inteligr8/alfresco-community-repo
1
0
Fork 0
mirror of https://github.com/Alfresco/alfresco-community-repo.git synced 2025-07-31 17:39:05 +00:00
Code Issues Packages Projects Releases Wiki Activity

- AJAX framework now handles unauthenticated requests properly

Browse Source 
- Removed JavaScript layer above dojo
- Minor updates following wiki writeup

git-svn-id: https://svn.alfresco.com/repos/alfresco-enterprise/alfresco/HEAD/root@3331 c4b6b30b-aa2e-2d43-bbcb-ca4b014f7261
This commit is contained in:
Gavin Cornwell
2006-07-17 12:01:48 +00:00
parent 9f0066637a
commit 1c5f72db89
3 changed files with 22 additions and 56 deletions
Download Patch File Download Diff File Expand all files Collapse all files

20
source/java/org/alfresco/web/app/servlet/BaseServlet.java
View File

@@ -103,8 +103,22 @@ public abstract class BaseServlet extends HttpServlet
* *
* @throws IOException * @throws IOException
*/ */
public AuthenticationStatus servletAuthenticate(HttpServletRequest req, HttpServletResponse res) public AuthenticationStatus servletAuthenticate(HttpServletRequest req, HttpServletResponse res)
throws IOException throws IOException
{
return servletAuthenticate(req, res, true);
}
/**
* Perform an authentication for the servlet request URI. Processing any "ticket" or
* "guest" URL arguments.
*
* @return AuthenticationStatus
*
* @throws IOException
*/
public AuthenticationStatus servletAuthenticate(HttpServletRequest req, HttpServletResponse res,
boolean redirectToLoginPage) throws IOException
{ {
AuthenticationStatus status; AuthenticationStatus status;
@@ -124,9 +138,9 @@ public abstract class BaseServlet extends HttpServlet
} }
status = AuthenticationHelper.authenticate(getServletContext(), req, res, forceGuest); status = AuthenticationHelper.authenticate(getServletContext(), req, res, forceGuest);
} }
if (status == AuthenticationStatus.Failure) if (status == AuthenticationStatus.Failure && redirectToLoginPage)
{ {
// authentication failed - now need to display the login page to the user // authentication failed - now need to display the login page to the user, if asked to
redirectToLoginPage(req, res, getServletContext()); redirectToLoginPage(req, res, getServletContext());
} }

18
source/java/org/alfresco/web/app/servlet/ajax/AjaxServlet.java
View File

@@ -22,9 +22,7 @@ import org.apache.commons.logging.LogFactory;
* The URL to the servlet should be in the form: * The URL to the servlet should be in the form:
* <pre>/alfresco/ajax/command/Bean.binding.expression</pre> * <pre>/alfresco/ajax/command/Bean.binding.expression</pre>
* <p> * <p>
* where 'command' is one of 'invoke', 'get' or 'set'. * See http://wiki.alfresco.com/wiki/AJAX_Support for details.
* <p>
* TODO: Explain what the commands do...
* <p> * <p>
* Like most Alfresco servlets, the URL may be followed by a valid 'ticket' argument for authentication: * Like most Alfresco servlets, the URL may be followed by a valid 'ticket' argument for authentication:
* ?ticket=1234567890 * ?ticket=1234567890
@@ -69,14 +67,12 @@ public class AjaxServlet extends BaseServlet
} }
} }
// ************ // Make sure the user is authenticated, if not throw an error to return the
// TODO: Need to send in a flag to method to stop it from redirecting // 500 Internal Server Error code back to the client
// to login page, we can then throw an error in here!! AuthenticationStatus status = servletAuthenticate(request, response, false);
AuthenticationStatus status = servletAuthenticate(request, response);
if (status == AuthenticationStatus.Failure) if (status == AuthenticationStatus.Failure)
{ {
return; throw new AlfrescoRuntimeException("Access Denied: User not authenticated");
} }
uri = uri.substring(request.getContextPath().length()); uri = uri.substring(request.getContextPath().length());
@@ -109,10 +105,6 @@ public class AjaxServlet extends BaseServlet
{ {
command = new GetCommand(); command = new GetCommand();
} }
// else if (Command.set.toString().equals(commandName))
// {
// command = new SetCommand();
// }
else else
{ {
throw new AlfrescoRuntimeException("Unrecognised command received: " + commandName); throw new AlfrescoRuntimeException("Unrecognised command received: " + commandName);

40
source/web/scripts/ajax.js
View File

@@ -3,46 +3,6 @@
// Gavin Cornwell 14-07-2006 // Gavin Cornwell 14-07-2006
// //
/**
* Makes an AJAX request to the server using POST. A text/html response
* is presumed.
*
* @param context The name of the application, normally "/alfresco"
* @param command The AJAX command to call, either 'invoke', 'get' or 'set'
* @param expression The managed bean expression
* @param callbackHandler The function to callback when the request completes
*/
function ajaxPostRequest(context, command, expression, callbackHandler)
{
makeAjaxRequest(context, command, expression, null, callbackHandler,
"post", "text/html");
}
/**
* Makes an AJAX request to the server using POST.
*
* @param context The name of the application, normally "/alfresco"
* @param command The AJAX command to call, either 'invoke', 'get' or 'set'
* @param expression The managed bean expression
* @param parameters Set of parameters to pass with the request
* @param callbackHandler The function to callback when the request completes
* @param method The HTTP method to use for the request either "get" or "post"
* @param contentType The mimetype to expect from the server
*/
function makeAjaxRequest(context, command, expression, parameters,
callbackHandler, method, contentType)
{
// use dojo to do the actual work
dojo.io.bind({
method: method,
url: context + "/ajax/" + command + "/" + expression,
content: parameters,
load: callbackHandler,
error: handleErrorDojo,
mimetype: contentType
});
}
/** /**
* Default handler for errors * Default handler for errors
*/ */