diff --git a/config/alfresco/core-services-context.xml b/config/alfresco/core-services-context.xml index ea666d9cb8..510f41e6b0 100644 --- a/config/alfresco/core-services-context.xml +++ b/config/alfresco/core-services-context.xml @@ -135,6 +135,7 @@ + ${server.maxusers} ${server.singleuseronly.name} diff --git a/config/alfresco/linkvalidation-service-context.xml b/config/alfresco/linkvalidation-service-context.xml index 09f06b08f8..326fd3513f 100644 --- a/config/alfresco/linkvalidation-service-context.xml +++ b/config/alfresco/linkvalidation-service-context.xml @@ -252,6 +252,9 @@ + + + diff --git a/source/java/org/alfresco/linkvalidation/LinkValidationAction.java b/source/java/org/alfresco/linkvalidation/LinkValidationAction.java index 1e2c17cd2e..a552271483 100644 --- a/source/java/org/alfresco/linkvalidation/LinkValidationAction.java +++ b/source/java/org/alfresco/linkvalidation/LinkValidationAction.java @@ -28,6 +28,7 @@ package org.alfresco.linkvalidation; import java.util.List; import org.alfresco.config.JNDIConstants; +import org.alfresco.error.AlfrescoRuntimeException; import org.alfresco.repo.action.ParameterDefinitionImpl; import org.alfresco.repo.action.executer.ActionExecuterAbstractBase; import org.alfresco.repo.avm.AVMNodeConverter; @@ -162,6 +163,12 @@ public class LinkValidationAction extends ActionExecuterAbstractBase LinkValidationReport report = null; try { + if (this.linkValidationService.isLinkValidationDisabled()) + { + logger.warn("Link validation (action) not performed - currently disabled by system administrator"); + throw new AlfrescoRuntimeException("Link validation not performed - currently disabled by the system administrator"); + } + // determine which API to call depending on whether there is a destination webapp present if (destWebappPath != null) { diff --git a/source/java/org/alfresco/linkvalidation/LinkValidationService.java b/source/java/org/alfresco/linkvalidation/LinkValidationService.java index d38eccd07d..f0cfae4f62 100644 --- a/source/java/org/alfresco/linkvalidation/LinkValidationService.java +++ b/source/java/org/alfresco/linkvalidation/LinkValidationService.java @@ -213,4 +213,8 @@ public interface LinkValidationService //------------------------------------------------------------------------- public List getHrefsDependentUponFile(String path); + + public void setLinkValidationDisabled(boolean disabled); + + public boolean isLinkValidationDisabled(); } diff --git a/source/java/org/alfresco/repo/admin/RepoServerMgmt.java b/source/java/org/alfresco/repo/admin/RepoServerMgmt.java index 030eac63c8..37ceb19ca8 100644 --- a/source/java/org/alfresco/repo/admin/RepoServerMgmt.java +++ b/source/java/org/alfresco/repo/admin/RepoServerMgmt.java @@ -31,6 +31,7 @@ import java.util.SortedSet; import java.util.TreeSet; import org.alfresco.error.AlfrescoRuntimeException; +import org.alfresco.linkvalidation.LinkValidationService; import org.alfresco.repo.security.authentication.AuthenticationServiceImpl; import org.alfresco.repo.transaction.TransactionServiceImpl; import org.alfresco.service.license.LicenseService; @@ -49,6 +50,7 @@ public class RepoServerMgmt implements RepoServerMgmtMBean, ApplicationContextAw private TransactionServiceImpl transactionService; private AuthenticationServiceImpl authenticationService; + private LinkValidationService linkValidationService; // property key should be the same as the one in core-services-context.xml (to allow repo to start in multi-user mode even if the property is not set) private final static String PROPERTY_KEY_SINGLE_USER_ONLY = "${server.singleuseronly.name}"; @@ -63,6 +65,11 @@ public class RepoServerMgmt implements RepoServerMgmtMBean, ApplicationContextAw this.authenticationService = authenticationService; } + public void setLinkValidationService(LinkValidationService linkValidationService) + { + this.linkValidationService = linkValidationService; + } + public void setApplicationContext(ApplicationContext ctx) { this.ctx = ctx; @@ -76,13 +83,13 @@ public class RepoServerMgmt implements RepoServerMgmtMBean, ApplicationContextAw { if (readOnly && isReadOnly()) { - log.info("Alfresco is already read-only"); + log.warn("Alfresco is already read-only"); return; } if (!readOnly && !isReadOnly()) { - log.info("Alfresco is already read-write"); + log.warn("Alfresco is already read-write"); return; } @@ -105,7 +112,7 @@ public class RepoServerMgmt implements RepoServerMgmtMBean, ApplicationContextAw if (readOnly) { - log.info("Alfresco set to be read-only"); + log.warn("Alfresco set to be read-only"); } else { @@ -237,11 +244,11 @@ public class RepoServerMgmt implements RepoServerMgmtMBean, ApplicationContextAw if (maxUsers != 0) { - log.info("Alfresco set to allow single-user (" + allowedUsername + ") logins"); + log.warn("Alfresco set to allow single-user (" + allowedUsername + ") logins only"); } else { - log.info("Alfresco set to allow single-user (" + allowedUsername + ") logins - although further logins are currently prevented (limit = 0)"); + log.warn("Alfresco set to allow single-user (" + allowedUsername + ") logins - although further logins are currently prevented (limit = 0)"); } } } @@ -253,7 +260,7 @@ public class RepoServerMgmt implements RepoServerMgmtMBean, ApplicationContextAw } else if (maxUsers == 0) { - log.info("Alfresco set to allow logins - although further logins are currently prevented (limit = 0)"); + log.warn("Alfresco set to allow logins - although further logins are currently prevented (limit = 0)"); } else if (maxUsers != 0) { @@ -307,7 +314,7 @@ public class RepoServerMgmt implements RepoServerMgmtMBean, ApplicationContextAw } else if (maxUsers == 0) { - log.info("Alfresco set to prevent further logins (limit = 0)"); + log.warn("Alfresco set to prevent further logins (limit = 0)"); } else { @@ -330,4 +337,30 @@ public class RepoServerMgmt implements RepoServerMgmtMBean, ApplicationContextAw { return authenticationService.getMaxUsers(); } + + /* + * (non-Javadoc) + * @see org.alfresco.repo.admin.RepoServerMgmtMBean#setLinkValidationDisabled(boolean) + */ + public void setLinkValidationDisabled(boolean disable) + { + linkValidationService.setLinkValidationDisabled(disable); + if (disable) + { + log.warn("Link validation disabled"); + } + else + { + log.info("Link validation enabled"); + } + } + + /* + * (non-Javadoc) + * @see org.alfresco.repo.admin.RepoServerMgmtMBean#isLinkValidationDisabled() + */ + public boolean isLinkValidationDisabled() + { + return linkValidationService.isLinkValidationDisabled(); + } } diff --git a/source/java/org/alfresco/repo/admin/RepoServerMgmtMBean.java b/source/java/org/alfresco/repo/admin/RepoServerMgmtMBean.java index ae2961167b..7bb3dbb434 100644 --- a/source/java/org/alfresco/repo/admin/RepoServerMgmtMBean.java +++ b/source/java/org/alfresco/repo/admin/RepoServerMgmtMBean.java @@ -165,4 +165,18 @@ public interface RepoServerMgmtMBean * @param int maxUsers */ public int getMaxUsers(); + + /** + * Disable or re-enable link validation + * + * @param disable true = disable, false = re-enable + */ + public void setLinkValidationDisabled(boolean disable); + + /** + * Is link validation disabled ? + * + * @param boolean true = disabled, false = enabled + */ + public boolean isLinkValidationDisabled(); } diff --git a/source/java/org/alfresco/repo/security/authentication/AuthenticationDisallowedException.java b/source/java/org/alfresco/repo/security/authentication/AuthenticationDisallowedException.java new file mode 100644 index 0000000000..7a65909bdd --- /dev/null +++ b/source/java/org/alfresco/repo/security/authentication/AuthenticationDisallowedException.java @@ -0,0 +1,44 @@ +/* + * Copyright (C) 2005-2007 Alfresco Software Limited. + * + * This program is free software; you can redistribute it and/or + * modify it under the terms of the GNU General Public License + * as published by the Free Software Foundation; either version 2 + * of the License, or (at your option) any later version. + + * This program is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + * GNU General Public License for more details. + + * You should have received a copy of the GNU General Public License + * along with this program; if not, write to the Free Software + * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA. + + * As a special exception to the terms and conditions of version 2.0 of + * the GPL, you may redistribute this Program in connection with Free/Libre + * and Open Source Software ("FLOSS") applications as described in Alfresco's + * FLOSS exception. You should have recieved a copy of the text describing + * the FLOSS exception, and it is also available here: + * http://www.alfresco.com/legal/licensing" + */ +package org.alfresco.repo.security.authentication; + +public class AuthenticationDisallowedException extends AuthenticationException +{ + /** + * + */ + static final long serialVersionUID = -5993582597632086734L; + + public AuthenticationDisallowedException(String msg) + { + super(msg); + } + + public AuthenticationDisallowedException(String msg, Throwable cause) + { + super(msg, cause); + } + +} diff --git a/source/java/org/alfresco/repo/security/authentication/AuthenticationMaxUsersException.java b/source/java/org/alfresco/repo/security/authentication/AuthenticationMaxUsersException.java new file mode 100644 index 0000000000..e553026780 --- /dev/null +++ b/source/java/org/alfresco/repo/security/authentication/AuthenticationMaxUsersException.java @@ -0,0 +1,44 @@ +/* + * Copyright (C) 2005-2007 Alfresco Software Limited. + * + * This program is free software; you can redistribute it and/or + * modify it under the terms of the GNU General Public License + * as published by the Free Software Foundation; either version 2 + * of the License, or (at your option) any later version. + + * This program is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + * GNU General Public License for more details. + + * You should have received a copy of the GNU General Public License + * along with this program; if not, write to the Free Software + * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA. + + * As a special exception to the terms and conditions of version 2.0 of + * the GPL, you may redistribute this Program in connection with Free/Libre + * and Open Source Software ("FLOSS") applications as described in Alfresco's + * FLOSS exception. You should have recieved a copy of the text describing + * the FLOSS exception, and it is also available here: + * http://www.alfresco.com/legal/licensing" + */ +package org.alfresco.repo.security.authentication; + +public class AuthenticationMaxUsersException extends AuthenticationException +{ + /** + * + */ + static final long serialVersionUID = -3804740186420556532L; + + public AuthenticationMaxUsersException(String msg) + { + super(msg); + } + + public AuthenticationMaxUsersException(String msg, Throwable cause) + { + super(msg, cause); + } + +} diff --git a/source/java/org/alfresco/repo/security/authentication/AuthenticationServiceImpl.java b/source/java/org/alfresco/repo/security/authentication/AuthenticationServiceImpl.java index d3702393e2..10f41d649e 100644 --- a/source/java/org/alfresco/repo/security/authentication/AuthenticationServiceImpl.java +++ b/source/java/org/alfresco/repo/security/authentication/AuthenticationServiceImpl.java @@ -130,14 +130,14 @@ public class AuthenticationServiceImpl implements AuthenticationService if ((allowedUsers != null) && (! allowedUsers.contains(userName))) { - throw new AuthenticationException("Username not allowed: " + userName); + throw new AuthenticationDisallowedException("Username not allowed: " + userName); } Integer maxUsers = (Integer)sysAdminCache.get(KEY_SYSADMIN_MAX_USERS); if ((maxUsers != null) && (maxUsers != -1) && (ticketComponent.getUsersWithTickets(true).size() >= maxUsers)) { - throw new AuthenticationException("Max users exceeded: " + maxUsers); + throw new AuthenticationMaxUsersException("Max users exceeded: " + maxUsers); } authenticationComponent.authenticate(userName, password);