inteligr8/alfresco-community-repo
1
0
Fork 0
mirror of https://github.com/Alfresco/alfresco-community-repo.git synced 2025-07-24 17:32:48 +00:00
Code Issues Packages Projects Releases Wiki Activity

Merged 1.4 to HEAD

Browse Source 
svn merge svn://svn.alfresco.com:3691/alfresco/BRANCHES/V1.4@4380 svn://svn.alfresco.com:3691/alfresco/BRANCHES/V1.4@4386 .


git-svn-id: https://svn.alfresco.com/repos/alfresco-enterprise/alfresco/HEAD/root@4659 c4b6b30b-aa2e-2d43-bbcb-ca4b014f7261
This commit is contained in:
Derek Hulley
2006-12-19 15:04:47 +00:00
parent 31d1fa1fb1
commit 4443f42279
14 changed files with 601 additions and 46 deletions
Download Patch File Download Diff File Expand all files Collapse all files

11
source/java/org/alfresco/repo/security/authentication/AuthenticationTest.java
View File

@@ -39,6 +39,8 @@ import net.sf.acegisecurity.providers.UsernamePasswordAuthenticationToken;
import net.sf.acegisecurity.providers.dao.SaltSource;
import org.alfresco.model.ContentModel;
import org.alfresco.repo.cache.SimpleCache;
import org.alfresco.repo.security.authentication.InMemoryTicketComponentImpl.Ticket;
import org.alfresco.service.ServiceRegistry;
import org.alfresco.service.cmr.dictionary.DictionaryService;
import org.alfresco.service.cmr.repository.NodeRef;
@@ -54,6 +56,7 @@ import org.alfresco.service.transaction.TransactionService;
import org.alfresco.util.ApplicationContextHelper;
import org.springframework.context.ApplicationContext;
@SuppressWarnings("unchecked")
public class AuthenticationTest extends TestCase
{
private static ApplicationContext ctx = ApplicationContextHelper.getApplicationContext();
@@ -81,6 +84,8 @@ public class AuthenticationTest extends TestCase
private SaltSource saltSource;
private TicketComponent ticketComponent;
private SimpleCache<String, Ticket> ticketsCache;
private AuthenticationService authenticationService;
@@ -116,6 +121,7 @@ public class AuthenticationTest extends TestCase
authenticationComponentImpl = (AuthenticationComponent) ctx.getBean("authenticationComponentImpl");
// permissionServiceSPI = (PermissionServiceSPI)
// ctx.getBean("permissionService");
ticketsCache = (SimpleCache<String, Ticket>) ctx.getBean("ticketsCache");
dao = (MutableAuthenticationDao) ctx.getBean("alfDaoImpl");
authenticationManager = (AuthenticationManager) ctx.getBean("authenticationManager");
@@ -143,7 +149,6 @@ public class AuthenticationTest extends TestCase
deleteAndy();
authenticationComponent.clearCurrentSecurityContext();
}
private void deleteAndy()
@@ -476,6 +481,7 @@ public class AuthenticationTest extends TestCase
tc.setOneOff(false);
tc.setTicketsExpire(false);
tc.setValidDuration("P0D");
tc.setTicketsCache(ticketsCache);
dao.createUser("Andy", "ticket".toCharArray());
@@ -499,6 +505,7 @@ public class AuthenticationTest extends TestCase
tc.setOneOff(true);
tc.setTicketsExpire(false);
tc.setValidDuration("P0D");
tc.setTicketsCache(ticketsCache);
dao.createUser("Andy", "ticket".toCharArray());
@@ -530,6 +537,7 @@ public class AuthenticationTest extends TestCase
tc.setOneOff(false);
tc.setTicketsExpire(true);
tc.setValidDuration("P5S");
tc.setTicketsCache(ticketsCache);
dao.createUser("Andy", "ticket".toCharArray());
@@ -619,6 +627,7 @@ public class AuthenticationTest extends TestCase
tc.setOneOff(false);
tc.setTicketsExpire(true);
tc.setValidDuration("P1D");
tc.setTicketsCache(ticketsCache);
dao.createUser("Andy", "ticket".toCharArray());

28
source/java/org/alfresco/repo/security/authentication/InMemoryTicketComponentImpl.java
View File

@@ -16,11 +16,12 @@
*/
package org.alfresco.repo.security.authentication;
import java.io.Serializable;
import java.util.Date;
import java.util.HashMap;
import java.util.HashSet;
import java.util.Set;
import org.alfresco.repo.cache.SimpleCache;
import org.alfresco.service.cmr.repository.datatype.Duration;
import org.alfresco.util.GUID;
public class InMemoryTicketComponentImpl implements TicketComponent
@@ -33,13 +34,18 @@ public class InMemoryTicketComponentImpl implements TicketComponent
private boolean oneOff;
private HashMap<String, Ticket> tickets = new HashMap<String, Ticket>();
private SimpleCache<String, Ticket> ticketsCache; // Can't use Ticket as it's private
public InMemoryTicketComponentImpl()
{
super();
}
public void setTicketsCache(SimpleCache<String, Ticket> ticketsCache)
{
this.ticketsCache = ticketsCache;
}
public String getTicket(String userName) throws AuthenticationException
{
Date expiryDate = null;
@@ -48,7 +54,7 @@ public class InMemoryTicketComponentImpl implements TicketComponent
expiryDate = Duration.add(new Date(), validDuration);
}
Ticket ticket = new Ticket(ticketsExpire, expiryDate, userName);
tickets.put(ticket.getTicketId(), ticket);
ticketsCache.put(ticket.getTicketId(), ticket);
return GRANTED_AUTHORITY_TICKET_PREFIX + ticket.getTicketId();
}
@@ -61,7 +67,7 @@ public class InMemoryTicketComponentImpl implements TicketComponent
}
String key = ticketString.substring(GRANTED_AUTHORITY_TICKET_PREFIX.length());
Ticket ticket = tickets.get(key);
Ticket ticket = ticketsCache.get(key);
if (ticket == null)
{
throw new AuthenticationException("Missing ticket for " + ticketString);
@@ -74,7 +80,7 @@ public class InMemoryTicketComponentImpl implements TicketComponent
// TODO: Strengthen ticket as GUID is predicatble
if(oneOff)
{
tickets.remove(key);
ticketsCache.remove(key);
}
return ticket.getUserName();
}
@@ -82,16 +88,16 @@ public class InMemoryTicketComponentImpl implements TicketComponent
public void invalidateTicketById(String ticketString)
{
String key = ticketString.substring(GRANTED_AUTHORITY_TICKET_PREFIX.length());
tickets.remove(key);
ticketsCache.remove(key);
}
public void invalidateTicketByUser(String userName)
{
Set<String> toRemove = new HashSet<String>();
for(String key: tickets.keySet())
for(String key: ticketsCache.getKeys())
{
Ticket ticket = tickets.get(key);
Ticket ticket = ticketsCache.get(key);
if(ticket.getUserName().equals(userName))
{
toRemove.add(ticket.getTicketId());
@@ -100,14 +106,16 @@ public class InMemoryTicketComponentImpl implements TicketComponent
for(String id: toRemove)
{
tickets.remove(id);
ticketsCache.remove(id);
}
}
private static class Ticket
public static class Ticket implements Serializable
{
private static final long serialVersionUID = -5904510560161261049L;
private boolean expires;
private Date expiryDate;

38
source/java/org/alfresco/repo/security/authentication/ldap/LDAPPersonExportSource.java
View File

@@ -21,6 +21,7 @@ import java.io.File;
import java.io.FileWriter;
import java.io.Writer;
import java.util.Collection;
import java.util.HashSet;
import java.util.Map;
import javax.naming.NamingEnumeration;
@@ -67,7 +68,7 @@ public class LDAPPersonExportSource implements ExportSource
private NamespaceService namespaceService;
private Map<String, String> attributeDefaults;
private boolean errorOnMissingUID;
public LDAPPersonExportSource()
@@ -119,7 +120,7 @@ public class LDAPPersonExportSource implements ExportSource
{
this.errorOnMissingUID = errorOnMissingUID;
}
public void generateExport(XMLWriter writer)
{
QName nodeUUID = QName.createQName("sys:node-uuid", namespaceService);
@@ -147,6 +148,8 @@ public class LDAPPersonExportSource implements ExportSource
writer.startElement(NamespaceService.REPOSITORY_VIEW_PREFIX, "view",
NamespaceService.REPOSITORY_VIEW_PREFIX + ":" + "view", new AttributesImpl());
HashSet<String> uids = new HashSet<String>();
InitialDirContext ctx = null;
try
{
@@ -157,35 +160,44 @@ public class LDAPPersonExportSource implements ExportSource
SearchControls userSearchCtls = new SearchControls();
userSearchCtls.setSearchScope(SearchControls.SUBTREE_SCOPE);
userSearchCtls.setCountLimit(Integer.MAX_VALUE);
NamingEnumeration searchResults = ctx.search(searchBase, personQuery, userSearchCtls);
while (searchResults.hasMoreElements())
RESULT_LOOP: while (searchResults.hasMoreElements())
{
SearchResult result = (SearchResult) searchResults.next();
Attributes attributes = result.getAttributes();
Attribute uidAttribute = attributes.get(userIdAttributeName);
if (uidAttribute == null)
{
if(errorOnMissingUID)
if (errorOnMissingUID)
{
throw new ExportSourceImporterException(
"User returned by user search does not have mandatory user id attribute " + attributes);
throw new ExportSourceImporterException(
"User returned by user search does not have mandatory user id attribute "
+ attributes);
}
else
{
s_logger.warn("User returned by user search does not have mandatory user id attribute " + attributes);
continue;
s_logger.warn("User returned by user search does not have mandatory user id attribute "
+ attributes);
continue RESULT_LOOP;
}
}
String uid = (String) uidAttribute.get(0);
if (uids.contains(uid))
{
s_logger.warn("Duplicate uid found - there will be more than one person object for this user - "
+ uid);
}
uids.add(uid);
if (s_logger.isDebugEnabled())
{
s_logger.debug("Adding user for " + uid);
}
writer.startElement(ContentModel.TYPE_PERSON.getNamespaceURI(), ContentModel.TYPE_PERSON
.getLocalName(), ContentModel.TYPE_PERSON.toPrefixString(namespaceService), attrs);
@@ -234,7 +246,7 @@ public class LDAPPersonExportSource implements ExportSource
else
{
String defaultValue = attributeDefaults.get(key);
if(defaultValue != null)
if (defaultValue != null)
{
writer.characters(defaultValue.toCharArray(), 0, defaultValue.length());
}
@@ -243,7 +255,7 @@ public class LDAPPersonExportSource implements ExportSource
else
{
String defaultValue = attributeDefaults.get(key);
if(defaultValue != null)
if (defaultValue != null)
{
writer.characters(defaultValue.toCharArray(), 0, defaultValue.length());
}
@@ -316,7 +328,7 @@ public class LDAPPersonExportSource implements ExportSource
TransactionService txs = (TransactionService) ctx.getBean("transactionComponent");
UserTransaction tx = txs.getUserTransaction();
tx.begin();
File file = new File(args[0]);
Writer writer = new BufferedWriter(new FileWriter(file));
XMLWriter xmlWriter = createXMLExporter(writer);