diff --git a/source/java/org/alfresco/repo/cmis/ws/AuthenticationInterceptor.java b/source/java/org/alfresco/repo/cmis/ws/AuthenticationInterceptor.java index d0b5810e97..90e5060574 100644 --- a/source/java/org/alfresco/repo/cmis/ws/AuthenticationInterceptor.java +++ b/source/java/org/alfresco/repo/cmis/ws/AuthenticationInterceptor.java @@ -52,7 +52,7 @@ public class AuthenticationInterceptor extends AbstractSoapInterceptor WSUsernameTokenPrincipal principal = (WSUsernameTokenPrincipal) secRes.get(WSSecurityEngineResult.TAG_PRINCIPAL); // Authenticate - AuthenticationUtil.setCurrentUser(principal.getName()); + AuthenticationUtil.setFullyAuthenticatedUser(principal.getName()); } } diff --git a/source/java/org/alfresco/repo/web/scripts/RepositoryContainer.java b/source/java/org/alfresco/repo/web/scripts/RepositoryContainer.java index c0b5a817b2..e0cbd62f97 100644 --- a/source/java/org/alfresco/repo/web/scripts/RepositoryContainer.java +++ b/source/java/org/alfresco/repo/web/scripts/RepositoryContainer.java @@ -183,7 +183,7 @@ public class RepositoryContainer extends AbstractRuntimeContainer implements Ten private void addRepoParameters(Map params) { if (AlfrescoTransactionSupport.getTransactionId() != null && - AuthenticationUtil.getCurrentAuthentication() != null) + AuthenticationUtil.getFullAuthentication() != null) { NodeRef rootHome = repository.getRootHome(); if (rootHome != null) @@ -239,10 +239,11 @@ public class RepositoryContainer extends AbstractRuntimeContainer implements Ten try { + AuthenticationUtil.pushAuthentication(); // // Determine if user already authenticated // - currentUser = AuthenticationUtil.getCurrentUserName(); + currentUser = AuthenticationUtil.getFullyAuthenticatedUser(); if (logger.isDebugEnabled()) { logger.debug("Current authentication: " + (currentUser == null ? "unauthenticated" : "authenticated as " + currentUser)); @@ -255,7 +256,7 @@ public class RepositoryContainer extends AbstractRuntimeContainer implements Ten // if (auth == null || auth.authenticate(required, isGuest)) { - if (required == RequiredAuthentication.admin && !(authorityService.hasAdminAuthority() || AuthenticationUtil.getCurrentUserName().equals(AuthenticationUtil.getSystemUserName()))) + if (required == RequiredAuthentication.admin && !(authorityService.hasAdminAuthority() || AuthenticationUtil.getFullyAuthenticatedUser().equals(AuthenticationUtil.getSystemUserName()))) { throw new WebScriptException(HttpServletResponse.SC_UNAUTHORIZED, "Web Script " + desc.getId() + " requires admin authentication; however, a non-admin has attempted access."); } @@ -269,14 +270,13 @@ public class RepositoryContainer extends AbstractRuntimeContainer implements Ten // // Reset authentication for current thread // - AuthenticationUtil.clearCurrentSecurityContext(); - if (currentUser != null) - { - AuthenticationUtil.setCurrentUser(currentUser); - } + AuthenticationUtil.popAuthentication(); if (logger.isDebugEnabled()) - logger.debug("Authentication reset: " + (currentUser == null ? "unauthenticated" : "authenticated as " + currentUser)); + { + String user = AuthenticationUtil.getFullyAuthenticatedUser(); + logger.debug("Authentication reset: " + (user == null ? "unauthenticated" : "authenticated as " + user)); + } } } } diff --git a/source/java/org/alfresco/repo/web/scripts/TestWebScriptRepoServer.java b/source/java/org/alfresco/repo/web/scripts/TestWebScriptRepoServer.java index 8155e1e2eb..a3a19b066c 100644 --- a/source/java/org/alfresco/repo/web/scripts/TestWebScriptRepoServer.java +++ b/source/java/org/alfresco/repo/web/scripts/TestWebScriptRepoServer.java @@ -74,7 +74,7 @@ public class TestWebScriptRepoServer extends TestWebScriptServer try { TestWebScriptServer testServer = getTestServer(); - AuthenticationUtil.setSystemUserAsCurrentUser(); + AuthenticationUtil.setRunAsUserSystem(); testServer.rep(); } catch(Throwable e) diff --git a/source/java/org/alfresco/repo/web/scripts/activities/feed/SiteFeedRetrieverWebScript.java b/source/java/org/alfresco/repo/web/scripts/activities/feed/SiteFeedRetrieverWebScript.java index 56e1274798..4d1eb46b63 100644 --- a/source/java/org/alfresco/repo/web/scripts/activities/feed/SiteFeedRetrieverWebScript.java +++ b/source/java/org/alfresco/repo/web/scripts/activities/feed/SiteFeedRetrieverWebScript.java @@ -103,7 +103,7 @@ public class SiteFeedRetrieverWebScript extends DeclarativeWebScript SiteInfo siteInfo = siteService.getSite(siteId); if (siteInfo == null) { - String currentUser = AuthenticationUtil.getCurrentUserName(); + String currentUser = AuthenticationUtil.getFullyAuthenticatedUser(); status.setCode(Status.STATUS_UNAUTHORIZED); logger.warn("Unable to get site feed entries for '" + siteId + "' (site does not exist or is private) - currently logged in as '" + currentUser +"'"); diff --git a/source/java/org/alfresco/repo/web/scripts/activities/feed/UserFeedRetrieverWebScript.java b/source/java/org/alfresco/repo/web/scripts/activities/feed/UserFeedRetrieverWebScript.java index b1fee38dfb..9b76640b65 100644 --- a/source/java/org/alfresco/repo/web/scripts/activities/feed/UserFeedRetrieverWebScript.java +++ b/source/java/org/alfresco/repo/web/scripts/activities/feed/UserFeedRetrieverWebScript.java @@ -30,7 +30,6 @@ import java.util.List; import java.util.Map; import org.alfresco.error.AlfrescoRuntimeException; -import org.alfresco.repo.security.authentication.AuthenticationException; import org.alfresco.repo.security.authentication.AuthenticationUtil; import org.alfresco.service.cmr.activities.ActivityService; import org.alfresco.service.cmr.security.AuthorityService; @@ -95,10 +94,10 @@ public class UserFeedRetrieverWebScript extends DeclarativeWebScript if ((feedUserId == null) || (feedUserId.length() == 0)) { - feedUserId = AuthenticationUtil.getCurrentUserName(); + feedUserId = AuthenticationUtil.getFullyAuthenticatedUser(); } - String currentUser = AuthenticationUtil.getCurrentUserName(); + String currentUser = AuthenticationUtil.getFullyAuthenticatedUser(); if (! ((currentUser == null) || (currentUser.equals(AuthenticationUtil.getSystemUserName())) || (authorityService.isAdminAuthority(currentUser)) || diff --git a/source/java/org/alfresco/repo/web/scripts/bean/LoginTicket.java b/source/java/org/alfresco/repo/web/scripts/bean/LoginTicket.java index e48ea3ae0b..1f3ca789ae 100644 --- a/source/java/org/alfresco/repo/web/scripts/bean/LoginTicket.java +++ b/source/java/org/alfresco/repo/web/scripts/bean/LoginTicket.java @@ -79,7 +79,7 @@ public class LoginTicket extends DeclarativeWebScript String ticketUser = ticketComponent.validateTicket(ticket); // do not go any further if tickets are different - if (!AuthenticationUtil.getCurrentUserName().equals(ticketUser)) + if (!AuthenticationUtil.getFullyAuthenticatedUser().equals(ticketUser)) { status.setRedirect(true); status.setCode(HttpServletResponse.SC_NOT_FOUND); diff --git a/source/java/org/alfresco/repo/web/scripts/bean/LoginTicketDelete.java b/source/java/org/alfresco/repo/web/scripts/bean/LoginTicketDelete.java index b8e36b0f5e..b9570ecd59 100644 --- a/source/java/org/alfresco/repo/web/scripts/bean/LoginTicketDelete.java +++ b/source/java/org/alfresco/repo/web/scripts/bean/LoginTicketDelete.java @@ -89,7 +89,7 @@ public class LoginTicketDelete extends DeclarativeWebScript String ticketUser = ticketComponent.validateTicket(ticket); // do not go any further if tickets are different - if (!AuthenticationUtil.getCurrentUserName().equals(ticketUser)) + if (!AuthenticationUtil.getFullyAuthenticatedUser().equals(ticketUser)) { status.setCode(HttpServletResponse.SC_NOT_FOUND); status.setMessage("Ticket not found"); diff --git a/source/java/org/alfresco/repo/web/scripts/facebook/FacebookAuthenticatorFactory.java b/source/java/org/alfresco/repo/web/scripts/facebook/FacebookAuthenticatorFactory.java index f4b3e811aa..a2080bcdd4 100644 --- a/source/java/org/alfresco/repo/web/scripts/facebook/FacebookAuthenticatorFactory.java +++ b/source/java/org/alfresco/repo/web/scripts/facebook/FacebookAuthenticatorFactory.java @@ -142,7 +142,7 @@ public class FacebookAuthenticatorFactory implements ServletAuthenticatorFactory logger.debug("Facebook session established; authenticating as user " + user); // session has been established, authenticate as Facebook user id - AuthenticationUtil.setCurrentUser(user); + AuthenticationUtil.setFullyAuthenticatedUser(user); return true; } } diff --git a/source/java/org/alfresco/repo/web/scripts/invite/CancelInviteAction.java b/source/java/org/alfresco/repo/web/scripts/invite/CancelInviteAction.java index 3e36fb6cf3..76da1b71fa 100644 --- a/source/java/org/alfresco/repo/web/scripts/invite/CancelInviteAction.java +++ b/source/java/org/alfresco/repo/web/scripts/invite/CancelInviteAction.java @@ -82,7 +82,7 @@ public class CancelInviteAction extends JBPMSpringActionHandler // throw http status 'forbidden' Web Script Exception if current user is not a Site Manager of the site // associated with the invite (identified by inviteID) - String currentUserName = AuthenticationUtil.getCurrentUserName(); + String currentUserName = AuthenticationUtil.getFullyAuthenticatedUser(); String currentUserSiteRole = this.siteService.getMembersRole(siteShortName, currentUserName); if ((currentUserSiteRole == null) || (currentUserSiteRole.equals(SiteModel.SITE_MANAGER) == false)) { diff --git a/source/java/org/alfresco/repo/web/scripts/invite/InviteByTicket.java b/source/java/org/alfresco/repo/web/scripts/invite/InviteByTicket.java index 5d49dca5c6..9cccfd43c0 100644 --- a/source/java/org/alfresco/repo/web/scripts/invite/InviteByTicket.java +++ b/source/java/org/alfresco/repo/web/scripts/invite/InviteByTicket.java @@ -91,7 +91,7 @@ public class InviteByTicket extends DeclarativeWebScript String inviteTicket = req.getServiceMatch().getTemplateVars().get("inviteTicket"); // authenticate as system for the rest of the webscript - AuthenticationUtil.setSystemUserAsCurrentUser(); + AuthenticationUtil.setRunAsUserSystem(); // find the workflow for the given id WorkflowTask workflowTask = InviteHelper.findInviteStartTask(inviteId, workflowService); diff --git a/source/java/org/alfresco/repo/web/scripts/invite/InviteServiceTest.java b/source/java/org/alfresco/repo/web/scripts/invite/InviteServiceTest.java index d14ea7683f..44d97a457b 100644 --- a/source/java/org/alfresco/repo/web/scripts/invite/InviteServiceTest.java +++ b/source/java/org/alfresco/repo/web/scripts/invite/InviteServiceTest.java @@ -1,5 +1,5 @@ /* - * Copyright (C) 2005-2007 Alfresco Software Limited. + * Copyright (C) 2005-2008 Alfresco Software Limited. * * This program is free software; you can redistribute it and/or * modify it under the terms of the GNU General Public License @@ -112,6 +112,12 @@ public class InviteServiceTest extends BaseWebScriptTest protected void setUp() throws Exception { super.setUp(); + + /** + * We don't want to be authenticated as 'system' but run as 'InviterUser', because then + * 'system' will be the creator for the sites and 'inviterUser' will be a nobody. + */ + AuthenticationUtil.clearCurrentSecurityContext(); // get references to services this.authorityService = (AuthorityService) getServer().getApplicationContext().getBean("AuthorityService"); @@ -140,7 +146,7 @@ public class InviteServiceTest extends BaseWebScriptTest // Create new invitee email address list this.inviteeEmailAddrs = new ArrayList(); - + // // various setup operations which need to be run as system user // @@ -158,6 +164,16 @@ public class InviteServiceTest extends BaseWebScriptTest } }, AuthenticationUtil.getSystemUserName()); + // The creation of sites is heavily dependent on the authenticated user. We must ensure that, + // when doing the runAs below, the user both 'runAs' and 'fullyAuthenticated'. In order for + // this to be the case, the security context MUST BE EMPTY now. We could do the old + // "defensive clear", but really there should not be any lurking authentications on this thread + // after the context starts up. If there are, that is a bug, and we fail explicitly here. + String residuallyAuthenticatedUser = AuthenticationUtil.getFullyAuthenticatedUser(); + assertNull( + "Residual authentication on context-initiating thread (this thread):" + residuallyAuthenticatedUser, + residuallyAuthenticatedUser); + // // various setup operations which need to be run as inviter user // @@ -704,7 +720,7 @@ public class InviteServiceTest extends BaseWebScriptTest public void testStartInviteForbiddenWhenInviterNotSiteManager() throws Exception { // inviter2 starts invite workflow, but he/she is not the site manager of the given site - AuthenticationUtil.setCurrentUser(USER_INVITER_2); + AuthenticationUtil.setFullyAuthenticatedUser(USER_INVITER_2); startInvite(INVITEE_FIRSTNAME, INVITEE_LASTNAME, INVITEE_SITE_ROLE, SITE_SHORT_NAME_INVITE_3, Status.STATUS_FORBIDDEN); } @@ -720,7 +736,7 @@ public class InviteServiceTest extends BaseWebScriptTest // when inviter 2 (who is not Site Manager of the given site) tries to cancel invite // http status FORBIDDEN must be returned - AuthenticationUtil.setCurrentUser(USER_INVITER_2); + AuthenticationUtil.setFullyAuthenticatedUser(USER_INVITER_2); cancelInvite(inviteId, Status.STATUS_FORBIDDEN); } diff --git a/source/java/org/alfresco/repo/web/scripts/person/PersonPut.java b/source/java/org/alfresco/repo/web/scripts/person/PersonPut.java index a7ede2a01d..149018b4b7 100644 --- a/source/java/org/alfresco/repo/web/scripts/person/PersonPut.java +++ b/source/java/org/alfresco/repo/web/scripts/person/PersonPut.java @@ -93,7 +93,7 @@ public class PersonPut extends DeclarativeWebScript catch (AccessDeniedException err) { // catch security exception if the user does not have permissions - String currentUserName = AuthenticationUtil.getCurrentUserName(); + String currentUserName = AuthenticationUtil.getFullyAuthenticatedUser(); String personUserName = (String)nodeService.getProperty(person, ContentModel.PROP_USERNAME); throw new WebScriptException(Status.STATUS_INTERNAL_SERVER_ERROR, "Current user: " + currentUserName + " does not have the appropriate permissons to update " diff --git a/source/java/org/alfresco/repo/web/scripts/portlet/JSR168PortletAuthenticatorFactory.java b/source/java/org/alfresco/repo/web/scripts/portlet/JSR168PortletAuthenticatorFactory.java index d8ab2b7dc8..ecc2dc249f 100644 --- a/source/java/org/alfresco/repo/web/scripts/portlet/JSR168PortletAuthenticatorFactory.java +++ b/source/java/org/alfresco/repo/web/scripts/portlet/JSR168PortletAuthenticatorFactory.java @@ -127,7 +127,7 @@ public class JSR168PortletAuthenticatorFactory implements PortletAuthenticatorFa logger.debug("Authenticating as Guest"); // authenticate as guest - AuthenticationUtil.setCurrentUser(AuthenticationUtil.getGuestUserName()); + AuthenticationUtil.setFullyAuthenticatedUser(AuthenticationUtil.getGuestUserName()); } else { @@ -144,7 +144,7 @@ public class JSR168PortletAuthenticatorFactory implements PortletAuthenticatorFa { throw new WebScriptException(HttpServletResponse.SC_FORBIDDEN, "User " + portalUser + " is not a known Alfresco user"); } - AuthenticationUtil.setCurrentUser(portalUser); + AuthenticationUtil.setFullyAuthenticatedUser(portalUser); } catch (Throwable err) { diff --git a/source/java/org/alfresco/repo/webdav/auth/BaseSSOAuthenticationFilter.java b/source/java/org/alfresco/repo/webdav/auth/BaseSSOAuthenticationFilter.java index 6f0baddd61..67fed59005 100644 --- a/source/java/org/alfresco/repo/webdav/auth/BaseSSOAuthenticationFilter.java +++ b/source/java/org/alfresco/repo/webdav/auth/BaseSSOAuthenticationFilter.java @@ -46,6 +46,8 @@ import org.alfresco.model.ContentModel; import org.alfresco.repo.SessionUser; import org.alfresco.repo.security.authentication.AuthenticationComponent; import org.alfresco.repo.security.authentication.AuthenticationException; +import org.alfresco.repo.security.authentication.AuthenticationUtil; +import org.alfresco.repo.security.authentication.AuthenticationUtil.RunAsWork; import org.alfresco.service.ServiceRegistry; import org.alfresco.service.cmr.repository.NodeRef; import org.alfresco.service.cmr.repository.NodeService; @@ -289,16 +291,17 @@ public abstract class BaseSSOAuthenticationFilter implements Filter // Setup User object and Home space ID etc. - NodeRef personNodeRef = m_personService.getPerson(userName); + final NodeRef personNodeRef = m_personService.getPerson(userName); // Use the system user context to do the user lookup - - m_authComponent.setCurrentUser(m_authComponent.getSystemUserName()); - - // User name should match the uid in the person entry found - - m_authComponent.setSystemUserAsCurrentUser(); - userName = (String) m_nodeService.getProperty(personNodeRef, ContentModel.PROP_USERNAME); + RunAsWork getUserNameRunAsWork = new RunAsWork() + { + public String doWork() throws Exception + { + return (String) m_nodeService.getProperty(personNodeRef, ContentModel.PROP_USERNAME); + } + }; + userName = AuthenticationUtil.runAs(getUserNameRunAsWork, AuthenticationUtil.SYSTEM_USER_NAME); m_authComponent.setCurrentUser(userName); String currentTicket = m_authService.getCurrentTicket();