Web Scripts - support for JSR-168 authenticator (without Web Client dependency)

git-svn-id: https://svn.alfresco.com/repos/alfresco-enterprise/alfresco/HEAD/root@6050 c4b6b30b-aa2e-2d43-bbcb-ca4b014f7261
2025-08-07 17:49:17 +00:00 · 2007-06-21 12:14:42 +00:00
parent e7eb98194c
commit 0fb90a5204
4 changed files with 130 additions and 2 deletions
--- a/source/java/org/alfresco/web/scripts/portlet/JSR168PortletAuthenticator.java
+++ b/source/java/org/alfresco/web/scripts/portlet/JSR168PortletAuthenticator.java
@@ -0,0 +1,96 @@
+/*
+ * Copyright (C) 2005-2007 Alfresco Software Limited.
+ *
+ * This program is free software; you can redistribute it and/or
+ * modify it under the terms of the GNU General Public License
+ * as published by the Free Software Foundation; either version 2
+ * of the License, or (at your option) any later version.
+
+ * This program is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+ * GNU General Public License for more details.
+
+ * You should have received a copy of the GNU General Public License
+ * along with this program; if not, write to the Free Software
+ * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA.
+
+ * As a special exception to the terms and conditions of version 2.0 of 
+ * the GPL, you may redistribute this Program in connection with Free/Libre 
+ * and Open Source Software ("FLOSS") applications as described in Alfresco's 
+ * FLOSS exception.  You should have recieved a copy of the text describing 
+ * the FLOSS exception, and it is also available here: 
+ * http://www.alfresco.com/legal/licensing"
+ */
+package org.alfresco.web.scripts.portlet;
+
+import javax.portlet.RenderRequest;
+import javax.portlet.RenderResponse;
+import javax.servlet.http.HttpServletResponse;
+
+import org.alfresco.repo.security.authentication.AuthenticationUtil;
+import org.alfresco.service.cmr.security.AuthenticationService;
+import org.alfresco.web.scripts.WebScriptException;
+import org.alfresco.web.scripts.WebScriptDescription.RequiredAuthentication;
+import org.apache.commons.logging.Log;
+import org.apache.commons.logging.LogFactory;
+
+
+/**
+ * Portlet authenticator
+ * 
+ * @author davidc
+ */
+public class JSR168PortletAuthenticator implements WebScriptPortletAuthenticator
+{
+    // Logger
+    private static final Log logger = LogFactory.getLog(JSR168PortletAuthenticator.class);
+
+    // dependencies
+    private AuthenticationService authenticationService;
+    
+    /**
+     * @param authenticationService
+     */
+    public void setAuthenticationService(AuthenticationService authenticationService)
+    {
+        this.authenticationService = authenticationService;
+    }
+    
+    
+    /* (non-Javadoc)
+     * @see org.alfresco.web.scripts.portlet.WebScriptPortletAuthenticator#authenticate(org.alfresco.web.scripts.WebScriptDescription.RequiredAuthentication, boolean, javax.portlet.RenderRequest, javax.portlet.RenderResponse)
+     */
+    public boolean authenticate(RequiredAuthentication required, boolean isGuest, RenderRequest req, RenderResponse res)
+    {
+        String portalUser = req.getRemoteUser();
+        
+        if (logger.isDebugEnabled())
+        {
+            logger.debug("JSR-168 Remote user: " + portalUser);
+        }
+
+        if (isGuest || portalUser == null)
+        {
+            if (logger.isDebugEnabled())
+                logger.debug("Authenticating as Guest");
+            
+            // authenticate as guest
+            AuthenticationUtil.setCurrentUser(AuthenticationUtil.getGuestUserName());
+        }
+        else
+        {
+            if (logger.isDebugEnabled())
+                logger.debug("Authenticating as user " + portalUser);
+            
+            if (!authenticationService.authenticationExists(portalUser))
+            {
+                throw new WebScriptException(HttpServletResponse.SC_FORBIDDEN, "User " + portalUser + " is not a known Alfresco user");
+            }
+            AuthenticationUtil.setCurrentUser(portalUser);
+        }
+        
+        return true;
+    }
+
+}
--- a/source/java/org/alfresco/web/scripts/portlet/WebScriptPortlet.java
+++ b/source/java/org/alfresco/web/scripts/portlet/WebScriptPortlet.java
@@ -92,7 +92,19 @@ public class WebScriptPortlet implements Portlet
        registry = (DeclarativeWebScriptRegistry)ctx.getBean("webscripts.registry");
        transactionHelper = (RetryingTransactionHelper)ctx.getBean("retryingTransactionHelper");
        authorityService = (AuthorityService)ctx.getBean("authorityService");
-        authenticator = (WebScriptPortletAuthenticator)ctx.getBean("webscripts.authenticator.jsr168");
+        
+        // retrieve authenticator via portlet initialization parameter
+        String authenticatorId = config.getInitParameter("authenticator");
+        if (authenticatorId == null || authenticatorId.length() == 0)
+        {
+            authenticatorId = "webscripts.authenticator.jsr168";
+        }
+        Object bean = ctx.getBean(authenticatorId);
+        if (bean == null || !(bean instanceof WebScriptPortletAuthenticator))
+        {
+            throw new PortletException("Initialisation parameter 'authenticator' does not refer to a Web Script authenticator (" + authenticatorId + ")");
+        }
+        authenticator = (WebScriptPortletAuthenticator)bean;
    }

    /* (non-Javadoc)