Merged HEAD-BUG-FIX (5.1/Cloud) to HEAD (5.1/Cloud)

90771: Merged V4.2-BUG-FIX (4.2.5) to HEAD-BUG-FIX (5.0/Cloud) 90565: Merged DEV to V4.2-BUG-FIX (4.2.4) 76855 : MNT-11765 : Public API Authentication: Returns error 500 instead of 401 when authenticated with invalid / non existing user - Avoid InvalidStoreRefException in getUserOrNull and getPersonOrNull methods 90610: MNT-11765 : Public API Authentication: Returns error 500 instead of 401 when authenticated with invalid / non existing user - Fix for compilation errors 90676: MNT-11765 : Public API Authentication: Returns error 500 instead of 401 when authenticated with invalid / non existing user - Test is changed to return the system to initial state git-svn-id: https://svn.alfresco.com/repos/alfresco-enterprise/alfresco/HEAD/root@94713 c4b6b30b-aa2e-2d43-bbcb-ca4b014f7261
2025-08-07 17:49:17 +00:00 · 2015-01-31 11:00:56 +00:00
parent aebd5bf941
commit 46244028c5
3 changed files with 58 additions and 1 deletions
--- a/source/java/org/alfresco/repo/security/authentication/RepositoryAuthenticationDao.java
+++ b/source/java/org/alfresco/repo/security/authentication/RepositoryAuthenticationDao.java
@@ -42,6 +42,7 @@ import org.alfresco.repo.policy.PolicyComponent;
 import org.alfresco.repo.tenant.TenantService;
 import org.alfresco.repo.transaction.RetryingTransactionHelper.RetryingTransactionCallback;
 import org.alfresco.service.cmr.repository.ChildAssociationRef;
+import org.alfresco.service.cmr.repository.InvalidStoreRefException;
 import org.alfresco.service.cmr.repository.NodeRef;
 import org.alfresco.service.cmr.repository.NodeService;
 import org.alfresco.service.cmr.repository.StoreRef;
@@ -193,6 +194,18 @@ public class RepositoryAuthenticationDao implements MutableAuthenticationDao, In
     * @return                                      the user's data
     */
    private CacheEntry getUserEntryOrNull(final String caseSensitiveSearchUserName)
+    {
+        try
+        {
+            return getUserEntryOrNullImpl(caseSensitiveSearchUserName);
+        }
+        catch (InvalidStoreRefException e)
+        {
+            return null;
+        }
+    }
+    
+    private CacheEntry getUserEntryOrNullImpl(final String caseSensitiveSearchUserName)
    {
        if (caseSensitiveSearchUserName == null || caseSensitiveSearchUserName.length() == 0)
        {
--- a/source/java/org/alfresco/repo/security/person/PersonServiceImpl.java
+++ b/source/java/org/alfresco/repo/security/person/PersonServiceImpl.java
@@ -76,6 +76,7 @@ import org.alfresco.service.cmr.invitation.InvitationException;
 import org.alfresco.service.cmr.model.FileFolderService;
 import org.alfresco.service.cmr.repository.ChildAssociationRef;
 import org.alfresco.service.cmr.repository.InvalidNodeRefException;
+import org.alfresco.service.cmr.repository.InvalidStoreRefException;
 import org.alfresco.service.cmr.repository.NodeRef;
 import org.alfresco.service.cmr.repository.NodeService;
 import org.alfresco.service.cmr.repository.StoreRef;
@@ -534,8 +535,18 @@ public class PersonServiceImpl extends TransactionListenerAdapter implements Per
        boolean addToCache = false;
        if (allRefs == null)
        {
+            NodeRef peopleContainer = null;
+            try
+            {
+                peopleContainer = getPeopleContainer();
+            }
+            catch(InvalidStoreRefException isre)
+            {
+                return null;
+            }
+            
            List<ChildAssociationRef> childRefs = nodeService.getChildAssocs(
-                    getPeopleContainer(),
+                    peopleContainer,
                    ContentModel.ASSOC_CHILDREN,
                    getChildNameLower(searchUserName),
                    false);
--- a/source/test-java/org/alfresco/repo/security/authentication/AuthenticationTest.java
+++ b/source/test-java/org/alfresco/repo/security/authentication/AuthenticationTest.java
@@ -51,6 +51,7 @@ import org.alfresco.repo.security.authentication.AuthenticationUtil.RunAsWork;
 import org.alfresco.repo.security.authentication.InMemoryTicketComponentImpl.ExpiryMode;
 import org.alfresco.repo.security.authentication.InMemoryTicketComponentImpl.Ticket;
 import org.alfresco.repo.security.authentication.RepositoryAuthenticationDao.CacheEntry;
+import org.alfresco.repo.tenant.TenantAdminService;
 import org.alfresco.repo.tenant.TenantService;
 import org.alfresco.repo.transaction.AlfrescoTransactionSupport;
 import org.alfresco.repo.transaction.AlfrescoTransactionSupport.TxnReadState;
@@ -73,6 +74,7 @@ import org.hibernate.dialect.Dialect;
 import org.hibernate.dialect.PostgreSQLDialect;
 import org.junit.experimental.categories.Category;
 import org.springframework.context.ApplicationContext;
+import org.springframework.extensions.webscripts.GUID;

@SuppressWarnings("unchecked")
@Category(OwnJVMTestsCategory.class)
@@ -83,6 +85,7 @@ public class AuthenticationTest extends TestCase
    private NodeService nodeService;
    private AuthorityService authorityService;
    private TenantService tenantService;
+    private TenantAdminService tenantAdminService;
    private MD4PasswordEncoder passwordEncoder;
    private PasswordEncoder sha256PasswordEncoder;
    private MutableAuthenticationDao dao;
@@ -136,6 +139,7 @@ public class AuthenticationTest extends TestCase
        nodeService = (NodeService) ctx.getBean("nodeService");
        authorityService = (AuthorityService) ctx.getBean("authorityService");
        tenantService = (TenantService) ctx.getBean("tenantService");
+        tenantAdminService = (TenantAdminService) ctx.getBean("tenantAdminService");
        passwordEncoder = (MD4PasswordEncoder) ctx.getBean("passwordEncoder");
        sha256PasswordEncoder = (PasswordEncoder) ctx.getBean("sha256PasswordEncoder");
        ticketComponent = (TicketComponent) ctx.getBean("ticketComponent");
@@ -1726,6 +1730,35 @@ public class AuthenticationTest extends TestCase
        // authenticationService.deleteAuthentication("andy");
    }

+    public void testLoginNotExistingTenant()
+    {
+        boolean wasEnabled = AuthenticationUtil.isMtEnabled();
+        
+        try
+        {
+            tenantAdminService.createTenant(GUID.generate() + "test1.test", "admin".toCharArray());
+            
+            String notExistingTenant = GUID.generate() + "tenant.test";
+            String userName = "user@" + notExistingTenant;
+            
+            assertFalse(tenantAdminService.existsTenant(notExistingTenant));
+            
+            try
+            {
+                pubAuthenticationService.authenticate(userName, GUID.generate().toCharArray());
+                fail();
+            }
+            catch (AuthenticationException e)
+            {
+                // it is expected exception
+            }
+        }
+        finally
+        {
+            AuthenticationUtil.setMtEnabled(wasEnabled);
+        }
+    }
+    
    private String getUserName(Authentication authentication)
    {
        String username = authentication.getPrincipal().toString();