View Javadoc
1   package org.argeo.cms.auth;
2   
3   import java.util.Locale;
4   import java.util.Map;
5   
6   import javax.security.auth.Subject;
7   import javax.security.auth.callback.CallbackHandler;
8   import javax.security.auth.login.LoginException;
9   import javax.security.auth.spi.LoginModule;
10  import javax.servlet.http.HttpServletRequest;
11  
12  import org.apache.commons.logging.Log;
13  import org.apache.commons.logging.LogFactory;
14  import org.argeo.cms.CmsException;
15  import org.osgi.framework.BundleContext;
16  import org.osgi.framework.FrameworkUtil;
17  import org.osgi.service.useradmin.Authorization;
18  import org.osgi.service.useradmin.UserAdmin;
19  
20  /** Anonymous CMS user */
21  public class AnonymousLoginModule implements LoginModule {
22  	private final static Log log = LogFactory.getLog(AnonymousLoginModule.class);
23  
24  	private Subject subject;
25  	private Map<String, Object> sharedState = null;
26  
27  	// private state
28  	private BundleContext bc;
29  
30  	@SuppressWarnings("unchecked")
31  	@Override
32  	public void initialize(Subject subject, CallbackHandler callbackHandler, Map<String, ?> sharedState,
33  			Map<String, ?> options) {
34  		this.subject = subject;
35  		this.sharedState = (Map<String, Object>) sharedState;
36  		try {
37  			bc = FrameworkUtil.getBundle(AnonymousLoginModule.class).getBundleContext();
38  			assert bc != null;
39  		} catch (Exception e) {
40  			throw new CmsException("Cannot initialize login module", e);
41  		}
42  	}
43  
44  	@Override
45  	public boolean login() throws LoginException {
46  		return true;
47  	}
48  
49  	@Override
50  	public boolean commit() throws LoginException {
51  		UserAdmin userAdmin = bc.getService(bc.getServiceReference(UserAdmin.class));
52  		Authorization authorization = userAdmin.getAuthorization(null);
53  		HttpServletRequest request = (HttpServletRequest) sharedState.get(CmsAuthUtils.SHARED_STATE_HTTP_REQUEST);
54  		Locale locale = Locale.getDefault();
55  		if (request != null)
56  			locale = request.getLocale();
57  		CmsAuthUtils.addAuthorization(subject, authorization);
58  		CmsAuthUtils.registerSessionAuthorization(request, subject, authorization, locale);
59  		if (log.isTraceEnabled())
60  			log.trace("Anonymous logged in to CMS: " + subject);
61  		return true;
62  	}
63  
64  	@Override
65  	public boolean abort() throws LoginException {
66  		// authorization = null;
67  		return true;
68  	}
69  
70  	@Override
71  	public boolean logout() throws LoginException {
72  		if (log.isTraceEnabled())
73  			log.trace("Logging out anonymous from CMS... " + subject);
74  		CmsAuthUtils.cleanUp(subject);
75  		return true;
76  	}
77  }