Session support on CLI.

The CLI has been modified to support executing multiple commands through
the same session. A new 'connect' command has been added to establish
the session. A new 'disconnect' command has been added to destroy the
session. This way it's no longer necessary to specify the authentication
info in each commands:

  pki <auth info> connect
  pki user-find
  pki user-show caadmin
  pki disconnect

The old way of specifying the authentication info in each command will
continue to work, but the commands will be executed in separate sessions:

  pki <auth info> user-find
  pki <auth info> user-show caadmin

Ticket #474

1 files changed, 8 insertions, 0 deletions

diff --git a/base/common/src/com/netscape/cms/tomcat/SSLAuthenticatorWithFallback.java b/base/common/src/com/netscape/cms/tomcat/SSLAuthenticatorWithFallback.java
index d1b3dc3f2..2e4d2002a 100644
--- a/base/common/src/com/netscape/cms/tomcat/SSLAuthenticatorWithFallback.java
+++ b/base/common/src/com/netscape/cms/tomcat/SSLAuthenticatorWithFallback.java
@@ -19,6 +19,7 @@
 package com.netscape.cms.tomcat;
 
 import java.io.IOException;
+import java.security.Principal;
 import java.security.cert.X509Certificate;
 
 import javax.servlet.http.HttpServletRequest;
@@ -77,6 +78,13 @@ public class SSLAuthenticatorWithFallback extends AuthenticatorBase {
     @Override
     public boolean authenticate(Request request, HttpServletResponse response, LoginConfig config) throws IOException {
 
+        log("Session: "+request.getSession().getId());
+        Principal principal = request.getPrincipal();
+        if (principal != null) {
+            log("Already authenticated as "+principal.getName());
+            return true;
+        }
+
         X509Certificate certs[] = (X509Certificate[]) request.getAttribute(Globals.CERTIFICATES_ATTR);
         boolean result;