inteligr8/alfresco-community-repo
1
0
Fork 0
mirror of https://github.com/Alfresco/alfresco-community-repo.git synced 2025-08-14 17:58:59 +00:00
Code Issues Packages Projects Releases Wiki Activity

Merged 5.1.N (5.1.2) to 5.2.N (5.2.1)

Browse Source 
129680 kroast: Merged 5.0.N (5.0.5) to 5.1.N (5.1.2) (PARTIAL MERGE)
      129458 cpopa: Merged 5.0.2 (5.0.2.24) to 5.0.N (5.0.4)
         129454 cpopa: MNT-15376 : NTLM authentication sometimes fails with IE10+ (chrome OK) - concurrent socket threads   
            - Synchronize the processing of Type1 and Type3 messages on the same session.
            - Synchronize safely by using WebUtils.getSessionMutex(session) than the session object directly
            - Reuse the previously cached Type2Message in the Share SSOAuthenticationFilter


git-svn-id: https://svn.alfresco.com/repos/alfresco-enterprise/alfresco/BRANCHES/DEV/5.2.N/root@129874 c4b6b30b-aa2e-2d43-bbcb-ca4b014f7261
This commit is contained in:
Kevin Roast
2016-08-25 10:37:45 +00:00
parent 51c220c5a5
commit 0c779ff00b
1 changed files with 4 additions and 2 deletions
Download Patch File Download Diff File Expand all files Collapse all files

6
source/java/org/alfresco/repo/webdav/auth/BaseNTLMAuthenticationFilter.java
View File

@@ -71,6 +71,7 @@ import org.alfresco.repo.web.auth.UnknownCredentials;
import org.alfresco.repo.web.auth.WebCredentials; import org.alfresco.repo.web.auth.WebCredentials;
import org.apache.commons.codec.binary.Base64; import org.apache.commons.codec.binary.Base64;
import org.apache.commons.logging.Log; import org.apache.commons.logging.Log;
import org.springframework.web.util.WebUtils;
/** /**
* Base class with common code and initialisation for NTLM authentication filters. * Base class with common code and initialisation for NTLM authentication filters.
@@ -289,6 +290,7 @@ public abstract class BaseNTLMAuthenticationFilter extends BaseSSOAuthentication
else else
{ {
HttpSession session = sreq.getSession(); HttpSession session = sreq.getSession();
Object sessionMutex = WebUtils.getSessionMutex(session);
// Decode the received NTLM blob and validate // Decode the received NTLM blob and validate
final byte[] ntlmByts = Base64.decodeBase64(authHdr.substring(5).getBytes()); final byte[] ntlmByts = Base64.decodeBase64(authHdr.substring(5).getBytes());
int ntlmTyp = NTLMMessage.isNTLMType(ntlmByts); int ntlmTyp = NTLMMessage.isNTLMType(ntlmByts);
@@ -296,7 +298,7 @@ public abstract class BaseNTLMAuthenticationFilter extends BaseSSOAuthentication
{ {
// Process the type 1 NTLM message // Process the type 1 NTLM message
Type1NTLMMessage type1Msg = new Type1NTLMMessage(ntlmByts); Type1NTLMMessage type1Msg = new Type1NTLMMessage(ntlmByts);
synchronized (session) synchronized (sessionMutex)
{ {
processType1(type1Msg, sreq, sresp); processType1(type1Msg, sreq, sresp);
} }
@@ -306,7 +308,7 @@ public abstract class BaseNTLMAuthenticationFilter extends BaseSSOAuthentication
{ {
// Process the type 3 NTLM message // Process the type 3 NTLM message
Type3NTLMMessage type3Msg = new Type3NTLMMessage(ntlmByts); Type3NTLMMessage type3Msg = new Type3NTLMMessage(ntlmByts);
synchronized (session) synchronized (sessionMutex)
{ {
return processType3(type3Msg, context, sreq, sresp); return processType3(type3Msg, context, sreq, sresp);
} }