View Javadoc
1   /*
2    * Copyright (C) 2007-2012 Argeo GmbH
3    *
4    * Licensed under the Apache License, Version 2.0 (the "License");
5    * you may not use this file except in compliance with the License.
6    * You may obtain a copy of the License at
7    *
8    *         http://www.apache.org/licenses/LICENSE-2.0
9    *
10   * Unless required by applicable law or agreed to in writing, software
11   * distributed under the License is distributed on an "AS IS" BASIS,
12   * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
13   * See the License for the specific language governing permissions and
14   * limitations under the License.
15   */
16  package org.argeo.cms.ui.workbench.rap;
17  
18  import java.security.PrivilegedAction;
19  
20  import javax.security.auth.Subject;
21  import javax.security.auth.login.LoginContext;
22  import javax.security.auth.login.LoginException;
23  
24  import org.apache.commons.logging.Log;
25  import org.apache.commons.logging.LogFactory;
26  import org.argeo.cms.CmsException;
27  import org.argeo.node.NodeConstants;
28  import org.eclipse.rap.rwt.RWT;
29  import org.eclipse.rap.rwt.application.EntryPoint;
30  import org.eclipse.swt.widgets.Display;
31  import org.eclipse.ui.PlatformUI;
32  
33  /**
34   * RAP entry point which authenticates the subject as anonymous, for public
35   * unauthenticated access.
36   */
37  public class AnonymousEntryPoint implements EntryPoint {
38  	private final static Log log = LogFactory.getLog(AnonymousEntryPoint.class);
39  
40  	/**
41  	 * How many seconds to wait before invalidating the session if the user has
42  	 * not yet logged in.
43  	 */
44  	private Integer sessionTimeout = 5 * 60;
45  
46  	@Override
47  	public int createUI() {
48  		RWT.getRequest().getSession().setMaxInactiveInterval(sessionTimeout);
49  
50  		// if (log.isDebugEnabled())
51  		// log.debug("Anonymous THREAD=" + Thread.currentThread().getId()
52  		// + ", sessionStore=" + RWT.getSessionStore().getId());
53  
54  		final Display display = PlatformUI.createDisplay();
55  		Subject subject = new Subject();
56  
57  		final LoginContext loginContext;
58  		try {
59  			loginContext = new LoginContext(NodeConstants.LOGIN_CONTEXT_ANONYMOUS,
60  					subject);
61  			loginContext.login();
62  		} catch (LoginException e1) {
63  			throw new CmsException("Cannot initialize login context", e1);
64  		}
65  
66  		// identify after successful login
67  		if (log.isDebugEnabled())
68  			log.debug("Authenticated " + subject);
69  		final String username = subject.getPrincipals().iterator().next()
70  				.getName();
71  
72  		// Logout callback when the display is disposed
73  		display.disposeExec(new Runnable() {
74  			public void run() {
75  				log.debug("Display disposed");
76  				logout(loginContext, username);
77  			}
78  		});
79  
80  		//
81  		// RUN THE WORKBENCH
82  		//
83  		Integer returnCode = null;
84  		try {
85  			returnCode = Subject.doAs(subject, new PrivilegedAction<Integer>() {
86  				public Integer run() {
87  					RapWorkbenchAdvisor workbenchAdvisor = new RapWorkbenchAdvisor(
88  							null);
89  					int result = PlatformUI.createAndRunWorkbench(display,
90  							workbenchAdvisor);
91  					return new Integer(result);
92  				}
93  			});
94  			logout(loginContext, username);
95  			if (log.isTraceEnabled())
96  				log.trace("Return code " + returnCode);
97  		} finally {
98  			display.dispose();
99  		}
100 		return 1;
101 	}
102 
103 	private void logout(LoginContext loginContext, String username) {
104 		try {
105 			loginContext.logout();
106 			log.info("Logged out " + (username != null ? username : "")
107 					+ " (THREAD=" + Thread.currentThread().getId() + ")");
108 		} catch (LoginException e) {
109 			log.error("Erorr when logging out", e);
110 		}
111 	}
112 }