inteligr8/alfresco-community-repo
1
0
Fork 0
mirror of https://github.com/Alfresco/alfresco-community-repo.git synced 2025-07-24 17:32:48 +00:00
Code Issues Packages Projects Releases Wiki Activity

Checkpoint of client Guest access implementation

Browse Source 
git-svn-id: https://svn.alfresco.com/repos/alfresco-enterprise/alfresco/HEAD/root@2140 c4b6b30b-aa2e-2d43-bbcb-ca4b014f7261
This commit is contained in:
Kevin Roast
2006-01-18 16:42:27 +00:00
parent b2770cd90a
commit 3e5aa0c84a
5 changed files with 182 additions and 5 deletions
Download Patch File Download Diff File Expand all files Collapse all files

32
source/java/org/alfresco/web/app/portlet/AlfrescoFacesPortlet.java
View File

@@ -40,6 +40,7 @@ import org.alfresco.web.app.Application;
import org.alfresco.web.app.servlet.AuthenticationHelper;
import org.alfresco.web.bean.ErrorBean;
import org.alfresco.web.bean.FileUploadBean;
import org.alfresco.web.bean.LoginBean;
import org.alfresco.web.bean.repository.User;
import org.apache.commons.fileupload.FileItem;
import org.apache.commons.fileupload.disk.DiskFileItemFactory;
@@ -59,6 +60,7 @@ import org.springframework.web.context.WebApplicationContext;
*/
public class AlfrescoFacesPortlet extends MyFacesGenericPortlet
{
private static final String PREF_ALF_USERNAME = "_alfUserName";
public static final String INSTANCE_NAME = "AlfrescoClientInstance";
public static final String MANAGED_BEAN_PREFIX = "javax.portlet.p." + INSTANCE_NAME + "?";
@@ -146,7 +148,6 @@ public class AlfrescoFacesPortlet extends MyFacesGenericPortlet
}
else
{
String viewId = request.getParameter(VIEW_ID);
User user = (User)request.getPortletSession().getAttribute(AuthenticationHelper.AUTHENTICATION_USER);
if (user != null)
{
@@ -158,6 +159,23 @@ public class AlfrescoFacesPortlet extends MyFacesGenericPortlet
AuthenticationService auth = (AuthenticationService)ctx.getBean("authenticationService");
auth.validate(user.getTicket());
// save last username into portlet preferences, get from LoginBean state
LoginBean loginBean = (LoginBean)request.getPortletSession().getAttribute(AuthenticationHelper.LOGIN_BEAN);
if (loginBean != null)
{
//
// TODO: Need to login to JBoss Portal to get a user here to store prefs against
// so not really a suitable solution as they get thrown away at present!
// Also would need to store prefs PER user - so auto login for each...?
//
String oldValue = request.getPreferences().getValue(PREF_ALF_USERNAME, null);
if (oldValue == null || oldValue.equals(loginBean.getUsernameInternal()) == false)
{
request.getPreferences().setValue(PREF_ALF_USERNAME, loginBean.getUsernameInternal());
request.getPreferences().store();
}
}
// do the normal JSF processing
super.processAction(request, response);
}
@@ -226,6 +244,7 @@ public class AlfrescoFacesPortlet extends MyFacesGenericPortlet
{
// if we have no User object in the session then an HTTP Session timeout must have occured
// use the viewId to check that we are not already on the login page
PortletSession session = request.getPortletSession();
String viewId = request.getParameter(VIEW_ID);
User user = (User)request.getPortletSession().getAttribute(AuthenticationHelper.AUTHENTICATION_USER);
if (user == null && (viewId == null || viewId.equals(getLoginPage()) == false))
@@ -233,6 +252,10 @@ public class AlfrescoFacesPortlet extends MyFacesGenericPortlet
if (logger.isDebugEnabled())
logger.debug("No valid User login, requesting login page. ViewId: " + viewId);
// set last used username as special session value used by the LoginBean
session.setAttribute(AuthenticationHelper.SESSION_USERNAME,
request.getPreferences().getValue(PREF_ALF_USERNAME, null));
// login page redirect
response.setContentType("text/html");
request.getPortletSession().setAttribute(PortletUtil.PORTLET_REQUEST_FLAG, "true");
@@ -240,6 +263,13 @@ public class AlfrescoFacesPortlet extends MyFacesGenericPortlet
}
else
{
if (session.getAttribute(AuthenticationHelper.SESSION_INVALIDATED) != null)
{
// remove the username preference value as explicit logout was requested by the user
request.getPreferences().reset(PREF_ALF_USERNAME);
session.removeAttribute(AuthenticationHelper.SESSION_INVALIDATED);
}
try
{
if (user != null)

89
source/java/org/alfresco/web/app/servlet/AuthenticationHelper.java
View File

@@ -19,6 +19,7 @@ package org.alfresco.web.app.servlet;
import java.io.IOException;
import javax.servlet.ServletContext;
import javax.servlet.http.Cookie;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
@@ -27,25 +28,44 @@ import org.alfresco.repo.security.authentication.AuthenticationException;
import org.alfresco.service.cmr.security.AuthenticationService;
import org.alfresco.web.app.Application;
import org.alfresco.web.app.portlet.AlfrescoFacesPortlet;
import org.alfresco.web.bean.LoginBean;
import org.alfresco.web.bean.repository.User;
import org.springframework.web.context.WebApplicationContext;
import org.springframework.web.context.support.WebApplicationContextUtils;
/**
* Helper to authenticate the current user using available Ticket information.
*
* @author Kevin Roast
*/
public final class AuthenticationHelper
{
public final static String AUTHENTICATION_USER = "_alfAuthTicket";
public static final String AUTHENTICATION_USER = "_alfAuthTicket";
public static final String SESSION_USERNAME = "_alfLastUser";
public static final String SESSION_INVALIDATED = "_alfSessionInvalid";
public static final String LOGIN_BEAN = "LoginBean";
private static final String AUTHENTICATION_SERVICE = "authenticationService";
private static final String COOKIE_ALFUSER = "alfUser";
/**
* Helper to authenticate the current user using session based Ticket information.
* <p>
* User information is looked up in the Session. If found the ticket is retrieved and validated.
* If no User info is found or the ticket is invalid then a redirect is performed to the login page.
*
* @return true if authentication successful, false otherwise.
*/
public static boolean authenticate(ServletContext context, HttpServletRequest httpRequest, HttpServletResponse httpResponse)
throws IOException
{
// examine the appropriate session for our User object
User user;
LoginBean loginBean = null;
if (Application.inPortalServer() == false)
{
user = (User)httpRequest.getSession().getAttribute(AUTHENTICATION_USER);
loginBean = (LoginBean)httpRequest.getSession().getAttribute(LOGIN_BEAN);
}
else
{
@@ -54,7 +74,7 @@ public final class AuthenticationHelper
if (user == null)
{
// no user/ticket - redirect to login page
// no user/ticket found - redirect to login page
httpResponse.sendRedirect(httpRequest.getContextPath() + "/faces" + Application.getLoginPage(context));
return false;
@@ -63,7 +83,7 @@ public final class AuthenticationHelper
{
// setup the authentication context
WebApplicationContext ctx = WebApplicationContextUtils.getRequiredWebApplicationContext(context);
AuthenticationService auth = (AuthenticationService)ctx.getBean("authenticationService");
AuthenticationService auth = (AuthenticationService)ctx.getBean(AUTHENTICATION_SERVICE);
try
{
auth.validate(user.getTicket());
@@ -75,6 +95,12 @@ public final class AuthenticationHelper
return false;
}
// set last authentication username cookie value
if (loginBean != null)
{
setUsernameCookie(httpRequest, httpResponse, loginBean.getUsernameInternal());
}
// Set the current locale
I18NUtil.setLocale(Application.getLanguage(httpRequest.getSession()));
@@ -82,12 +108,17 @@ public final class AuthenticationHelper
}
}
/**
* Helper to authenticate the current user using the supplied Ticket value.
*
* @return true if authentication successful, false otherwise.
*/
public static boolean authenticate(ServletContext context, HttpServletRequest httpRequest, HttpServletResponse httpResponse, String ticket)
throws IOException
{
// setup the authentication context
WebApplicationContext ctx = WebApplicationContextUtils.getRequiredWebApplicationContext(context);
AuthenticationService auth = (AuthenticationService)ctx.getBean("authenticationService");
AuthenticationService auth = (AuthenticationService)ctx.getBean(AUTHENTICATION_SERVICE);
try
{
auth.validate(ticket);
@@ -102,4 +133,54 @@ public final class AuthenticationHelper
return true;
}
/**
* Setup the Alfresco auth cookie value.
*
* @param httpRequest
* @param httpResponse
* @param username
*/
public static void setUsernameCookie(HttpServletRequest httpRequest, HttpServletResponse httpResponse, String username)
{
Cookie authCookie = getAuthCookie(httpRequest);
if (authCookie == null)
{
authCookie = new Cookie(COOKIE_ALFUSER, username);
}
else
{
authCookie.setValue(username);
}
authCookie.setPath(httpRequest.getContextPath());
// TODO: make this configurable - currently 7 days (value in seconds)
authCookie.setMaxAge(60*60*24*7);
httpResponse.addCookie(authCookie);
}
/**
* Helper to return the Alfresco auth cookie. The cookie saves the last used username value.
*
* @param httpRequest
*
* @return Cookie if found or null if not present
*/
public static Cookie getAuthCookie(HttpServletRequest httpRequest)
{
Cookie authCookie = null;
Cookie[] cookies = httpRequest.getCookies();
if (cookies != null)
{
for (int i=0; i<cookies.length; i++)
{
if (COOKIE_ALFUSER.equals(cookies[i].getName()))
{
// found cookie
authCookie = cookies[i];
break;
}
}
}
return authCookie;
}
}

23
source/java/org/alfresco/web/bean/LoginBean.java
View File

@@ -135,6 +135,23 @@ public class LoginBean
* @return The username string from login dialog
*/
public String getUsername()
{
// this value may have been set by a servlet filter via a cookie
// check for this by detecting a special value in the session
FacesContext context = FacesContext.getCurrentInstance();
Map session = context.getExternalContext().getSessionMap();
String username = (String)session.get(AuthenticationHelper.SESSION_USERNAME);
if (username != null)
{
session.remove(AuthenticationHelper.SESSION_USERNAME);
this.username = username;
}
return this.username;
}
public String getUsernameInternal()
{
return this.username;
}
@@ -446,6 +463,12 @@ public class LoginBean
this.authenticationService.invalidateTicket(user.getTicket());
}
// Request that the username cookie state is removed - this is not
// possible from JSF - so instead we setup a session variable
// which will be detected by the login.jsp/Portlet as appropriate.
session = context.getExternalContext().getSessionMap();
session.put(AuthenticationHelper.SESSION_INVALIDATED, true);
// set language to last used
if (this.language != null && this.language.length() != 0)
{

26
source/web/jsp/login.jsp
View File

@@ -20,9 +20,35 @@
<%@ taglib uri="/WEB-INF/alfresco.tld" prefix="a" %>
<%@ taglib uri="/WEB-INF/repo.tld" prefix="r" %>
<%@ page import="org.alfresco.web.app.servlet.AuthenticationHelper" %>
<%@ page import="javax.servlet.http.Cookie" %>
<%@ page buffer="16kb" contentType="text/html;charset=UTF-8" %>
<%@ page isELIgnored="false" %>
<%
Cookie authCookie = AuthenticationHelper.getAuthCookie(request);
// remove the username cookie value if explicit logout was requested by the user
if (session.getAttribute(AuthenticationHelper.SESSION_INVALIDATED) != null)
{
if (authCookie != null)
{
authCookie.setMaxAge(0);
response.addCookie(authCookie);
}
session.removeAttribute(AuthenticationHelper.SESSION_INVALIDATED);
}
else
{
// setup value used by JSF bean state ready for login page if we find the cookie
if (authCookie != null)
{
session.setAttribute(AuthenticationHelper.SESSION_USERNAME, authCookie.getValue());
}
}
%>
<body bgcolor="#ffffff" style="background-image: url(<%=request.getContextPath()%>/images/logo/AlfrescoFadedBG.png); background-repeat: no-repeat; background-attachment: fixed">
<r:page titleId="title_login">

17
source/web/jsp/relogin.jsp
View File

@@ -20,9 +20,26 @@
<%@ taglib uri="/WEB-INF/alfresco.tld" prefix="a" %>
<%@ taglib uri="/WEB-INF/repo.tld" prefix="r" %>
<%@ page import="org.alfresco.web.app.servlet.AuthenticationHelper" %>
<%@ page import="javax.servlet.http.Cookie" %>
<%@ page buffer="16kb" contentType="text/html;charset=UTF-8" %>
<%@ page isELIgnored="false" %>
<%
// remove the username cookie value if explicit logout was requested by the user
if (session.getAttribute(AuthenticationHelper.SESSION_INVALIDATED) != null)
{
Cookie authCookie = AuthenticationHelper.getAuthCookie(request);
if (authCookie != null)
{
authCookie.setMaxAge(0);
response.addCookie(authCookie);
}
session.removeAttribute(AuthenticationHelper.SESSION_INVALIDATED);
}
%>
<body bgcolor="#ffffff" style="background-image: url(<%=request.getContextPath()%>/images/logo/AlfrescoFadedBG.png); background-repeat: no-repeat; background-attachment: fixed">
<r:page titleId="title_relogin">