuthRequest.java
@@ -0,0 +1,25 @@
+package org.argeo.cms.auth;
+
+import java.util.Locale;
+
+/** Transitional interface to decouple from the Servlet API. */
+public interface RemoteAuthRequest {
+	RemoteAuthSession getSession();
+
+	RemoteAuthSession createSession();
+
+	Locale getLocale();
+
+	Object getAttribute(String key);
+
+	void setAttribute(String key, Object object);
+
+	String getHeader(String key);
+
+	String getRemoteAddr();
+
+	int getLocalPort();
+
+	int getRemotePort();
+
+}
diff --git a/org.argeo.cms/src/org/argeo/cms/auth/RemoteAuthResponse.java b/org.argeo.cms/src/org/argeo/cms/auth/RemoteAuthResponse.java
new file mode 100644
index 000000000..f91b6c5de
--- /dev/null
+++ b/org.argeo.cms/src/org/argeo/cms/auth/RemoteAuthResponse.java
@@ -0,0 +1,7 @@
+package org.argeo.cms.auth;
+
+/** Transitional interface to decouple from the Servlet API. */
+public interface RemoteAuthResponse {
+	void setHeader(String keys, String value);
+
+}
diff --git a/org.argeo.cms/src/org/argeo/cms/auth/RemoteAuthSession.java b/org.argeo.cms/src/org/argeo/cms/auth/RemoteAuthSession.java
new file mode 100644
index 000000000..6708285b6
--- /dev/null
+++ b/org.argeo.cms/src/org/argeo/cms/auth/RemoteAuthSession.java
@@ -0,0 +1,8 @@
+package org.argeo.cms.auth;
+
+/** Transitional interface to decouple from the Servlet API. */
+public interface RemoteAuthSession {
+	boolean isValid();
+
+	String getId();
+}
diff --git a/org.argeo.cms/src/org/argeo/cms/auth/RemoteAuthUtils.java b/org.argeo.cms/src/org/argeo/cms/auth/RemoteAuthUtils.java
new file mode 100644
index 000000000..d51997d74
--- /dev/null
+++ b/org.argeo.cms/src/org/argeo/cms/auth/RemoteAuthUtils.java
@@ -0,0 +1,64 @@
+package org.argeo.cms.auth;
+
+import java.security.AccessControlContext;
+import java.security.AccessController;
+import java.security.PrivilegedAction;
+import java.util.function.Supplier;
+
+import javax.security.auth.Subject;
+
+import org.argeo.api.cms.CmsSession;
+import org.argeo.cms.osgi.CmsOsgiUtils;
+import org.osgi.framework.BundleContext;
+import org.osgi.framework.FrameworkUtil;
+
+/** Remote authentication utilities. */
+public class RemoteAuthUtils {
+	static final String REMOTE_USER = "org.osgi.service.http.authentication.remote.user";
+	private static BundleContext bundleContext = FrameworkUtil.getBundle(RemoteAuthUtils.class).getBundleContext();
+
+	/**
+	 * Execute this supplier, using the CMS class loader as context classloader.
+	 * Useful to log in to JCR.
+	 */
+	public final static <T> T doAs(Supplier<T> supplier, RemoteAuthRequest req) {
+		ClassLoader currentContextCl = Thread.currentThread().getContextClassLoader();
+		Thread.currentThread().setContextClassLoader(RemoteAuthUtils.class.getClassLoader());
+		try {
+			return Subject.doAs(
+					Subject.getSubject((AccessControlContext) req.getAttribute(AccessControlContext.class.getName())),
+					new PrivilegedAction<T>() {
+
+						@Override
+						public T run() {
+							return supplier.get();
+						}
+
+					});
+		} finally {
+			Thread.currentThread().setContextClassLoader(currentContextCl);
+		}
+	}
+
+	public final static void configureRequestSecurity(RemoteAuthRequest req) {
+		if (req.getAttribute(AccessControlContext.class.getName()) != null)
+			throw new IllegalStateException("Request already authenticated.");
+		AccessControlContext acc = AccessController.getContext();
+		req.setAttribute(REMOTE_USER, CurrentUser.getUsername());
+		req.setAttribute(AccessControlContext.class.getName(), acc);
+	}
+
+	public final static void clearRequestSecurity(RemoteAuthRequest req) {
+		if (req.getAttribute(AccessControlContext.class.getName()) == null)
+			throw new IllegalStateException("Cannot clear non-authenticated request.");
+		req.setAttribute(REMOTE_USER, null);
+		req.setAttribute(AccessControlContext.class.getName(), null);
+	}
+
+	public static CmsSession getCmsSession(RemoteAuthRequest req) {
+		Subject subject = Subject
+				.getSubject((AccessControlContext) req.getAttribute(AccessControlContext.class.getName()));
+		CmsSession cmsSession = CmsOsgiUtils.getCmsSession(bundleContext, subject);
+		return cmsSession;
+	}
+}
diff --git a/org.argeo.cms/src/org/argeo/cms/auth/RemoteSessionLoginModule.java b/org.argeo.cms/src/org/argeo/cms/auth/RemoteSessionLoginModule.java
new file mode 100644
index 000000000..ecbc844b5
--- /dev/null
+++ b/org.argeo.cms/src/org/argeo/cms/auth/RemoteSessionLoginModule.java
@@ -0,0 +1,229 @@
+package org.argeo.cms.auth;
+
+import java.io.IOException;
+import java.security.cert.X509Certificate;
+import java.util.Base64;
+import java.util.Locale;
+import java.util.Map;
+import java.util.StringTokenizer;
+
+import javax.security.auth.Subject;
+import javax.security.auth.callback.Callback;
+import javax.security.auth.callback.CallbackHandler;
+import javax.security.auth.callback.UnsupportedCallbackException;
+import javax.security.auth.login.LoginException;
+import javax.security.auth.spi.LoginModule;
+
+import org.apache.commons.logging.Log;
+import org.apache.commons.logging.LogFactory;
+import org.argeo.cms.internal.auth.CmsSessionImpl;
+import org.argeo.cms.internal.kernel.Activator;
+import org.osgi.framework.BundleContext;
+import org.osgi.framework.FrameworkUtil;
+import org.osgi.service.http.HttpContext;
+import org.osgi.service.useradmin.Authorization;
+
+/** Use the HTTP session as the basis for authentication. */
+public class RemoteSessionLoginModule implements LoginModule {
+	private final static Log log = LogFactory.getLog(RemoteSessionLoginModule.class);
+
+	private Subject subject = null;
+	private CallbackHandler callbackHandler = null;
+	private Map<String, Object> sharedState = null;
+
+	private RemoteAuthRequest request = null;
+	private RemoteAuthResponse response = null;
+
+	private BundleContext bc;
+
+	private Authorization authorization;
+	private Locale locale;
+
+	@SuppressWarnings("unchecked")
+	@Override
+	public void initialize(Subject subject, CallbackHandler callbackHandler, Map<String, ?> sharedState,
+			Map<String, ?> options) {
+		bc = FrameworkUtil.getBundle(RemoteSessionLoginModule.class).getBundleContext();
+		assert bc != null;
+		this.subject = subject;
+		this.callbackHandler = callbackHandler;
+		this.sharedState = (Map<String, Object>) sharedState;
+	}
+
+	@Override
+	public boolean login() throws LoginException {
+		if (callbackHandler == null)
+			return false;
+		RemoteAuthCallback httpCallback = new RemoteAuthCallback();
+		try {
+			callbackHandler.handle(new Callback[] { httpCallback });
+		} catch (IOException e) {
+			throw new LoginException("Cannot handle http callback: " + e.getMessage());
+		} catch (UnsupportedCallbackException e) {
+			return false;
+		}
+		request = httpCallback.getRequest();
+		if (request == null) {
+			RemoteAuthSession httpSession = httpCallback.getHttpSession();
+			if (httpSession == null)
+				return false;
+			// TODO factorize with below
+			String httpSessionId = httpSession.getId();
+//			if (log.isTraceEnabled())
+//				log.trace("HTTP login: " + request.getPathInfo() + " #" + httpSessionId);
+			CmsSessionImpl cmsSession = CmsAuthUtils.cmsSessionFromHttpSession(bc, httpSessionId);
+			if (cmsSession != null) {
+				authorization = cmsSession.getAuthorization();
+				locale = cmsSession.getLocale();
+				if (log.isTraceEnabled())
+					log.trace("Retrieved authorization from " + cmsSession);
+			}
+		} else {
+			authorization = (Authorization) request.getAttribute(HttpContext.AUTHORIZATION);
+			if (authorization == null) {// search by session ID
+				RemoteAuthSession httpSession = request.getSession();
+				if (httpSession == null) {
+					// TODO make sure this is always safe
+					if (log.isTraceEnabled())
+						log.trace("Create http session");
+					httpSession = request.createSession();
+				}
+				String httpSessionId = httpSession.getId();
+//				if (log.isTraceEnabled())
+//					log.trace("HTTP login: " + request.getPathInfo() + " #" + httpSessionId);
+				CmsSessionImpl cmsSession = CmsAuthUtils.cmsSessionFromHttpSession(bc, httpSessionId);
+				if (cmsSession != null) {
+					authorization = cmsSession.getAuthorization();
+					locale = cmsSession.getLocale();
+					if (log.isTraceEnabled())
+						log.trace("Retrieved authorization from " + cmsSession);
+				}
+			}
+			sharedState.put(CmsAuthUtils.SHARED_STATE_HTTP_REQUEST, request);
+			extractHttpAuth(request);
+			extractClientCertificate(request);
+		}
+		if (authorization == null) {
+			if (log.isTraceEnabled())
+				log.trace("HTTP login: " + false);
+			return false;
+		} else {
+			if (log.isTraceEnabled())
+				log.trace("HTTP login: " + true);
+			request.setAttribute(HttpContext.AUTHORIZATION, authorization);
+			return true;
+		}
+	}
+
+	@Override
+	public boolean commit() throws LoginException {
+		byte[] outToken = (byte[]) sharedState.get(CmsAuthUtils.SHARED_STATE_SPNEGO_OUT_TOKEN);
+		if (outToken != null) {
+			response.setHeader(CmsAuthUtils.HEADER_WWW_AUTHENTICATE,
+					"Negotiate " + java.util.Base64.getEncoder().encodeToString(outToken));
+		}
+
+		if (authorization != null) {
+			// Locale locale = request.getLocale();
+			if (locale == null && request != null)
+				locale = request.getLocale();
+			if (locale != null)
+				subject.getPublicCredentials().add(locale);
+			CmsAuthUtils.addAuthorization(subject, authorization);
+			CmsAuthUtils.registerSessionAuthorization(request, subject, authorization, locale);
+			cleanUp();
+			return true;
+		} else {
+			cleanUp();
+			return false;
+		}
+	}
+
+	@Override
+	public boolean abort() throws LoginException {
+		cleanUp();
+		return false;
+	}
+
+	private void cleanUp() {
+		authorization = null;
+		request = null;
+	}
+
+	@Override
+	public boolean logout() throws LoginException {
+		cleanUp();
+		return true;
+	}
+
+	private void extractHttpAuth(final RemoteAuthRequest httpRequest) {
+		String authHeader = httpRequest.getHeader(CmsAuthUtils.HEADER_AUTHORIZATION);
+		extractHttpAuth(authHeader);
+	}
+
+	private void extractHttpAuth(String authHeader) {
+		if (authHeader != null) {
+			StringTokenizer st = new StringTokenizer(authHeader);
+			if (st.hasMoreTokens()) {
+				String basic = st.nextToken();
+				if (basic.equalsIgnoreCase("Basic")) {
+					try {
+						// TODO manipulate char[]
+						Base64.Decoder decoder = Base64.getDecoder();
+						String credentials = new String(decoder.decode(st.nextToken()), "UTF-8");
+						// log.debug("Credentials: " + credentials);
+						int p = credentials.indexOf(":");
+						if (p != -1) {
+							final String login = credentials.substring(0, p).trim();
+							final char[] password = credentials.substring(p + 1).trim().toCharArray();
+							sharedState.put(CmsAuthUtils.SHARED_STATE_NAME, login);
+							sharedState.put(CmsAuthUtils.SHARED_STATE_PWD, password);
+						} else {
+							throw new IllegalStateException("Invalid authentication token");
+						}
+					} catch (Exception e) {
+						throw new IllegalStateException("Couldn't retrieve authentication", e);
+					}
+				} else if (basic.equalsIgnoreCase("Negotiate")) {
+					String spnegoToken = st.nextToken();
+					Base64.Decoder decoder = Base64.getDecoder();
+					byte[] authToken = decoder.decode(spnegoToken);
+					sharedState.put(CmsAuthUtils.SHARED_STATE_SPNEGO_TOKEN, authToken);
+				}
+			}
+		}
+
+		// auth token
+		// String mail = request.getParameter(LdapAttrs.mail.name());
+		// String authPassword = request.getParameter(LdapAttrs.authPassword.name());
+		// if (authPassword != null) {
+		// sharedState.put(CmsAuthUtils.SHARED_STATE_PWD, authPassword);
+		// if (mail != null)
+		// sharedState.put(CmsAuthUtils.SHARED_STATE_NAME, mail);
+		// }
+	}
+
+	private void extractClientCertificate(RemoteAuthRequest req) {
+		X509Certificate[] certs = (X509Certificate[]) req.getAttribute("javax.servlet.request.X509Certificate");
+		if (null != certs && certs.length > 0) {// Servlet container verified the client certificate
+			String certDn = certs[0].getSubjectX500Principal().getName();
+			sharedState.put(CmsAuthUtils.SHARED_STATE_NAME, certDn);
+			sharedState.put(CmsAuthUtils.SHARED_STATE_CERTIFICATE_CHAIN, certs);
+			if (log.isDebugEnabled())
+				log.debug("Client certificate " + certDn + " verified by servlet container");
+		} // Reverse proxy verified the client certificate
+		String clientDnHttpHeader = Activator.getHttpProxySslHeader();
+		if (clientDnHttpHeader != null) {
+			String certDn = req.getHeader(clientDnHttpHeader);
+			// TODO retrieve more cf. https://httpd.apache.org/docs/current/mod/mod_ssl.html
+			// String issuerDn = req.getHeader("SSL_CLIENT_I_DN");
+			if (certDn != null && !certDn.trim().equals("(null)")) {
+				sharedState.put(CmsAuthUtils.SHARED_STATE_NAME, certDn);
+				sharedState.put(CmsAuthUtils.SHARED_STATE_CERTIFICATE_CHAIN, "");
+				if (log.isDebugEnabled())
+					log.debug("Client certificate " + certDn + " verified by reverse proxy");
+			}
+		}
+	}
+
+}
diff --git a/org.argeo.cms/src/org/argeo/cms/auth/SingleUserLoginModule.java b/org.argeo.cms/src/org/argeo/cms/auth/SingleUserLoginModule.java
index 5d46839e0..649ecc464 100644
--- a/org.argeo.cms/src/org/argeo/cms/auth/SingleUserLoginModule.java
+++ b/org.argeo.cms/src/org/argeo/cms/auth/SingleUserLoginModule.java
@@ -67,7 +67,7 @@ public class SingleUserLoginModule implements LoginModule {
 			authorizationName = principal.getName();
 		}
 
-		HttpRequest request = (HttpRequest) sharedState.get(CmsAuthUtils.SHARED_STATE_HTTP_REQUEST);
+		RemoteAuthRequest request = (RemoteAuthRequest) sharedState.get(CmsAuthUtils.SHARED_STATE_HTTP_REQUEST);
 		Locale locale = Locale.getDefault();
 		if (request != null)
 			locale = request.getLocale();
diff --git a/org.argeo.cms/src/org/argeo/cms/auth/UserAdminLoginModule.java b/org.argeo.cms/src/org/argeo/cms/auth/UserAdminLoginModule.java
index d526f4fc2..188e86058 100644
--- a/org.argeo.cms/src/org/argeo/cms/auth/UserAdminLoginModule.java
+++ b/org.argeo.cms/src/org/argeo/cms/auth/UserAdminLoginModule.java
@@ -252,7 +252,7 @@ public class UserAdminLoginModule implements LoginModule {
 		}
 
 		// Log and monitor new login
-		HttpRequest request = (HttpRequest) sharedState.get(CmsAuthUtils.SHARED_STATE_HTTP_REQUEST);
+		RemoteAuthRequest request = (RemoteAuthRequest) sharedState.get(CmsAuthUtils.SHARED_STATE_HTTP_REQUEST);
 		CmsAuthUtils.addAuthorization(subject, authorization);
 
 		// Unlock keyring (underlying login to the JCR repository)
diff --git a/org.argeo.cms/src/org/argeo/cms/internal/http/WebCmsSessionImpl.java b/org.argeo.cms/src/org/argeo/cms/internal/http/WebCmsSessionImpl.java
index 03fb82faa..fd51c597a 100644
--- a/org.argeo.cms/src/org/argeo/cms/internal/http/WebCmsSessionImpl.java
+++ b/org.argeo.cms/src/org/argeo/cms/internal/http/WebCmsSessionImpl.java
@@ -4,18 +4,18 @@ import java.util.Locale;
 
 import javax.security.auth.Subject;
 
-import org.argeo.cms.auth.HttpRequest;
-import org.argeo.cms.auth.HttpSession;
+import org.argeo.cms.auth.RemoteAuthRequest;
+import org.argeo.cms.auth.RemoteAuthSession;
 import org.argeo.cms.internal.auth.CmsSessionImpl;
 import org.osgi.service.useradmin.Authorization;
 
 /** CMS session implementation in a web context. */
 public class WebCmsSessionImpl extends CmsSessionImpl {
 	private static final long serialVersionUID = -5178883380637048025L;
-	private HttpSession httpSession;
+	private RemoteAuthSession httpSession;
 
 	public WebCmsSessionImpl(Subject initialSubject, Authorization authorization, Locale locale,
-			HttpRequest request) {
+			RemoteAuthRequest request) {
 		super(initialSubject, authorization, locale, request.getSession().getId());
 		httpSession = request.getSession();
 	}
@@ -27,7 +27,7 @@ public class WebCmsSessionImpl extends CmsSessionImpl {
 		return httpSession.isValid();
 	}
 
-	public static CmsSessionImpl getCmsSession(HttpRequest request) {
+	public static CmsSessionImpl getCmsSession(RemoteAuthRequest request) {
 		return CmsSessionImpl.getByLocalId(request.getSession().getId());
 	}
 }
diff --git a/org.argeo.cms/src/org/argeo/cms/internal/kernel/jaas-ipa.cfg b/org.argeo.cms/src/org/argeo/cms/internal/kernel/jaas-ipa.cfg
index b9f05a4ab..cf16719bd 100644
--- a/org.argeo.cms/src/org/argeo/cms/internal/kernel/jaas-ipa.cfg
+++ b/org.argeo.cms/src/org/argeo/cms/internal/kernel/jaas-ipa.cfg
@@ -1,12 +1,12 @@
 USER {
-    org.argeo.cms.auth.HttpSessionLoginModule sufficient;
+    org.argeo.cms.auth.RemoteSessionLoginModule sufficient;
     org.argeo.cms.auth.SpnegoLoginModule optional;
     com.sun.security.auth.module.Krb5LoginModule optional tryFirstPass=true;
     org.argeo.cms.auth.UserAdminLoginModule sufficient;
 };
 
 ANONYMOUS {
-    org.argeo.cms.auth.HttpSessionLoginModule sufficient;
+    org.argeo.cms.auth.RemoteSessionLoginModule sufficient;
     org.argeo.cms.auth.AnonymousLoginModule sufficient;
 };
 
diff --git a/org.argeo.cms/src/org/argeo/cms/internal/kernel/jaas.cfg b/org.argeo.cms/src/org/argeo/cms/internal/kernel/jaas.cfg
index 0ebfb3a13..441e1bf2a 100644
--- a/org.argeo.cms/src/org/argeo/cms/internal/kernel/jaas.cfg
+++ b/org.argeo.cms/src/org/argeo/cms/internal/kernel/jaas.cfg
@@ -1,11 +1,11 @@
 USER {
-    org.argeo.cms.auth.HttpSessionLoginModule sufficient;
+    org.argeo.cms.auth.RemoteSessionLoginModule sufficient;
     org.argeo.cms.auth.IdentLoginModule optional;
     org.argeo.cms.auth.UserAdminLoginModule requisite;
 };
 
 ANONYMOUS {
-    org.argeo.cms.auth.HttpSessionLoginModule sufficient;
+    org.argeo.cms.auth.RemoteSessionLoginModule sufficient;
     org.argeo.cms.auth.AnonymousLoginModule requisite;
 };
 
diff --git a/rap/org.argeo.cms.ui.rap/src/org/argeo/cms/web/AbstractCmsEntryPoint.java b/rap/org.argeo.cms.ui.rap/src/org/argeo/cms/web/AbstractCmsEntryPoint.java
index c20068fa7..7b7bddc5c 100644
--- a/rap/org.argeo.cms.ui.rap/src/org/argeo/cms/web/AbstractCmsEntryPoint.java
+++ b/rap/org.argeo.cms.ui.rap/src/org/argeo/cms/web/AbstractCmsEntryPoint.java
@@ -27,8 +27,8 @@ import org.argeo.api.NodeConstants;
 import org.argeo.api.cms.CmsView;
 import org.argeo.cms.CmsException;
 import org.argeo.cms.auth.CurrentUser;
-import org.argeo.cms.auth.HttpRequestCallback;
-import org.argeo.cms.auth.HttpRequestCallbackHandler;
+import org.argeo.cms.auth.RemoteAuthCallback;
+import org.argeo.cms.auth.RemoteAuthCallbackHandler;
 import org.argeo.cms.servlet.ServletHttpRequest;
 import org.argeo.cms.servlet.ServletHttpResponse;
 import org.argeo.cms.swt.CmsStyles;
@@ -86,7 +86,7 @@ public abstract class AbstractCmsEntryPoint extends AbstractEntryPoint implement
 		LoginContext lc;
 		try {
 			lc = new LoginContext(NodeConstants.LOGIN_CONTEXT_USER,
-					new HttpRequestCallbackHandler(new ServletHttpRequest(UiContext.getHttpRequest()),
+					new RemoteAuthCallbackHandler(new ServletHttpRequest(UiContext.getHttpRequest()),
 							new ServletHttpResponse(UiContext.getHttpResponse())));
 			lc.login();
 		} catch (LoginException e) {
@@ -293,10 +293,10 @@ public abstract class AbstractCmsEntryPoint extends AbstractEntryPoint implement
 						super.handle(callbacks);
 						// handle HTTP context
 						for (Callback callback : callbacks) {
-							if (callback instanceof HttpRequestCallback) {
-								((HttpRequestCallback) callback)
+							if (callback instanceof RemoteAuthCallback) {
+								((RemoteAuthCallback) callback)
 										.setRequest(new ServletHttpRequest(UiContext.getHttpRequest()));
-								((HttpRequestCallback) callback)
+								((RemoteAuthCallback) callback)
 										.setResponse(new ServletHttpResponse(UiContext.getHttpResponse()));
 							}
 						}
diff --git a/rap/org.argeo.cms.ui.rap/src/org/argeo/cms/web/CmsWebEntryPoint.java b/rap/org.argeo.cms.ui.rap/src/org/argeo/cms/web/CmsWebEntryPoint.java
index d7050e954..b0d1e842d 100644
--- a/rap/org.argeo.cms.ui.rap/src/org/argeo/cms/web/CmsWebEntryPoint.java
+++ b/rap/org.argeo.cms.ui.rap/src/org/argeo/cms/web/CmsWebEntryPoint.java
@@ -23,7 +23,7 @@ import org.argeo.api.cms.CmsView;
 import org.argeo.api.cms.UxContext;
 import org.argeo.cms.LocaleUtils;
 import org.argeo.cms.auth.CurrentUser;
-import org.argeo.cms.auth.HttpRequestCallbackHandler;
+import org.argeo.cms.auth.RemoteAuthCallbackHandler;
 import org.argeo.cms.osgi.CmsOsgiUtils;
 import org.argeo.cms.servlet.ServletHttpRequest;
 import org.argeo.cms.servlet.ServletHttpResponse;
@@ -86,7 +86,7 @@ public class CmsWebEntryPoint implements EntryPoint, CmsView, BrowserNavigationL
 		LoginContext lc;
 		try {
 			lc = new LoginContext(NodeConstants.LOGIN_CONTEXT_USER,
-					new HttpRequestCallbackHandler(new ServletHttpRequest(UiContext.getHttpRequest()),
+					new RemoteAuthCallbackHandler(new ServletHttpRequest(UiContext.getHttpRequest()),
 							new ServletHttpResponse(UiContext.getHttpResponse())));
 			lc.login();
 		} catch (LoginException e) {