From ca254fcb19301adbf5ad86cb860b7528782cfc29 Mon Sep 17 00:00:00 2001 From: Mathieu Baudier Date: Wed, 14 Nov 2018 11:47:13 +0100 Subject: [PATCH] Make Eclipse 4 UI auth more robust --- .../org/argeo/cms/e4/addons/AuthAddon.java | 30 ++++++++++++++++++- 1 file changed, 29 insertions(+), 1 deletion(-) diff --git a/org.argeo.cms.e4/src/org/argeo/cms/e4/addons/AuthAddon.java b/org.argeo.cms.e4/src/org/argeo/cms/e4/addons/AuthAddon.java index 6f03139ca..326a67e10 100644 --- a/org.argeo.cms.e4/src/org/argeo/cms/e4/addons/AuthAddon.java +++ b/org.argeo.cms.e4/src/org/argeo/cms/e4/addons/AuthAddon.java @@ -1,9 +1,15 @@ package org.argeo.cms.e4.addons; +import java.security.AccessController; import java.util.Iterator; import javax.annotation.PostConstruct; +import javax.security.auth.Subject; +import javax.servlet.http.HttpServletRequest; +import org.apache.commons.logging.Log; +import org.apache.commons.logging.LogFactory; +import org.argeo.cms.CmsException; import org.argeo.cms.auth.CurrentUser; import org.eclipse.e4.ui.model.application.MApplication; import org.eclipse.e4.ui.model.application.ui.MElementContainer; @@ -13,19 +19,23 @@ import org.eclipse.e4.ui.model.application.ui.basic.MTrimmedWindow; import org.eclipse.e4.ui.model.application.ui.basic.MWindow; public class AuthAddon { + private final static Log log = LogFactory.getLog(AuthAddon.class); + public final static String AUTH = "auth."; @PostConstruct void init(MApplication application) { Iterator windows = application.getChildren().iterator(); + boolean atLeastOneTopLevelWindowVisible = false; windows: while (windows.hasNext()) { MWindow window = windows.next(); // main window boolean windowVisible = process(window); if (!windowVisible) { - windows.remove(); +// windows.remove(); continue windows; } + atLeastOneTopLevelWindowVisible = true; // trim bars if (window instanceof MTrimmedWindow) { Iterator trimBars = ((MTrimmedWindow) window).getTrimBars().iterator(); @@ -37,6 +47,11 @@ public class AuthAddon { } } } + + if (!atLeastOneTopLevelWindowVisible) { + log.warn("No top-level window is authorized for user " + CurrentUser.getUsername() + ", logging out.."); + logout(); + } } protected boolean process(MUIElement element) { @@ -74,4 +89,17 @@ public class AuthAddon { return true; } + + protected void logout() { + Subject subject = Subject.getSubject(AccessController.getContext()); + try { + CurrentUser.logoutCmsSession(subject); + } catch (Exception e) { + throw new CmsException("Cannot log out", e); + } + HttpServletRequest request = org.argeo.eclipse.ui.specific.UiContext.getHttpRequest(); + if (request != null) + request.getSession().setMaxInactiveInterval(0); + } + } -- 2.30.2