Examples with SecurityContext - org.polymap.core.security.SecurityContext

Example 1 with SecurityContext

use of org.polymap.core.security.SecurityContext in project polymap4-core by Polymap4.

the class ServiceContext2 method execute.

public <E extends Exception> void execute(Task<E> task) throws E {
    // XXX no GeoServerClassLoader; just one instance per JVM
    // assert context.cl != null;
    // ClassLoader orig = Thread.currentThread().getContextClassLoader();
    // Thread.currentThread().setContextClassLoader( context.cl );
    // assert Thread.currentThread().getContextClassLoader() == context.cl;
    SessionContext current = SessionContext.current();
    assert current == null : "Thread already mapped to a SessionContext: " + current.getSessionKey();
    try {
        boolean mapped = contextProvider.mapContext(sessionKey, true);
        log.debug("SessionContext: " + SessionContext.current());
        assert mapped : "Thread already mapped to a SessionContext: " + SessionContext.current().getSessionKey();
        SecurityContext securityContext = SecurityContext.instance();
        if (!securityContext.isLoggedIn()) {
            // XXX this user is used to authenticate upstream mapzone services
            securityContext.loginTrusted("admin");
        }
        task.call();
    } finally {
        // Thread.currentThread().setContextClassLoader( orig );
        contextProvider.unmapContext();
    }
}

Also used : SecurityContext(org.polymap.core.security.SecurityContext) SessionContext(org.polymap.core.runtime.session.SessionContext)

Example 2 with SecurityContext

use of org.polymap.core.security.SecurityContext in project polymap4-core by Polymap4.

the class SecurityManagerAdapter method authenticate.

public Object authenticate(String user, String passwd) {
    HttpServletRequest req = io.milton.servlet.ServletRequest.getRequest();
    final HttpSession session = req.getSession();
    UserPrincipal sessionUser = (UserPrincipal) session.getAttribute("sessionUser");
    if (sessionUser == null) {
        log.info("WebDAV login: " + user);
        SecurityContext sc = SecurityContext.instance();
        if (sc.isLoggedIn()) {
            log.info("Already logged in as: " + sc.getUser().getName());
            sessionUser = (UserPrincipal) sc.getUser();
            session.setAttribute("sessionUser", sessionUser);
            return WebDavServer.createNewSession(sessionUser);
        } else if (sc.login(user, passwd)) {
            sessionUser = (UserPrincipal) sc.getUser();
            session.setAttribute("sessionUser", sessionUser);
            return WebDavServer.createNewSession(sessionUser);
        } else {
            log.warn("Login failed.");
            return null;
        }
    }
    return sessionUser != null && sessionUser.getName().equals(user) ? sessionUser : null;
}

Also used : HttpServletRequest(javax.servlet.http.HttpServletRequest) HttpSession(javax.servlet.http.HttpSession) SecurityContext(org.polymap.core.security.SecurityContext) UserPrincipal(org.polymap.core.security.UserPrincipal)

Aggregations

SecurityContext (org.polymap.core.security.SecurityContext)2 HttpServletRequest (javax.servlet.http.HttpServletRequest)1 HttpSession (javax.servlet.http.HttpSession)1 SessionContext (org.polymap.core.runtime.session.SessionContext)1 UserPrincipal (org.polymap.core.security.UserPrincipal)1