From 064b771ae0563fd8bc6738ae26f278f1dd369780 Mon Sep 17 00:00:00 2001
From: Kevin Roast <kevin.roast@alfresco.com>
Date: Thu, 25 Aug 2016 10:41:18 +0000
Subject: [PATCH] Merged 5.2.N (5.2.1) to HEAD (5.2)    129874 kroast: Merged
 5.1.N (5.1.2) to 5.2.N (5.2.1)       129680 kroast: Merged 5.0.N (5.0.5) to
 5.1.N (5.1.2) (PARTIAL MERGE)          129458 cpopa: Merged 5.0.2 (5.0.2.24)
 to 5.0.N (5.0.4)             129454 cpopa: MNT-15376 : NTLM authentication
 sometimes fails with IE10+ (chrome OK) - concurrent socket threads           
     - Synchronize the processing of Type1 and Type3 messages on the same
 session.                - Synchronize safely by using
 WebUtils.getSessionMutex(session) than the session object directly           
     - Reuse the previously cached Type2Message in the Share
 SSOAuthenticationFilter

git-svn-id: https://svn.alfresco.com/repos/alfresco-enterprise/alfresco/HEAD/root@129879 c4b6b30b-aa2e-2d43-bbcb-ca4b014f7261
---
 .../repo/webdav/auth/BaseNTLMAuthenticationFilter.java      | 6 ++++--
 1 file changed, 4 insertions(+), 2 deletions(-)

diff --git a/source/java/org/alfresco/repo/webdav/auth/BaseNTLMAuthenticationFilter.java b/source/java/org/alfresco/repo/webdav/auth/BaseNTLMAuthenticationFilter.java
index 7d4191459d..2bdfbda47f 100644
--- a/source/java/org/alfresco/repo/webdav/auth/BaseNTLMAuthenticationFilter.java
+++ b/source/java/org/alfresco/repo/webdav/auth/BaseNTLMAuthenticationFilter.java
@@ -71,6 +71,7 @@ import org.alfresco.repo.web.auth.UnknownCredentials;
 import org.alfresco.repo.web.auth.WebCredentials;
 import org.apache.commons.codec.binary.Base64;
 import org.apache.commons.logging.Log;
+import org.springframework.web.util.WebUtils;
 
 /**
  * Base class with common code and initialisation for NTLM authentication filters.
@@ -289,6 +290,7 @@ public abstract class BaseNTLMAuthenticationFilter extends BaseSSOAuthentication
         else
         {
             HttpSession session = sreq.getSession();
+            Object sessionMutex = WebUtils.getSessionMutex(session);
             // Decode the received NTLM blob and validate
             final byte[] ntlmByts = Base64.decodeBase64(authHdr.substring(5).getBytes());
             int ntlmTyp = NTLMMessage.isNTLMType(ntlmByts);
@@ -296,7 +298,7 @@ public abstract class BaseNTLMAuthenticationFilter extends BaseSSOAuthentication
             {
                 // Process the type 1 NTLM message
                 Type1NTLMMessage type1Msg = new Type1NTLMMessage(ntlmByts);
-                synchronized (session)
+                synchronized (sessionMutex)
                 {
                     processType1(type1Msg, sreq, sresp);
                 }
@@ -306,7 +308,7 @@ public abstract class BaseNTLMAuthenticationFilter extends BaseSSOAuthentication
             {
                 // Process the type 3 NTLM message
                 Type3NTLMMessage type3Msg = new Type3NTLMMessage(ntlmByts);
-                synchronized (session)
+                synchronized (sessionMutex)
                 {
                     return processType3(type3Msg, context, sreq, sresp);
                 }