Author: skabashnyuk
Date: 2010-06-15 04:06:47 -0400 (Tue, 15 Jun 2010)
New Revision: 2586
Modified:
jcr/branches/1.12-SEC/exo.jcr.component.core/src/main/java/org/exoplatform/services/jcr/impl/core/RepositoryImpl.java
Log:
EXOJCR-764 : secure login
Modified:
jcr/branches/1.12-SEC/exo.jcr.component.core/src/main/java/org/exoplatform/services/jcr/impl/core/RepositoryImpl.java
===================================================================
---
jcr/branches/1.12-SEC/exo.jcr.component.core/src/main/java/org/exoplatform/services/jcr/impl/core/RepositoryImpl.java 2010-06-15
08:05:04 UTC (rev 2585)
+++
jcr/branches/1.12-SEC/exo.jcr.component.core/src/main/java/org/exoplatform/services/jcr/impl/core/RepositoryImpl.java 2010-06-15
08:06:47 UTC (rev 2586)
@@ -43,6 +43,9 @@
import java.io.IOException;
import java.io.InputStream;
+import java.security.AccessController;
+import java.security.PrivilegedActionException;
+import java.security.PrivilegedExceptionAction;
import java.util.ArrayList;
import java.util.HashMap;
import java.util.Iterator;
@@ -487,22 +490,50 @@
/**
* {@inheritDoc}
*/
- public Session login(Credentials credentials, String workspaceName) throws
LoginException, NoSuchWorkspaceException,
+ public Session login(final Credentials credentials, String workspaceName) throws
LoginException, NoSuchWorkspaceException,
RepositoryException
{
+
if (getState() == OFFLINE)
LOG.warn("Repository " + getName() + " is OFFLINE.");
ConversationState state;
- if (credentials != null)
- state = authenticationPolicy.authenticate(credentials);
- else
- state = authenticationPolicy.authenticate();
+ PrivilegedExceptionAction<Object> action = new
PrivilegedExceptionAction<Object>()
+ {
+ public Object run() throws Exception
+ {
+ if (credentials != null)
+ return authenticationPolicy.authenticate(credentials);
+ else
+ return authenticationPolicy.authenticate();
+ }
+ };
+ try
+ {
+ state = (ConversationState)AccessController.doPrivileged(action);
+ }
+ catch (PrivilegedActionException pae)
+ {
+ Throwable cause = pae.getCause();
+ if (cause instanceof LoginException)
+ {
+ throw (LoginException)cause;
+ }
+ else if (cause instanceof RuntimeException)
+ {
+ throw (RuntimeException)cause;
+ }
+ else
+ {
+ throw new RuntimeException(cause);
+ }
+ }
return internalLogin(state, workspaceName);
+
}
/**
Show replies by date