Author: ruchaud Date: 2008-08-21 17:19:18 +0000 (Thu, 21 Aug 2008) New Revision: 1041 Modified: trunk/topia-service/src/java/org/codelutin/topia/taas/TaasService.java trunk/topia-service/src/java/org/codelutin/topia/taas/jaas/TaasLoginModule.java Log: Utilisation d'une transaction non s?\195?\169curis?\195?\169 pour la modification de l'utilisateur lors de la connexion Modified: trunk/topia-service/src/java/org/codelutin/topia/taas/TaasService.java =================================================================== --- trunk/topia-service/src/java/org/codelutin/topia/taas/TaasService.java 2008-08-20 13:53:46 UTC (rev 1040) +++ trunk/topia-service/src/java/org/codelutin/topia/taas/TaasService.java 2008-08-21 17:19:18 UTC (rev 1041) @@ -38,6 +38,7 @@ import java.util.Collection; import java.util.Iterator; import java.util.List; +import java.util.Properties; import javax.security.auth.Subject; import javax.security.auth.login.Configuration; @@ -45,12 +46,15 @@ import org.apache.commons.logging.Log; import org.apache.commons.logging.LogFactory; import org.codelutin.topia.TopiaContext; +import org.codelutin.topia.TopiaContextFactory; import org.codelutin.topia.TopiaException; import org.codelutin.topia.TopiaNotFoundException; import org.codelutin.topia.event.TopiaTransactionEvent; import org.codelutin.topia.event.TopiaTransactionVetoable; +import org.codelutin.topia.framework.TopiaContextImpl; import org.codelutin.topia.framework.TopiaContextImplementor; import org.codelutin.topia.framework.TopiaService; +import org.codelutin.topia.framework.TopiaUtil; import org.codelutin.topia.persistence.TopiaDAO; import org.codelutin.topia.persistence.TopiaEntity; import org.codelutin.topia.persistence.TopiaId; @@ -91,6 +95,7 @@ private TaasPolicy policy = new TaasPolicy(this); private TopiaContextImplementor rootContext; + private TopiaContext rootContextNoSecure; private TaasAccessEntity accessEntity; private TaasSubjectFinder subjectFinder; @@ -131,7 +136,7 @@ try { org.hibernate.cfg.Configuration configuration = rootContext.getHibernateConfiguration(); - // R�cup�ration du param�tre pour l'�v�nemnt + // Recuperation du parametre pour l'evenemnt String eventString = configuration.getProperty(SERVICE_EVENT); if(eventString != null && !"".equals(eventString)) { Class<TaasAccessEntity> eventClass = (Class<TaasAccessEntity>) Class.forName(eventString); @@ -141,7 +146,7 @@ accessEntity = new TaasEntityVetoable(this); } - // R�cup�ration du param�tre pour le subject + // Recuperation du parametre pour le subject String subjectString = configuration.getProperty(SERVICE_SUBJECT); if(subjectString != null && !"".equals(subjectString)) { Class<TaasSubjectFinder> subjectClass = (Class<TaasSubjectFinder>) Class.forName(subjectString); @@ -150,9 +155,22 @@ subjectFinder = new TaasSubjectFinderImpl(); } + // Recupere un context root sans securite + Properties config = rootContext.getConfig(); + + config.remove("topia.service.taas"); + String persistences = config.getProperty("topia.persistence.classes"); + for (Class klass : getPersistenceClasses()) { + persistences += "," + klass.getName(); + } + config.setProperty("topia.persistence.classes", persistences); + + rootContextNoSecure = TopiaContextFactory.getContext(config); + } catch (Exception e) { throw new SecurityException("Init security error", e); } + return true; } @@ -206,6 +224,14 @@ } /** + * Permet de recuperer un context root sans securite + * @return context root non securise + */ + public TopiaContext getRootContextNoSecure() throws TopiaException { + return rootContextNoSecure; + } + + /** * Permet de r�cup�rer le subject en cours * @return subject */ Modified: trunk/topia-service/src/java/org/codelutin/topia/taas/jaas/TaasLoginModule.java =================================================================== --- trunk/topia-service/src/java/org/codelutin/topia/taas/jaas/TaasLoginModule.java 2008-08-20 13:53:46 UTC (rev 1040) +++ trunk/topia-service/src/java/org/codelutin/topia/taas/jaas/TaasLoginModule.java 2008-08-21 17:19:18 UTC (rev 1041) @@ -37,6 +37,7 @@ import java.util.Date; import java.util.HashSet; import java.util.Map; +import java.util.Properties; import java.util.Set; import javax.security.auth.Subject; @@ -50,8 +51,11 @@ import org.apache.commons.logging.Log; import org.apache.commons.logging.LogFactory; import org.codelutin.topia.TopiaContext; +import org.codelutin.topia.TopiaContextFactory; import org.codelutin.topia.TopiaException; import org.codelutin.topia.TopiaServiceDAOHelper; +import org.codelutin.topia.framework.TopiaContextImpl; +import org.codelutin.topia.framework.TopiaUtil; import org.codelutin.topia.taas.TaasService; import org.codelutin.topia.taas.TaasUtil; import org.codelutin.topia.taas.entities.TaasPrincipal; @@ -129,7 +133,7 @@ //Vérification du login/pass et récupération des Principals try { - TopiaContext rootContext = taasService.getRootContext(); + TopiaContext rootContext = taasService.getRootContextNoSecure(); TopiaContext transaction = rootContext.beginTransaction(); TaasUserDAO userDAO = TopiaServiceDAOHelper.getTaasUserDAO(transaction); @@ -158,6 +162,7 @@ throw new LoginException("Erreur lors de l'authentification " + login); } + transaction.commitTransaction(); transaction.closeContext(); } catch (TopiaException te) { // Echec de récupération de l'utilisateur