inteligr8/alfresco-community-repo
1
0
Fork 0
mirror of https://github.com/Alfresco/alfresco-community-repo.git synced 2025-08-14 17:58:59 +00:00
Code Issues Packages Projects Releases Wiki Activity

Merged V3.2 to HEAD

Browse Source 
16444: Fix ETHREEOH-2767 - regress: cannot login to MT Share, also fix unreported MT issue with site dashboards
    16671: (record-only) Merged V3.1 to V3.2 (record-only - already resolved)


git-svn-id: https://svn.alfresco.com/repos/alfresco-enterprise/alfresco/HEAD/root@16900 c4b6b30b-aa2e-2d43-bbcb-ca4b014f7261
This commit is contained in:
Jan Vonka
2009-10-14 09:56:38 +00:00
parent c90128c200
commit 1bfacb7037
4 changed files with 54 additions and 25 deletions
Download Patch File Download Diff File Expand all files Collapse all files

22
source/java/org/alfresco/repo/web/scripts/RepositoryContainer.java
View File

@@ -243,11 +243,12 @@ public class RepositoryContainer extends AbstractRuntimeContainer implements Ten
WebScript script = scriptReq.getServiceMatch().getWebScript();
Description desc = script.getDescription();
// Escalate the webscript declared level of authentication to the container required authentication (must be
// guest if MT is enabled)
// Escalate the webscript declared level of authentication to the container required authentication
// eg. must be guest if MT is enabled unless credentials are empty
RequiredAuthentication required = desc.getRequiredAuthentication();
RequiredAuthentication containerRequiredAuthentication = getRequiredAuthentication();
if (required.compareTo(containerRequiredAuthentication) < 0)
if ((required.compareTo(containerRequiredAuthentication) < 0) && (! auth.emptyCredentials()))
{
required = containerRequiredAuthentication;
}
@@ -255,9 +256,9 @@ public class RepositoryContainer extends AbstractRuntimeContainer implements Ten
if (required == RequiredAuthentication.none)
{
// TODO revisit - cleared here, in-lieu of WebClient clear
// TODO revisit - cleared here, in-lieu of WebClient clear
AuthenticationUtil.clearCurrentSecurityContext();
transactionedExecuteAs(script, scriptReq, scriptRes);
}
else if ((required == RequiredAuthentication.user || required == RequiredAuthentication.admin) && isGuest)
@@ -312,7 +313,7 @@ public class RepositoryContainer extends AbstractRuntimeContainer implements Ten
if (logger.isDebugEnabled())
{
String user = AuthenticationUtil.getFullyAuthenticatedUser();
logger.debug("Authentication reset: " + (user == null ? "unauthenticated" : "authenticated as " + user));
logger.debug("Authentication reset: " + (user == null ? "unauthenticated" : "authenticated as " + user));
}
}
}
@@ -457,15 +458,6 @@ public class RepositoryContainer extends AbstractRuntimeContainer implements Ten
@Override
public Registry getRegistry()
{
if (AuthenticationUtil.isMtEnabled())
{
String user = AuthenticationUtil.getRunAsUser();
if (user == null)
{
throw new RuntimeException("Failed to getRegistry: need to pre-authenticate in MT environment");
}
}
String tenantDomain = tenantAdminService.getCurrentUserDomain();
Registry registry = webScriptsRegistryCache.get(tenantDomain);
if (registry == null)

21
source/java/org/alfresco/repo/web/scripts/facebook/FacebookAuthenticatorFactory.java
View File

@@ -1,5 +1,5 @@
/*
* Copyright (C) 2005-2007 Alfresco Software Limited.
* Copyright (C) 2005-2009 Alfresco Software Limited.
*
* This program is free software; you can redistribute it and/or
* modify it under the terms of the GNU General Public License
@@ -82,6 +82,9 @@ public class FacebookAuthenticatorFactory implements ServletAuthenticatorFactory
private FacebookServletRequest fbReq;
private WebScriptServletResponse fbRes;
private String sessionKey;
private String user;
/**
* Construct
*
@@ -93,6 +96,9 @@ public class FacebookAuthenticatorFactory implements ServletAuthenticatorFactory
{
this.fbReq = req;
this.fbRes = res;
this.sessionKey = fbReq.getSessionKey();
this.user = fbReq.getUserId();
}
/* (non-Javadoc)
@@ -100,16 +106,13 @@ public class FacebookAuthenticatorFactory implements ServletAuthenticatorFactory
*/
public boolean authenticate(RequiredAuthentication required, boolean isGuest)
{
String sessionKey = fbReq.getSessionKey();
String user = fbReq.getUserId();
if (logger.isDebugEnabled())
{
logger.debug("fb_sig_session_key = '" + sessionKey + "'");
logger.debug("fb_sig_user = '" + user + "'");
}
if ((sessionKey == null || sessionKey.length() == 0) || (user == null || user.length() == 0))
if (emptyCredentials())
{
// session has not been established, redirect to login
@@ -145,6 +148,14 @@ public class FacebookAuthenticatorFactory implements ServletAuthenticatorFactory
AuthenticationUtil.setFullyAuthenticatedUser(user);
return true;
}
/* (non-Javadoc)
* @see org.alfresco.web.scripts.Authenticator#emptyCredentials()
*/
public boolean emptyCredentials()
{
return ((sessionKey == null || sessionKey.length() == 0) || (user == null || user.length() == 0));
}
}
}

15
source/java/org/alfresco/repo/web/scripts/portlet/JSR168PortletAuthenticatorFactory.java
View File

@@ -1,5 +1,5 @@
/*
* Copyright (C) 2005-2007 Alfresco Software Limited.
* Copyright (C) 2005-2009 Alfresco Software Limited.
*
* This program is free software; you can redistribute it and/or
* modify it under the terms of the GNU General Public License
@@ -168,6 +168,19 @@ public class JSR168PortletAuthenticatorFactory implements PortletAuthenticatorFa
return true;
}
/* (non-Javadoc)
* @see org.alfresco.web.scripts.Authenticator#emptyCredentials()
*/
public boolean emptyCredentials()
{
String portalUser = (String)req.getPortletSession().getAttribute(WebScriptPortletRequest.ALFPORTLETUSERNAME);
if (portalUser == null)
{
portalUser = req.getRemoteUser();
}
return (portalUser == null);
}
}
}

21
source/java/org/alfresco/repo/web/scripts/servlet/BasicHttpAuthenticatorFactory.java
View File

@@ -1,5 +1,5 @@
/*
* Copyright (C) 2005-2007 Alfresco Software Limited.
* Copyright (C) 2005-2009 Alfresco Software Limited.
*
* This program is free software; you can redistribute it and/or
* modify it under the terms of the GNU General Public License
@@ -81,6 +81,9 @@ public class BasicHttpAuthenticatorFactory implements ServletAuthenticatorFactor
private WebScriptServletRequest servletReq;
private WebScriptServletResponse servletRes;
private String authorization;
private String ticket;
/**
* Construct
*
@@ -92,6 +95,11 @@ public class BasicHttpAuthenticatorFactory implements ServletAuthenticatorFactor
{
this.servletReq = req;
this.servletRes = res;
HttpServletRequest httpReq = servletReq.getHttpServletRequest();
this.authorization = httpReq.getHeader("Authorization");
this.ticket = httpReq.getParameter("alf_ticket");
}
/* (non-Javadoc)
@@ -105,10 +113,7 @@ public class BasicHttpAuthenticatorFactory implements ServletAuthenticatorFactor
// validate credentials
//
HttpServletRequest req = servletReq.getHttpServletRequest();
HttpServletResponse res = servletRes.getHttpServletResponse();
String authorization = req.getHeader("Authorization");
String ticket = req.getParameter("alf_ticket");
if (logger.isDebugEnabled())
{
@@ -198,6 +203,14 @@ public class BasicHttpAuthenticatorFactory implements ServletAuthenticatorFactor
}
return authorized;
}
/* (non-Javadoc)
* @see org.alfresco.web.scripts.Authenticator#emptyCredentials()
*/
public boolean emptyCredentials()
{
return ((ticket == null || ticket.length() == 0) && (authorization == null || authorization.length() == 0));
}
}
}