Guest and LDAP progress

git-svn-id: https://svn.alfresco.com/repos/alfresco-enterprise/alfresco/HEAD/root@2127 c4b6b30b-aa2e-2d43-bbcb-ca4b014f7261
2025-07-24 17:32:48 +00:00 · 2006-01-17 14:17:39 +00:00
parent db5e800018
commit 4408850b7a
25 changed files with 535 additions and 15 deletions
--- a/source/java/org/alfresco/repo/security/authentication/AbstractAuthenticationComponent.java
+++ b/source/java/org/alfresco/repo/security/authentication/AbstractAuthenticationComponent.java
@@ -17,6 +17,7 @@
 package org.alfresco.repo.security.authentication;

 import org.alfresco.error.AlfrescoRuntimeException;
+import org.alfresco.service.cmr.security.PermissionService;

 import net.sf.acegisecurity.Authentication;
 import net.sf.acegisecurity.GrantedAuthority;
@@ -30,11 +31,9 @@ import net.sf.acegisecurity.providers.UsernamePasswordAuthenticationToken;
 import net.sf.acegisecurity.providers.dao.User;

 /**
- * This class abstract the support required to set up and query the Acegi
- * context for security enforcement.
+ * This class abstract the support required to set up and query the Acegi context for security enforcement.
 * 
- * There are some simple default method implementations to support simple
- * authentication.
+ * There are some simple default method implementations to support simple authentication.
 * 
 * @author Andy Hind
 */
@@ -45,11 +44,18 @@ public abstract class AbstractAuthenticationComponent implements AuthenticationC

    private static final String SYSTEM_USER_NAME = "System";

+    private Boolean allowGuestLogin = null;
+
    public AbstractAuthenticationComponent()
    {
        super();
    }

+    public void setAllowGuestLogin(Boolean allowGuestLogin)
+    {
+        this.allowGuestLogin = allowGuestLogin;
+    }
+    
    /**
     * Explicitly set the current user to be authenticated.
     * 
@@ -59,11 +65,11 @@ public abstract class AbstractAuthenticationComponent implements AuthenticationC
     */
    public Authentication setCurrentUser(String userName) throws AuthenticationException
    {
-        if(userName == null)
+        if (userName == null)
        {
            throw new AuthenticationException("Null user name");
        }
-        
+
        try
        {
            UserDetails ud = null;
@@ -73,6 +79,11 @@ public abstract class AbstractAuthenticationComponent implements AuthenticationC
                gas[0] = new GrantedAuthorityImpl("ROLE_SYSTEM");
                ud = new User(SYSTEM_USER_NAME, "", true, true, true, true, gas);
            }
+            else if (userName.equals(PermissionService.GUEST))
+            {
+                GrantedAuthority[] gas = new GrantedAuthority[0];
+                ud = new User(PermissionService.GUEST, "", true, true, true, true, gas);
+            }
            else
            {
                ud = getUserDetails(userName);
@@ -199,6 +210,46 @@ public abstract class AbstractAuthenticationComponent implements AuthenticationC
        return SYSTEM_USER_NAME;
    }

+    /**
+     * Get the name of the Guest User
+     */
+    public String getGuestUserName()
+    {
+        return PermissionService.GUEST;
+    }
+
+    /**
+     * Set the guest user as the current user.
+     */
+    public Authentication setGuestUserAsCurrentUser() throws AuthenticationException
+    {
+        if (allowGuestLogin == null)
+        {
+            if(implementationAllowsGuestLogin())
+            {
+                return setCurrentUser(PermissionService.GUEST);
+            }
+            else
+            {
+                throw new AuthenticationException("Guest authentication is not allowed");  
+            }
+        }
+        else
+        {
+            if(allowGuestLogin.booleanValue())
+            {
+                return setCurrentUser(PermissionService.GUEST);
+            }
+            else
+            {
+                throw new AuthenticationException("Guest authentication is not allowed"); 
+            }
+            
+        }
+    }
+
+    protected abstract boolean implementationAllowsGuestLogin();
+
    /**
     * Remove the current security information
     */
@@ -224,8 +275,7 @@ public abstract class AbstractAuthenticationComponent implements AuthenticationC
    }

    /**
-     * Get the NTML mode - none - supports MD4 hash to integrate - or it can
-     * asct as an NTLM authentication
+     * Get the NTML mode - none - supports MD4 hash to integrate - or it can asct as an NTLM authentication
     */
    public NTLMMode getNTLMMode()
    {
--- a/source/java/org/alfresco/repo/security/authentication/AuthenticationComponent.java
+++ b/source/java/org/alfresco/repo/security/authentication/AuthenticationComponent.java
@@ -72,6 +72,14 @@ public interface AuthenticationComponent
    public Authentication setSystemUserAsCurrentUser();
    
    
+    /**
+     * Set the guest user as the current user.
+     * 
+     * @return
+     */
+    public Authentication setGuestUserAsCurrentUser();
+    
+    
    /**
     * Get the name of the system user
     * 
@@ -79,6 +87,14 @@ public interface AuthenticationComponent
     */
    public String getSystemUserName();
    
+    
+    /**
+     * Get the name of the guest user
+     * 
+     * @return
+     */
+    public String getGuestUserName();
+    
    /**
     * Get the current user name.
     * 
--- a/source/java/org/alfresco/repo/security/authentication/AuthenticationComponentImpl.java
+++ b/source/java/org/alfresco/repo/security/authentication/AuthenticationComponentImpl.java
@@ -96,5 +96,12 @@ public class AuthenticationComponentImpl extends AbstractAuthenticationComponent
    {
        return NTLMMode.MD4_PROVIDER;
    }
+
+    @Override
+    protected boolean implementationAllowsGuestLogin()
+    {
+        return true;
+    }
+   
    
 }
--- a/source/java/org/alfresco/repo/security/authentication/AuthenticationServiceImpl.java
+++ b/source/java/org/alfresco/repo/security/authentication/AuthenticationServiceImpl.java
@@ -147,4 +147,10 @@ public class AuthenticationServiceImpl implements AuthenticationService
        return false;
    }

+    public void authenticateAsGuest() throws AuthenticationException
+    {
+        authenticationComponent.setGuestUserAsCurrentUser();
+    }
+
+    
 }
--- a/source/java/org/alfresco/repo/security/authentication/AuthenticationTest.java
+++ b/source/java/org/alfresco/repo/security/authentication/AuthenticationTest.java
@@ -751,6 +751,12 @@ public class AuthenticationTest extends TestCase
        // assertNull(dao.getUserOrNull("Andy"));
    }

+    public void testAbstractAuthenticationComponentGuestUserSupport()
+    {
+        authenticationComponent.setGuestUserAsCurrentUser();
+        assertEquals(authenticationComponent.getCurrentUserName(), authenticationComponent.getGuestUserName());
+    }
+    
    
    public void testPassThroughLogin()
    {
--- a/source/java/org/alfresco/repo/security/authentication/SimpleAcceptOrRejectAllAuthenticationComponentImpl.java
+++ b/source/java/org/alfresco/repo/security/authentication/SimpleAcceptOrRejectAllAuthenticationComponentImpl.java
@@ -16,6 +16,8 @@
 */
 package org.alfresco.repo.security.authentication;

+import net.sf.acegisecurity.Authentication;
+
 /**
 * This implementation of an AuthenticationComponent can be configured to accept or reject all attempts to login.
 * 
@@ -54,4 +56,12 @@ public class SimpleAcceptOrRejectAllAuthenticationComponentImpl extends Abstract
        }

    }
+
+    @Override
+    protected boolean implementationAllowsGuestLogin()
+    {
+       return accept;
+    }
+    
+    
 }