From 4185ff8826f893a4a1f054f61a11b89333c3e85d Mon Sep 17 00:00:00 2001 From: Mathieu Baudier Date: Wed, 5 Jan 2022 10:45:02 +0100 Subject: [PATCH] Rename remote auth interfaces --- org.argeo.cms.servlet/bnd.bnd | 1 + .../argeo/cms/servlet/CmsServletContext.java | 11 +++--- .../argeo/cms/servlet/ServletHttpRequest.java | 10 +++--- .../cms/servlet/ServletHttpResponse.java | 4 +-- .../argeo/cms/servlet/ServletHttpSession.java | 4 +-- .../src/org/argeo/cms/swt/auth/CmsLogin.java | 8 ++--- .../argeo/cms/auth/AnonymousLoginModule.java | 2 +- .../src/org/argeo/cms/auth/CmsAuthUtils.java | 4 +-- .../argeo/cms/auth/HttpRequestCallback.java | 35 ------------------- .../org/argeo/cms/auth/IdentLoginModule.java | 4 +-- .../argeo/cms/auth/RemoteAuthCallback.java | 35 +++++++++++++++++++ ...er.java => RemoteAuthCallbackHandler.java} | 22 ++++++------ ...ttpRequest.java => RemoteAuthRequest.java} | 6 ++-- ...pResponse.java => RemoteAuthResponse.java} | 2 +- ...ttpSession.java => RemoteAuthSession.java} | 2 +- .../org/argeo/cms/auth/RemoteAuthUtils.java | 20 +++++------ ...ule.java => RemoteSessionLoginModule.java} | 20 +++++------ .../argeo/cms/auth/SingleUserLoginModule.java | 2 +- .../argeo/cms/auth/UserAdminLoginModule.java | 2 +- .../cms/internal/http/WebCmsSessionImpl.java | 10 +++--- .../argeo/cms/internal/kernel/jaas-ipa.cfg | 4 +-- .../org/argeo/cms/internal/kernel/jaas.cfg | 4 +-- .../argeo/cms/web/AbstractCmsEntryPoint.java | 12 +++---- .../org/argeo/cms/web/CmsWebEntryPoint.java | 4 +-- 24 files changed, 114 insertions(+), 114 deletions(-) delete mode 100644 org.argeo.cms/src/org/argeo/cms/auth/HttpRequestCallback.java create mode 100644 org.argeo.cms/src/org/argeo/cms/auth/RemoteAuthCallback.java rename org.argeo.cms/src/org/argeo/cms/auth/{HttpRequestCallbackHandler.java => RemoteAuthCallbackHandler.java} (54%) rename org.argeo.cms/src/org/argeo/cms/auth/{HttpRequest.java => RemoteAuthRequest.java} (75%) rename org.argeo.cms/src/org/argeo/cms/auth/{HttpResponse.java => RemoteAuthResponse.java} (78%) rename org.argeo.cms/src/org/argeo/cms/auth/{HttpSession.java => RemoteAuthSession.java} (78%) rename org.argeo.cms.servlet/src/org/argeo/cms/servlet/ServletAuthUtils.java => org.argeo.cms/src/org/argeo/cms/auth/RemoteAuthUtils.java (75%) rename org.argeo.cms/src/org/argeo/cms/auth/{HttpSessionLoginModule.java => RemoteSessionLoginModule.java} (92%) diff --git a/org.argeo.cms.servlet/bnd.bnd b/org.argeo.cms.servlet/bnd.bnd index c8251a7fe..011cbd6a3 100644 --- a/org.argeo.cms.servlet/bnd.bnd +++ b/org.argeo.cms.servlet/bnd.bnd @@ -2,6 +2,7 @@ Import-Package:\ org.osgi.service.http;version=0.0.0,\ org.osgi.service.http.whiteboard;version=0.0.0,\ org.osgi.framework.namespace;version=0.0.0,\ +org.argeo.cms.osgi,\ org.argeo.api,\ * diff --git a/org.argeo.cms.servlet/src/org/argeo/cms/servlet/CmsServletContext.java b/org.argeo.cms.servlet/src/org/argeo/cms/servlet/CmsServletContext.java index a5ba6ef82..ba19d0d5f 100644 --- a/org.argeo.cms.servlet/src/org/argeo/cms/servlet/CmsServletContext.java +++ b/org.argeo.cms.servlet/src/org/argeo/cms/servlet/CmsServletContext.java @@ -14,7 +14,8 @@ import javax.servlet.http.HttpServletResponse; import org.apache.commons.logging.Log; import org.apache.commons.logging.LogFactory; import org.argeo.api.NodeConstants; -import org.argeo.cms.auth.HttpRequestCallbackHandler; +import org.argeo.cms.auth.RemoteAuthCallbackHandler; +import org.argeo.cms.auth.RemoteAuthUtils; import org.argeo.cms.servlet.internal.HttpUtils; import org.osgi.framework.Bundle; import org.osgi.framework.FrameworkUtil; @@ -44,7 +45,7 @@ public class CmsServletContext extends ServletContextHelper { LoginContext lc; try { lc = new LoginContext(NodeConstants.LOGIN_CONTEXT_USER, - new HttpRequestCallbackHandler(new ServletHttpRequest(request), new ServletHttpResponse(response))); + new RemoteAuthCallbackHandler(new ServletHttpRequest(request), new ServletHttpResponse(response))); lc.login(); } catch (LoginException e) { lc = processUnauthorized(request, response); @@ -61,7 +62,7 @@ public class CmsServletContext extends ServletContextHelper { @Override public Void run() { // TODO also set login context in order to log out ? - ServletAuthUtils.configureRequestSecurity(new ServletHttpRequest(request)); + RemoteAuthUtils.configureRequestSecurity(new ServletHttpRequest(request)); return null; } @@ -71,14 +72,14 @@ public class CmsServletContext extends ServletContextHelper { @Override public void finishSecurity(HttpServletRequest request, HttpServletResponse response) { - ServletAuthUtils.clearRequestSecurity(new ServletHttpRequest(request)); + RemoteAuthUtils.clearRequestSecurity(new ServletHttpRequest(request)); } protected LoginContext processUnauthorized(HttpServletRequest request, HttpServletResponse response) { // anonymous try { LoginContext lc = new LoginContext(NodeConstants.LOGIN_CONTEXT_ANONYMOUS, - new HttpRequestCallbackHandler(new ServletHttpRequest(request), new ServletHttpResponse(response))); + new RemoteAuthCallbackHandler(new ServletHttpRequest(request), new ServletHttpResponse(response))); lc.login(); return lc; } catch (LoginException e1) { diff --git a/org.argeo.cms.servlet/src/org/argeo/cms/servlet/ServletHttpRequest.java b/org.argeo.cms.servlet/src/org/argeo/cms/servlet/ServletHttpRequest.java index 75a0d8782..95912e407 100644 --- a/org.argeo.cms.servlet/src/org/argeo/cms/servlet/ServletHttpRequest.java +++ b/org.argeo.cms.servlet/src/org/argeo/cms/servlet/ServletHttpRequest.java @@ -5,10 +5,10 @@ import java.util.Objects; import javax.servlet.http.HttpServletRequest; -import org.argeo.cms.auth.HttpRequest; -import org.argeo.cms.auth.HttpSession; +import org.argeo.cms.auth.RemoteAuthRequest; +import org.argeo.cms.auth.RemoteAuthSession; -public class ServletHttpRequest implements HttpRequest { +public class ServletHttpRequest implements RemoteAuthRequest { private final HttpServletRequest request; public ServletHttpRequest(HttpServletRequest request) { @@ -17,12 +17,12 @@ public class ServletHttpRequest implements HttpRequest { } @Override - public HttpSession getSession() { + public RemoteAuthSession getSession() { return new ServletHttpSession(request.getSession(false)); } @Override - public HttpSession createSession() { + public RemoteAuthSession createSession() { return new ServletHttpSession(request.getSession(true)); } diff --git a/org.argeo.cms.servlet/src/org/argeo/cms/servlet/ServletHttpResponse.java b/org.argeo.cms.servlet/src/org/argeo/cms/servlet/ServletHttpResponse.java index 6cbe2c44e..de47365ca 100644 --- a/org.argeo.cms.servlet/src/org/argeo/cms/servlet/ServletHttpResponse.java +++ b/org.argeo.cms.servlet/src/org/argeo/cms/servlet/ServletHttpResponse.java @@ -4,9 +4,9 @@ import java.util.Objects; import javax.servlet.http.HttpServletResponse; -import org.argeo.cms.auth.HttpResponse; +import org.argeo.cms.auth.RemoteAuthResponse; -public class ServletHttpResponse implements HttpResponse { +public class ServletHttpResponse implements RemoteAuthResponse { private final HttpServletResponse response; public ServletHttpResponse(HttpServletResponse response) { diff --git a/org.argeo.cms.servlet/src/org/argeo/cms/servlet/ServletHttpSession.java b/org.argeo.cms.servlet/src/org/argeo/cms/servlet/ServletHttpSession.java index 16537648b..8d087daa7 100644 --- a/org.argeo.cms.servlet/src/org/argeo/cms/servlet/ServletHttpSession.java +++ b/org.argeo.cms.servlet/src/org/argeo/cms/servlet/ServletHttpSession.java @@ -1,8 +1,8 @@ package org.argeo.cms.servlet; -import org.argeo.cms.auth.HttpSession; +import org.argeo.cms.auth.RemoteAuthSession; -public class ServletHttpSession implements HttpSession { +public class ServletHttpSession implements RemoteAuthSession { private javax.servlet.http.HttpSession session; public ServletHttpSession(javax.servlet.http.HttpSession session) { diff --git a/org.argeo.cms.swt/src/org/argeo/cms/swt/auth/CmsLogin.java b/org.argeo.cms.swt/src/org/argeo/cms/swt/auth/CmsLogin.java index e4d08d728..66bccc07a 100644 --- a/org.argeo.cms.swt/src/org/argeo/cms/swt/auth/CmsLogin.java +++ b/org.argeo.cms.swt/src/org/argeo/cms/swt/auth/CmsLogin.java @@ -24,7 +24,7 @@ import org.argeo.api.NodeState; import org.argeo.api.cms.CmsView; import org.argeo.cms.CmsMsg; import org.argeo.cms.LocaleUtils; -import org.argeo.cms.auth.HttpRequestCallback; +import org.argeo.cms.auth.RemoteAuthCallback; import org.argeo.cms.servlet.ServletHttpRequest; import org.argeo.cms.servlet.ServletHttpResponse; import org.argeo.cms.swt.CmsStyles; @@ -310,9 +310,9 @@ public class CmsLogin implements CmsStyles, CallbackHandler { ((NameCallback) callback).setName(usernameT.getText()); else if (callback instanceof PasswordCallback && passwordT != null) ((PasswordCallback) callback).setPassword(passwordT.getTextChars()); - else if (callback instanceof HttpRequestCallback) { - ((HttpRequestCallback) callback).setRequest(new ServletHttpRequest(UiContext.getHttpRequest())); - ((HttpRequestCallback) callback).setResponse(new ServletHttpResponse(UiContext.getHttpResponse())); + else if (callback instanceof RemoteAuthCallback) { + ((RemoteAuthCallback) callback).setRequest(new ServletHttpRequest(UiContext.getHttpRequest())); + ((RemoteAuthCallback) callback).setResponse(new ServletHttpResponse(UiContext.getHttpResponse())); } else if (callback instanceof LanguageCallback) { Locale toUse = null; if (localeChoice != null) diff --git a/org.argeo.cms/src/org/argeo/cms/auth/AnonymousLoginModule.java b/org.argeo.cms/src/org/argeo/cms/auth/AnonymousLoginModule.java index c5d067c08..0217eb8ef 100644 --- a/org.argeo.cms/src/org/argeo/cms/auth/AnonymousLoginModule.java +++ b/org.argeo.cms/src/org/argeo/cms/auth/AnonymousLoginModule.java @@ -48,7 +48,7 @@ public class AnonymousLoginModule implements LoginModule { public boolean commit() throws LoginException { UserAdmin userAdmin = bc.getService(bc.getServiceReference(UserAdmin.class)); Authorization authorization = userAdmin.getAuthorization(null); - HttpRequest request = (HttpRequest) sharedState.get(CmsAuthUtils.SHARED_STATE_HTTP_REQUEST); + RemoteAuthRequest request = (RemoteAuthRequest) sharedState.get(CmsAuthUtils.SHARED_STATE_HTTP_REQUEST); Locale locale = Locale.getDefault(); if (request != null) locale = request.getLocale(); diff --git a/org.argeo.cms/src/org/argeo/cms/auth/CmsAuthUtils.java b/org.argeo.cms/src/org/argeo/cms/auth/CmsAuthUtils.java index 62888b153..33a9d7ae4 100644 --- a/org.argeo.cms/src/org/argeo/cms/auth/CmsAuthUtils.java +++ b/org.argeo.cms/src/org/argeo/cms/auth/CmsAuthUtils.java @@ -122,12 +122,12 @@ class CmsAuthUtils { } @SuppressWarnings("unused") - synchronized static void registerSessionAuthorization(HttpRequest request, Subject subject, + synchronized static void registerSessionAuthorization(RemoteAuthRequest request, Subject subject, Authorization authorization, Locale locale) { // synchronized in order to avoid multiple registrations // TODO move it to a service in order to avoid static synchronization if (request != null) { - HttpSession httpSession = request.getSession(); + RemoteAuthSession httpSession = request.getSession(); assert httpSession != null; String httpSessId = httpSession.getId(); boolean anonymous = authorization.getName() == null; diff --git a/org.argeo.cms/src/org/argeo/cms/auth/HttpRequestCallback.java b/org.argeo.cms/src/org/argeo/cms/auth/HttpRequestCallback.java deleted file mode 100644 index 38e12c0c6..000000000 --- a/org.argeo.cms/src/org/argeo/cms/auth/HttpRequestCallback.java +++ /dev/null @@ -1,35 +0,0 @@ -package org.argeo.cms.auth; - -import javax.security.auth.callback.Callback; - -/** Retrieves credentials from an HTTP request. */ -public class HttpRequestCallback implements Callback { - private HttpRequest request; - private HttpResponse response; - private HttpSession httpSession; - - public HttpRequest getRequest() { - return request; - } - - public void setRequest(HttpRequest request) { - this.request = request; - } - - public HttpResponse getResponse() { - return response; - } - - public void setResponse(HttpResponse response) { - this.response = response; - } - - public HttpSession getHttpSession() { - return httpSession; - } - - public void setHttpSession(HttpSession httpSession) { - this.httpSession = httpSession; - } - -} diff --git a/org.argeo.cms/src/org/argeo/cms/auth/IdentLoginModule.java b/org.argeo.cms/src/org/argeo/cms/auth/IdentLoginModule.java index f5e4085c3..32219dd87 100644 --- a/org.argeo.cms/src/org/argeo/cms/auth/IdentLoginModule.java +++ b/org.argeo.cms/src/org/argeo/cms/auth/IdentLoginModule.java @@ -34,7 +34,7 @@ public class IdentLoginModule implements LoginModule { public boolean login() throws LoginException { if (callbackHandler == null) return false; - HttpRequestCallback httpCallback = new HttpRequestCallback(); + RemoteAuthCallback httpCallback = new RemoteAuthCallback(); try { callbackHandler.handle(new Callback[] { httpCallback }); } catch (IOException e) { @@ -42,7 +42,7 @@ public class IdentLoginModule implements LoginModule { } catch (UnsupportedCallbackException e) { return false; } - HttpRequest request = httpCallback.getRequest(); + RemoteAuthRequest request = httpCallback.getRequest(); if (request == null) return false; IdentClient identClient = Activator.getIdentClient(request.getRemoteAddr()); diff --git a/org.argeo.cms/src/org/argeo/cms/auth/RemoteAuthCallback.java b/org.argeo.cms/src/org/argeo/cms/auth/RemoteAuthCallback.java new file mode 100644 index 000000000..d19bac8bc --- /dev/null +++ b/org.argeo.cms/src/org/argeo/cms/auth/RemoteAuthCallback.java @@ -0,0 +1,35 @@ +package org.argeo.cms.auth; + +import javax.security.auth.callback.Callback; + +/** Retrieves credentials from an HTTP request. */ +public class RemoteAuthCallback implements Callback { + private RemoteAuthRequest request; + private RemoteAuthResponse response; + private RemoteAuthSession httpSession; + + public RemoteAuthRequest getRequest() { + return request; + } + + public void setRequest(RemoteAuthRequest request) { + this.request = request; + } + + public RemoteAuthResponse getResponse() { + return response; + } + + public void setResponse(RemoteAuthResponse response) { + this.response = response; + } + + public RemoteAuthSession getHttpSession() { + return httpSession; + } + + public void setHttpSession(RemoteAuthSession httpSession) { + this.httpSession = httpSession; + } + +} diff --git a/org.argeo.cms/src/org/argeo/cms/auth/HttpRequestCallbackHandler.java b/org.argeo.cms/src/org/argeo/cms/auth/RemoteAuthCallbackHandler.java similarity index 54% rename from org.argeo.cms/src/org/argeo/cms/auth/HttpRequestCallbackHandler.java rename to org.argeo.cms/src/org/argeo/cms/auth/RemoteAuthCallbackHandler.java index 934fdd96b..68d126b0b 100644 --- a/org.argeo.cms/src/org/argeo/cms/auth/HttpRequestCallbackHandler.java +++ b/org.argeo.cms/src/org/argeo/cms/auth/RemoteAuthCallbackHandler.java @@ -8,21 +8,21 @@ import javax.security.auth.callback.LanguageCallback; import javax.security.auth.callback.UnsupportedCallbackException; /** - * Callback handler populating {@link HttpRequestCallback}s with the provided + * Callback handler populating {@link RemoteAuthCallback}s with the provided * {@link HttpServletRequest}, and ignoring any other callback. */ -public class HttpRequestCallbackHandler implements CallbackHandler { - final private HttpRequest request; - final private HttpResponse response; - final private HttpSession httpSession; +public class RemoteAuthCallbackHandler implements CallbackHandler { + final private RemoteAuthRequest request; + final private RemoteAuthResponse response; + final private RemoteAuthSession httpSession; - public HttpRequestCallbackHandler(HttpRequest request, HttpResponse response) { + public RemoteAuthCallbackHandler(RemoteAuthRequest request, RemoteAuthResponse response) { this.request = request; this.httpSession = request.getSession(); this.response = response; } - public HttpRequestCallbackHandler(HttpSession httpSession) { + public RemoteAuthCallbackHandler(RemoteAuthSession httpSession) { this.httpSession = httpSession; this.request = null; this.response = null; @@ -31,10 +31,10 @@ public class HttpRequestCallbackHandler implements CallbackHandler { @Override public void handle(Callback[] callbacks) throws IOException, UnsupportedCallbackException { for (Callback callback : callbacks) - if (callback instanceof HttpRequestCallback) { - ((HttpRequestCallback) callback).setRequest(request); - ((HttpRequestCallback) callback).setResponse(response); - ((HttpRequestCallback) callback).setHttpSession(httpSession); + if (callback instanceof RemoteAuthCallback) { + ((RemoteAuthCallback) callback).setRequest(request); + ((RemoteAuthCallback) callback).setResponse(response); + ((RemoteAuthCallback) callback).setHttpSession(httpSession); } else if (callback instanceof LanguageCallback) { ((LanguageCallback) callback).setLocale(request.getLocale()); } diff --git a/org.argeo.cms/src/org/argeo/cms/auth/HttpRequest.java b/org.argeo.cms/src/org/argeo/cms/auth/RemoteAuthRequest.java similarity index 75% rename from org.argeo.cms/src/org/argeo/cms/auth/HttpRequest.java rename to org.argeo.cms/src/org/argeo/cms/auth/RemoteAuthRequest.java index 447225515..2d1d14b4e 100644 --- a/org.argeo.cms/src/org/argeo/cms/auth/HttpRequest.java +++ b/org.argeo.cms/src/org/argeo/cms/auth/RemoteAuthRequest.java @@ -3,10 +3,10 @@ package org.argeo.cms.auth; import java.util.Locale; /** Transitional interface to decouple from the Servlet API. */ -public interface HttpRequest { - HttpSession getSession(); +public interface RemoteAuthRequest { + RemoteAuthSession getSession(); - HttpSession createSession(); + RemoteAuthSession createSession(); Locale getLocale(); diff --git a/org.argeo.cms/src/org/argeo/cms/auth/HttpResponse.java b/org.argeo.cms/src/org/argeo/cms/auth/RemoteAuthResponse.java similarity index 78% rename from org.argeo.cms/src/org/argeo/cms/auth/HttpResponse.java rename to org.argeo.cms/src/org/argeo/cms/auth/RemoteAuthResponse.java index 67bad55c4..f91b6c5de 100644 --- a/org.argeo.cms/src/org/argeo/cms/auth/HttpResponse.java +++ b/org.argeo.cms/src/org/argeo/cms/auth/RemoteAuthResponse.java @@ -1,7 +1,7 @@ package org.argeo.cms.auth; /** Transitional interface to decouple from the Servlet API. */ -public interface HttpResponse { +public interface RemoteAuthResponse { void setHeader(String keys, String value); } diff --git a/org.argeo.cms/src/org/argeo/cms/auth/HttpSession.java b/org.argeo.cms/src/org/argeo/cms/auth/RemoteAuthSession.java similarity index 78% rename from org.argeo.cms/src/org/argeo/cms/auth/HttpSession.java rename to org.argeo.cms/src/org/argeo/cms/auth/RemoteAuthSession.java index c7e52c128..6708285b6 100644 --- a/org.argeo.cms/src/org/argeo/cms/auth/HttpSession.java +++ b/org.argeo.cms/src/org/argeo/cms/auth/RemoteAuthSession.java @@ -1,7 +1,7 @@ package org.argeo.cms.auth; /** Transitional interface to decouple from the Servlet API. */ -public interface HttpSession { +public interface RemoteAuthSession { boolean isValid(); String getId(); diff --git a/org.argeo.cms.servlet/src/org/argeo/cms/servlet/ServletAuthUtils.java b/org.argeo.cms/src/org/argeo/cms/auth/RemoteAuthUtils.java similarity index 75% rename from org.argeo.cms.servlet/src/org/argeo/cms/servlet/ServletAuthUtils.java rename to org.argeo.cms/src/org/argeo/cms/auth/RemoteAuthUtils.java index 7719658d7..d51997d74 100644 --- a/org.argeo.cms.servlet/src/org/argeo/cms/servlet/ServletAuthUtils.java +++ b/org.argeo.cms/src/org/argeo/cms/auth/RemoteAuthUtils.java @@ -1,4 +1,4 @@ -package org.argeo.cms.servlet; +package org.argeo.cms.auth; import java.security.AccessControlContext; import java.security.AccessController; @@ -8,24 +8,22 @@ import java.util.function.Supplier; import javax.security.auth.Subject; import org.argeo.api.cms.CmsSession; -import org.argeo.cms.auth.CurrentUser; -import org.argeo.cms.auth.HttpRequest; import org.argeo.cms.osgi.CmsOsgiUtils; import org.osgi.framework.BundleContext; import org.osgi.framework.FrameworkUtil; -/** Authentications utilities when using servlets. */ -public class ServletAuthUtils { +/** Remote authentication utilities. */ +public class RemoteAuthUtils { static final String REMOTE_USER = "org.osgi.service.http.authentication.remote.user"; - private static BundleContext bundleContext = FrameworkUtil.getBundle(ServletAuthUtils.class).getBundleContext(); + private static BundleContext bundleContext = FrameworkUtil.getBundle(RemoteAuthUtils.class).getBundleContext(); /** * Execute this supplier, using the CMS class loader as context classloader. * Useful to log in to JCR. */ - public final static T doAs(Supplier supplier, HttpRequest req) { + public final static T doAs(Supplier supplier, RemoteAuthRequest req) { ClassLoader currentContextCl = Thread.currentThread().getContextClassLoader(); - Thread.currentThread().setContextClassLoader(ServletAuthUtils.class.getClassLoader()); + Thread.currentThread().setContextClassLoader(RemoteAuthUtils.class.getClassLoader()); try { return Subject.doAs( Subject.getSubject((AccessControlContext) req.getAttribute(AccessControlContext.class.getName())), @@ -42,7 +40,7 @@ public class ServletAuthUtils { } } - public final static void configureRequestSecurity(HttpRequest req) { + public final static void configureRequestSecurity(RemoteAuthRequest req) { if (req.getAttribute(AccessControlContext.class.getName()) != null) throw new IllegalStateException("Request already authenticated."); AccessControlContext acc = AccessController.getContext(); @@ -50,14 +48,14 @@ public class ServletAuthUtils { req.setAttribute(AccessControlContext.class.getName(), acc); } - public final static void clearRequestSecurity(HttpRequest req) { + public final static void clearRequestSecurity(RemoteAuthRequest req) { if (req.getAttribute(AccessControlContext.class.getName()) == null) throw new IllegalStateException("Cannot clear non-authenticated request."); req.setAttribute(REMOTE_USER, null); req.setAttribute(AccessControlContext.class.getName(), null); } - public static CmsSession getCmsSession(HttpRequest req) { + public static CmsSession getCmsSession(RemoteAuthRequest req) { Subject subject = Subject .getSubject((AccessControlContext) req.getAttribute(AccessControlContext.class.getName())); CmsSession cmsSession = CmsOsgiUtils.getCmsSession(bundleContext, subject); diff --git a/org.argeo.cms/src/org/argeo/cms/auth/HttpSessionLoginModule.java b/org.argeo.cms/src/org/argeo/cms/auth/RemoteSessionLoginModule.java similarity index 92% rename from org.argeo.cms/src/org/argeo/cms/auth/HttpSessionLoginModule.java rename to org.argeo.cms/src/org/argeo/cms/auth/RemoteSessionLoginModule.java index 8cc3941bc..ecbc844b5 100644 --- a/org.argeo.cms/src/org/argeo/cms/auth/HttpSessionLoginModule.java +++ b/org.argeo.cms/src/org/argeo/cms/auth/RemoteSessionLoginModule.java @@ -24,15 +24,15 @@ import org.osgi.service.http.HttpContext; import org.osgi.service.useradmin.Authorization; /** Use the HTTP session as the basis for authentication. */ -public class HttpSessionLoginModule implements LoginModule { - private final static Log log = LogFactory.getLog(HttpSessionLoginModule.class); +public class RemoteSessionLoginModule implements LoginModule { + private final static Log log = LogFactory.getLog(RemoteSessionLoginModule.class); private Subject subject = null; private CallbackHandler callbackHandler = null; private Map sharedState = null; - private HttpRequest request = null; - private HttpResponse response = null; + private RemoteAuthRequest request = null; + private RemoteAuthResponse response = null; private BundleContext bc; @@ -43,7 +43,7 @@ public class HttpSessionLoginModule implements LoginModule { @Override public void initialize(Subject subject, CallbackHandler callbackHandler, Map sharedState, Map options) { - bc = FrameworkUtil.getBundle(HttpSessionLoginModule.class).getBundleContext(); + bc = FrameworkUtil.getBundle(RemoteSessionLoginModule.class).getBundleContext(); assert bc != null; this.subject = subject; this.callbackHandler = callbackHandler; @@ -54,7 +54,7 @@ public class HttpSessionLoginModule implements LoginModule { public boolean login() throws LoginException { if (callbackHandler == null) return false; - HttpRequestCallback httpCallback = new HttpRequestCallback(); + RemoteAuthCallback httpCallback = new RemoteAuthCallback(); try { callbackHandler.handle(new Callback[] { httpCallback }); } catch (IOException e) { @@ -64,7 +64,7 @@ public class HttpSessionLoginModule implements LoginModule { } request = httpCallback.getRequest(); if (request == null) { - HttpSession httpSession = httpCallback.getHttpSession(); + RemoteAuthSession httpSession = httpCallback.getHttpSession(); if (httpSession == null) return false; // TODO factorize with below @@ -81,7 +81,7 @@ public class HttpSessionLoginModule implements LoginModule { } else { authorization = (Authorization) request.getAttribute(HttpContext.AUTHORIZATION); if (authorization == null) {// search by session ID - HttpSession httpSession = request.getSession(); + RemoteAuthSession httpSession = request.getSession(); if (httpSession == null) { // TODO make sure this is always safe if (log.isTraceEnabled()) @@ -156,7 +156,7 @@ public class HttpSessionLoginModule implements LoginModule { return true; } - private void extractHttpAuth(final HttpRequest httpRequest) { + private void extractHttpAuth(final RemoteAuthRequest httpRequest) { String authHeader = httpRequest.getHeader(CmsAuthUtils.HEADER_AUTHORIZATION); extractHttpAuth(authHeader); } @@ -203,7 +203,7 @@ public class HttpSessionLoginModule implements LoginModule { // } } - private void extractClientCertificate(HttpRequest req) { + private void extractClientCertificate(RemoteAuthRequest req) { X509Certificate[] certs = (X509Certificate[]) req.getAttribute("javax.servlet.request.X509Certificate"); if (null != certs && certs.length > 0) {// Servlet container verified the client certificate String certDn = certs[0].getSubjectX500Principal().getName(); diff --git a/org.argeo.cms/src/org/argeo/cms/auth/SingleUserLoginModule.java b/org.argeo.cms/src/org/argeo/cms/auth/SingleUserLoginModule.java index 5d46839e0..649ecc464 100644 --- a/org.argeo.cms/src/org/argeo/cms/auth/SingleUserLoginModule.java +++ b/org.argeo.cms/src/org/argeo/cms/auth/SingleUserLoginModule.java @@ -67,7 +67,7 @@ public class SingleUserLoginModule implements LoginModule { authorizationName = principal.getName(); } - HttpRequest request = (HttpRequest) sharedState.get(CmsAuthUtils.SHARED_STATE_HTTP_REQUEST); + RemoteAuthRequest request = (RemoteAuthRequest) sharedState.get(CmsAuthUtils.SHARED_STATE_HTTP_REQUEST); Locale locale = Locale.getDefault(); if (request != null) locale = request.getLocale(); diff --git a/org.argeo.cms/src/org/argeo/cms/auth/UserAdminLoginModule.java b/org.argeo.cms/src/org/argeo/cms/auth/UserAdminLoginModule.java index d526f4fc2..188e86058 100644 --- a/org.argeo.cms/src/org/argeo/cms/auth/UserAdminLoginModule.java +++ b/org.argeo.cms/src/org/argeo/cms/auth/UserAdminLoginModule.java @@ -252,7 +252,7 @@ public class UserAdminLoginModule implements LoginModule { } // Log and monitor new login - HttpRequest request = (HttpRequest) sharedState.get(CmsAuthUtils.SHARED_STATE_HTTP_REQUEST); + RemoteAuthRequest request = (RemoteAuthRequest) sharedState.get(CmsAuthUtils.SHARED_STATE_HTTP_REQUEST); CmsAuthUtils.addAuthorization(subject, authorization); // Unlock keyring (underlying login to the JCR repository) diff --git a/org.argeo.cms/src/org/argeo/cms/internal/http/WebCmsSessionImpl.java b/org.argeo.cms/src/org/argeo/cms/internal/http/WebCmsSessionImpl.java index 03fb82faa..fd51c597a 100644 --- a/org.argeo.cms/src/org/argeo/cms/internal/http/WebCmsSessionImpl.java +++ b/org.argeo.cms/src/org/argeo/cms/internal/http/WebCmsSessionImpl.java @@ -4,18 +4,18 @@ import java.util.Locale; import javax.security.auth.Subject; -import org.argeo.cms.auth.HttpRequest; -import org.argeo.cms.auth.HttpSession; +import org.argeo.cms.auth.RemoteAuthRequest; +import org.argeo.cms.auth.RemoteAuthSession; import org.argeo.cms.internal.auth.CmsSessionImpl; import org.osgi.service.useradmin.Authorization; /** CMS session implementation in a web context. */ public class WebCmsSessionImpl extends CmsSessionImpl { private static final long serialVersionUID = -5178883380637048025L; - private HttpSession httpSession; + private RemoteAuthSession httpSession; public WebCmsSessionImpl(Subject initialSubject, Authorization authorization, Locale locale, - HttpRequest request) { + RemoteAuthRequest request) { super(initialSubject, authorization, locale, request.getSession().getId()); httpSession = request.getSession(); } @@ -27,7 +27,7 @@ public class WebCmsSessionImpl extends CmsSessionImpl { return httpSession.isValid(); } - public static CmsSessionImpl getCmsSession(HttpRequest request) { + public static CmsSessionImpl getCmsSession(RemoteAuthRequest request) { return CmsSessionImpl.getByLocalId(request.getSession().getId()); } } diff --git a/org.argeo.cms/src/org/argeo/cms/internal/kernel/jaas-ipa.cfg b/org.argeo.cms/src/org/argeo/cms/internal/kernel/jaas-ipa.cfg index b9f05a4ab..cf16719bd 100644 --- a/org.argeo.cms/src/org/argeo/cms/internal/kernel/jaas-ipa.cfg +++ b/org.argeo.cms/src/org/argeo/cms/internal/kernel/jaas-ipa.cfg @@ -1,12 +1,12 @@ USER { - org.argeo.cms.auth.HttpSessionLoginModule sufficient; + org.argeo.cms.auth.RemoteSessionLoginModule sufficient; org.argeo.cms.auth.SpnegoLoginModule optional; com.sun.security.auth.module.Krb5LoginModule optional tryFirstPass=true; org.argeo.cms.auth.UserAdminLoginModule sufficient; }; ANONYMOUS { - org.argeo.cms.auth.HttpSessionLoginModule sufficient; + org.argeo.cms.auth.RemoteSessionLoginModule sufficient; org.argeo.cms.auth.AnonymousLoginModule sufficient; }; diff --git a/org.argeo.cms/src/org/argeo/cms/internal/kernel/jaas.cfg b/org.argeo.cms/src/org/argeo/cms/internal/kernel/jaas.cfg index 0ebfb3a13..441e1bf2a 100644 --- a/org.argeo.cms/src/org/argeo/cms/internal/kernel/jaas.cfg +++ b/org.argeo.cms/src/org/argeo/cms/internal/kernel/jaas.cfg @@ -1,11 +1,11 @@ USER { - org.argeo.cms.auth.HttpSessionLoginModule sufficient; + org.argeo.cms.auth.RemoteSessionLoginModule sufficient; org.argeo.cms.auth.IdentLoginModule optional; org.argeo.cms.auth.UserAdminLoginModule requisite; }; ANONYMOUS { - org.argeo.cms.auth.HttpSessionLoginModule sufficient; + org.argeo.cms.auth.RemoteSessionLoginModule sufficient; org.argeo.cms.auth.AnonymousLoginModule requisite; }; diff --git a/rap/org.argeo.cms.ui.rap/src/org/argeo/cms/web/AbstractCmsEntryPoint.java b/rap/org.argeo.cms.ui.rap/src/org/argeo/cms/web/AbstractCmsEntryPoint.java index c20068fa7..7b7bddc5c 100644 --- a/rap/org.argeo.cms.ui.rap/src/org/argeo/cms/web/AbstractCmsEntryPoint.java +++ b/rap/org.argeo.cms.ui.rap/src/org/argeo/cms/web/AbstractCmsEntryPoint.java @@ -27,8 +27,8 @@ import org.argeo.api.NodeConstants; import org.argeo.api.cms.CmsView; import org.argeo.cms.CmsException; import org.argeo.cms.auth.CurrentUser; -import org.argeo.cms.auth.HttpRequestCallback; -import org.argeo.cms.auth.HttpRequestCallbackHandler; +import org.argeo.cms.auth.RemoteAuthCallback; +import org.argeo.cms.auth.RemoteAuthCallbackHandler; import org.argeo.cms.servlet.ServletHttpRequest; import org.argeo.cms.servlet.ServletHttpResponse; import org.argeo.cms.swt.CmsStyles; @@ -86,7 +86,7 @@ public abstract class AbstractCmsEntryPoint extends AbstractEntryPoint implement LoginContext lc; try { lc = new LoginContext(NodeConstants.LOGIN_CONTEXT_USER, - new HttpRequestCallbackHandler(new ServletHttpRequest(UiContext.getHttpRequest()), + new RemoteAuthCallbackHandler(new ServletHttpRequest(UiContext.getHttpRequest()), new ServletHttpResponse(UiContext.getHttpResponse()))); lc.login(); } catch (LoginException e) { @@ -293,10 +293,10 @@ public abstract class AbstractCmsEntryPoint extends AbstractEntryPoint implement super.handle(callbacks); // handle HTTP context for (Callback callback : callbacks) { - if (callback instanceof HttpRequestCallback) { - ((HttpRequestCallback) callback) + if (callback instanceof RemoteAuthCallback) { + ((RemoteAuthCallback) callback) .setRequest(new ServletHttpRequest(UiContext.getHttpRequest())); - ((HttpRequestCallback) callback) + ((RemoteAuthCallback) callback) .setResponse(new ServletHttpResponse(UiContext.getHttpResponse())); } } diff --git a/rap/org.argeo.cms.ui.rap/src/org/argeo/cms/web/CmsWebEntryPoint.java b/rap/org.argeo.cms.ui.rap/src/org/argeo/cms/web/CmsWebEntryPoint.java index d7050e954..b0d1e842d 100644 --- a/rap/org.argeo.cms.ui.rap/src/org/argeo/cms/web/CmsWebEntryPoint.java +++ b/rap/org.argeo.cms.ui.rap/src/org/argeo/cms/web/CmsWebEntryPoint.java @@ -23,7 +23,7 @@ import org.argeo.api.cms.CmsView; import org.argeo.api.cms.UxContext; import org.argeo.cms.LocaleUtils; import org.argeo.cms.auth.CurrentUser; -import org.argeo.cms.auth.HttpRequestCallbackHandler; +import org.argeo.cms.auth.RemoteAuthCallbackHandler; import org.argeo.cms.osgi.CmsOsgiUtils; import org.argeo.cms.servlet.ServletHttpRequest; import org.argeo.cms.servlet.ServletHttpResponse; @@ -86,7 +86,7 @@ public class CmsWebEntryPoint implements EntryPoint, CmsView, BrowserNavigationL LoginContext lc; try { lc = new LoginContext(NodeConstants.LOGIN_CONTEXT_USER, - new HttpRequestCallbackHandler(new ServletHttpRequest(UiContext.getHttpRequest()), + new RemoteAuthCallbackHandler(new ServletHttpRequest(UiContext.getHttpRequest()), new ServletHttpResponse(UiContext.getHttpResponse()))); lc.login(); } catch (LoginException e) { -- 2.30.2