View Javadoc
1   /*
2    * Copyright (C) 2007-2012 Argeo GmbH
3    *
4    * Licensed under the Apache License, Version 2.0 (the "License");
5    * you may not use this file except in compliance with the License.
6    * You may obtain a copy of the License at
7    *
8    *         http://www.apache.org/licenses/LICENSE-2.0
9    *
10   * Unless required by applicable law or agreed to in writing, software
11   * distributed under the License is distributed on an "AS IS" BASIS,
12   * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
13   * See the License for the specific language governing permissions and
14   * limitations under the License.
15   */
16  package org.argeo.cms.spring;
17  
18  import javax.security.auth.Subject;
19  import javax.security.auth.login.LoginContext;
20  import javax.security.auth.login.LoginException;
21  
22  import org.apache.commons.logging.Log;
23  import org.apache.commons.logging.LogFactory;
24  import org.argeo.cms.CmsException;
25  import org.argeo.node.NodeConstants;
26  
27  /** Provides base method for executing code with system authorization. */
28  abstract class AbstractSystemExecution {
29  	private final static Log log = LogFactory.getLog(AbstractSystemExecution.class);
30  	private final Subject subject = new Subject();
31  
32  	/** Authenticate the calling thread */
33  	protected void authenticateAsSystem() {
34  		ClassLoader origClassLoader = Thread.currentThread().getContextClassLoader();
35  		Thread.currentThread().setContextClassLoader(getClass().getClassLoader());
36  		try {
37  			LoginContext lc = new LoginContext(NodeConstants.LOGIN_CONTEXT_DATA_ADMIN, subject);
38  			lc.login();
39  		} catch (LoginException e) {
40  			throw new CmsException("Cannot login as system", e);
41  		} finally {
42  			Thread.currentThread().setContextClassLoader(origClassLoader);
43  		}
44  		if (log.isTraceEnabled())
45  			log.trace("System authenticated");
46  	}
47  
48  	protected void deauthenticateAsSystem() {
49  		ClassLoader origClassLoader = Thread.currentThread().getContextClassLoader();
50  		Thread.currentThread().setContextClassLoader(getClass().getClassLoader());
51  		try {
52  			LoginContext lc = new LoginContext(NodeConstants.LOGIN_CONTEXT_DATA_ADMIN, subject);
53  			lc.logout();
54  		} catch (LoginException e) {
55  			throw new CmsException("Cannot logout as system", e);
56  		} finally {
57  			Thread.currentThread().setContextClassLoader(origClassLoader);
58  		}
59  	}
60  
61  	protected Subject getSubject() {
62  		return subject;
63  	}
64  }