From 0b56f5b306827a9bba11b96b18a3d2e9c9aef732 Mon Sep 17 00:00:00 2001 From: Dave Ward Date: Sat, 21 Apr 2012 09:21:51 +0000 Subject: [PATCH] Merged V4.0-BUG-FIX to HEAD 35501: ALF-13773 Simplify the is-guest vs no-authentication-at-all check for User and Admin only WebScripts 35502: Fix accidental config change .... git-svn-id: https://svn.alfresco.com/repos/alfresco-enterprise/alfresco/HEAD/root@35506 c4b6b30b-aa2e-2d43-bbcb-ca4b014f7261 --- .../alfresco/repo/web/scripts/RepositoryContainer.java | 8 ++------ 1 file changed, 2 insertions(+), 6 deletions(-) diff --git a/source/java/org/alfresco/repo/web/scripts/RepositoryContainer.java b/source/java/org/alfresco/repo/web/scripts/RepositoryContainer.java index cbe28b9254..eca3ef9b83 100644 --- a/source/java/org/alfresco/repo/web/scripts/RepositoryContainer.java +++ b/source/java/org/alfresco/repo/web/scripts/RepositoryContainer.java @@ -307,12 +307,8 @@ public class RepositoryContainer extends AbstractRuntimeContainer implements Ten // Check to see if they supplied HTTP Auth or Ticket as guest, on a script that needs more if (required == RequiredAuthentication.user || required == RequiredAuthentication.admin) { - if (auth != null) - { - isGuest = authorityService.isGuestAuthority(AuthenticationUtil.getFullyAuthenticatedUser()); - } - - if (auth == null || isGuest) + String authenticatedUser = AuthenticationUtil.getFullyAuthenticatedUser(); + if (authenticatedUser == null || authorityService.isGuestAuthority(authenticatedUser)) { throw new WebScriptException(HttpServletResponse.SC_UNAUTHORIZED, "Web Script " + desc.getId() + " requires user authentication; however, a guest has attempted access."); }