From 126421fb158e20c09f7cbf78f52bb77d56575428 Mon Sep 17 00:00:00 2001
From: Derek Hulley <derek.hulley@alfresco.com>
Date: Fri, 26 Oct 2007 13:21:16 +0000
Subject: [PATCH] Merged V2.2. to HEAD    7236: Merged V2.1 to V2.2       7205:
 Typos and fixed Italian messages       7234: Fix AR-1824 (Login ticket stuff)
       7235: Fix for AWC-1513 and AWC-1139

git-svn-id: https://svn.alfresco.com/repos/alfresco-enterprise/alfresco/HEAD/root@7237 c4b6b30b-aa2e-2d43-bbcb-ca4b014f7261
---
 .../AuthenticationServiceImpl.java            |  3 ++
 .../authentication/AuthenticationTest.java    | 28 +++++++++++++++++++
 .../authentication/AuthenticationUtil.java    |  1 +
 .../InMemoryTicketComponentImpl.java          |  9 ++++++
 .../authentication/TicketComponent.java       |  6 ++++
 5 files changed, 47 insertions(+)

diff --git a/source/java/org/alfresco/repo/security/authentication/AuthenticationServiceImpl.java b/source/java/org/alfresco/repo/security/authentication/AuthenticationServiceImpl.java
index 53115c7739..425b73e63f 100644
--- a/source/java/org/alfresco/repo/security/authentication/AuthenticationServiceImpl.java
+++ b/source/java/org/alfresco/repo/security/authentication/AuthenticationServiceImpl.java
@@ -118,6 +118,7 @@ public class AuthenticationServiceImpl implements AuthenticationService
             clearCurrentSecurityContext();
             throw ae;
         }
+        ticketComponent.clearCurrentTicket();
     }
     
     public boolean authenticationExists(String userName)
@@ -168,6 +169,7 @@ public class AuthenticationServiceImpl implements AuthenticationService
     public void clearCurrentSecurityContext()
     {
         authenticationComponent.clearCurrentSecurityContext();
+        ticketComponent.clearCurrentTicket();
     }
 
     public boolean isCurrentUserTheSystemUser()
@@ -183,6 +185,7 @@ public class AuthenticationServiceImpl implements AuthenticationService
     public void authenticateAsGuest() throws AuthenticationException
     {
         authenticationComponent.setGuestUserAsCurrentUser();
+        ticketComponent.clearCurrentTicket();
     }
     
     public boolean guestUserAuthenticationAllowed()
diff --git a/source/java/org/alfresco/repo/security/authentication/AuthenticationTest.java b/source/java/org/alfresco/repo/security/authentication/AuthenticationTest.java
index 1d32e18f02..312a080b11 100644
--- a/source/java/org/alfresco/repo/security/authentication/AuthenticationTest.java
+++ b/source/java/org/alfresco/repo/security/authentication/AuthenticationTest.java
@@ -465,6 +465,8 @@ public class AuthenticationTest extends TestCase
         // assertNull(dao.getUserOrNull("Andy"));
     }
 
+  
+    
     public void testTicket()
     {
         dao.createUser("Andy", "ticket".toCharArray());
@@ -702,6 +704,32 @@ public class AuthenticationTest extends TestCase
         // assertNull(dao.getUserOrNull("Andy"));
 
     }
+    
+    public void testAuthenticationServiceGetNewTicket()
+    {
+        authenticationService.createAuthentication("GUEST", "".toCharArray());
+        authenticationService.authenticate("GUEST", "".toCharArray());
+
+        // create an authentication object e.g. the user
+        authenticationService.createAuthentication("Andy", "auth1".toCharArray());
+
+        // authenticate with this user details
+        authenticationService.authenticate("Andy", "auth1".toCharArray());
+
+        // assert the user is authenticated
+        assertEquals("Andy", authenticationService.getCurrentUserName());
+        
+        String ticket1 = authenticationService.getCurrentTicket();
+        
+        authenticationService.authenticate("Andy", "auth1".toCharArray());
+
+        // assert the user is authenticated
+        assertEquals("Andy", authenticationService.getCurrentUserName());
+        
+        String ticket2 = authenticationService.getCurrentTicket();
+        
+        assertFalse(ticket1.equals(ticket2));
+    }
 
     public void testAuthenticationService1()
     {
diff --git a/source/java/org/alfresco/repo/security/authentication/AuthenticationUtil.java b/source/java/org/alfresco/repo/security/authentication/AuthenticationUtil.java
index 65fef412a8..2cd5805c91 100644
--- a/source/java/org/alfresco/repo/security/authentication/AuthenticationUtil.java
+++ b/source/java/org/alfresco/repo/security/authentication/AuthenticationUtil.java
@@ -277,6 +277,7 @@ public abstract class AuthenticationUtil
     public static void clearCurrentSecurityContext()
     {
         ContextHolder.setContext(null);
+        InMemoryTicketComponentImpl.clearCurrentSecurityContext();
     }
 
     /**
diff --git a/source/java/org/alfresco/repo/security/authentication/InMemoryTicketComponentImpl.java b/source/java/org/alfresco/repo/security/authentication/InMemoryTicketComponentImpl.java
index 84ae4fc5d6..f450a028b0 100644
--- a/source/java/org/alfresco/repo/security/authentication/InMemoryTicketComponentImpl.java
+++ b/source/java/org/alfresco/repo/security/authentication/InMemoryTicketComponentImpl.java
@@ -340,4 +340,13 @@ public class InMemoryTicketComponentImpl implements TicketComponent
         }
     }
 
+    public void clearCurrentTicket()
+    {
+        clearCurrentSecurityContext();
+    }
+    
+    public static void clearCurrentSecurityContext()
+    {
+        currentTicket.set(null);
+    }
 }
diff --git a/source/java/org/alfresco/repo/security/authentication/TicketComponent.java b/source/java/org/alfresco/repo/security/authentication/TicketComponent.java
index 26d968ceac..e462b2c785 100644
--- a/source/java/org/alfresco/repo/security/authentication/TicketComponent.java
+++ b/source/java/org/alfresco/repo/security/authentication/TicketComponent.java
@@ -97,4 +97,10 @@ public interface TicketComponent
      * @return the authority
      */
     public String getAuthorityForTicket(String ticket);
+    
+    /**
+     * Clear the current ticket
+     *
+     */
+    public void clearCurrentTicket();
 }