mirror of
https://github.com/Alfresco/alfresco-community-repo.git
synced 2025-08-21 18:09:20 +00:00
Merged HEAD-BUG-FIX (4.3/Cloud) to HEAD (4.3/Cloud)
57508: Merged V4.2-BUG-FIX (4.2.1) to HEAD-BUG-FIX (Cloud/4.3)
57359: Merged V4.1-BUG-FIX (4.1.7) to V4.2-BUG-FIX (4.2.1)
57305: Fix for MNT-9779
git-svn-id: https://svn.alfresco.com/repos/alfresco-enterprise/alfresco/HEAD/root@61838 c4b6b30b-aa2e-2d43-bbcb-ca4b014f7261
This commit is contained in:
Alan Davis
@@ -279,6 +279,10 @@ public abstract class BaseKerberosAuthenticationFilter extends BaseSSOAuthentica
|
||||
// Check if the user is already authenticated
|
||||
SessionUser user = getSessionUser(context, req, resp, true);
|
||||
HttpSession httpSess = req.getSession(true);
|
||||
if (user == null)
|
||||
{
|
||||
user = (SessionUser) httpSess.getAttribute("_alfAuthTicket");
|
||||
}
|
||||
|
||||
// If the user has been validated and we do not require re-authentication then continue to
|
||||
// the next filter
|
||||
@@ -298,7 +302,7 @@ public abstract class BaseKerberosAuthenticationFilter extends BaseSSOAuthentica
|
||||
}
|
||||
|
||||
// Check if the login page is being accessed, do not intercept the login page
|
||||
if (hasLoginPage() && req.getRequestURI().endsWith(getLoginPage()))
|
||||
if (checkLoginPage(req, resp))
|
||||
{
|
||||
if (getLogger().isDebugEnabled())
|
||||
getLogger().debug("Login page requested, chaining ...");
|
||||
@@ -461,6 +465,11 @@ public abstract class BaseKerberosAuthenticationFilter extends BaseSSOAuthentica
|
||||
return false;
|
||||
}
|
||||
|
||||
protected boolean checkLoginPage(HttpServletRequest req, HttpServletResponse resp)
|
||||
{
|
||||
return (hasLoginPage() && req.getRequestURI().endsWith(getLoginPage()));
|
||||
}
|
||||
|
||||
/**
|
||||
* JAAS callback handler
|
||||
*
|
||||
|
||||
@@ -1,5 +1,5 @@
|
||||
/*
|
||||
* Copyright (C) 2005-2013 Alfresco Software Limited.
|
||||
/*
|
||||
* Copyright (C) 2005-2013 Alfresco Software Limited.
|
||||
*
|
||||
* This file is part of Alfresco
|
||||
*
|
||||
@@ -14,49 +14,78 @@
|
||||
* GNU Lesser General Public License for more details.
|
||||
*
|
||||
* You should have received a copy of the GNU Lesser General Public License
|
||||
* along with Alfresco. If not, see <http://www.gnu.org/licenses/>.
|
||||
*/
|
||||
package org.alfresco.repo.webdav.auth;
|
||||
|
||||
import java.io.IOException;
|
||||
|
||||
import javax.servlet.ServletContext;
|
||||
import javax.servlet.http.HttpServletRequest;
|
||||
import javax.servlet.http.HttpServletResponse;
|
||||
import javax.servlet.http.HttpSession;
|
||||
|
||||
import org.alfresco.repo.web.auth.WebCredentials;
|
||||
import org.apache.commons.logging.Log;
|
||||
import org.apache.commons.logging.LogFactory;
|
||||
|
||||
/**
|
||||
* WebDAV Kerberos Authentication Filter Class
|
||||
*
|
||||
* @author GKSpencer
|
||||
*/
|
||||
public class KerberosAuthenticationFilter extends BaseKerberosAuthenticationFilter
|
||||
{
|
||||
// Debug logging
|
||||
|
||||
private static Log logger = LogFactory.getLog(KerberosAuthenticationFilter.class);
|
||||
|
||||
/* (non-Javadoc)
|
||||
* @see org.alfresco.repo.webdav.auth.BaseSSOAuthenticationFilter#onValidateFailed(javax.servlet.ServletContext, javax.servlet.http.HttpServletRequest, javax.servlet.http.HttpServletResponse, javax.servlet.http.HttpSession)
|
||||
*/
|
||||
@Override
|
||||
protected void onValidateFailed(ServletContext sc, HttpServletRequest req, HttpServletResponse res, HttpSession session, WebCredentials credentials)
|
||||
throws IOException
|
||||
{
|
||||
super.onValidateFailed(sc, req, res, session, credentials);
|
||||
// Restart the login challenge process if validation fails
|
||||
restartLoginChallenge(sc, req, res);
|
||||
}
|
||||
|
||||
/* (non-Javadoc)
|
||||
* @see org.alfresco.repo.webdav.auth.BaseSSOAuthenticationFilter#getLogger()
|
||||
*/
|
||||
@Override
|
||||
protected Log getLogger() {
|
||||
return logger;
|
||||
}
|
||||
}
|
||||
* along with Alfresco. If not, see <http://www.gnu.org/licenses/>.
|
||||
*/
|
||||
package org.alfresco.repo.webdav.auth;
|
||||
|
||||
import java.io.IOException;
|
||||
import java.io.PrintWriter;
|
||||
|
||||
import javax.servlet.ServletContext;
|
||||
import javax.servlet.http.HttpServletRequest;
|
||||
import javax.servlet.http.HttpServletResponse;
|
||||
import javax.servlet.http.HttpSession;
|
||||
|
||||
import org.alfresco.repo.web.auth.WebCredentials;
|
||||
import org.apache.commons.logging.Log;
|
||||
import org.apache.commons.logging.LogFactory;
|
||||
|
||||
/**
|
||||
* WebDAV Kerberos Authentication Filter Class
|
||||
*
|
||||
* @author GKSpencer
|
||||
*/
|
||||
public class KerberosAuthenticationFilter extends BaseKerberosAuthenticationFilter
|
||||
{
|
||||
// Debug logging
|
||||
private static Log logger = LogFactory.getLog(KerberosAuthenticationFilter.class);
|
||||
|
||||
/* (non-Javadoc)
|
||||
* @see org.alfresco.repo.webdav.auth.BaseSSOAuthenticationFilter#onValidateFailed(javax.servlet.ServletContext, javax.servlet.http.HttpServletRequest, javax.servlet.http.HttpServletResponse, javax.servlet.http.HttpSession)
|
||||
*/
|
||||
@Override
|
||||
protected void onValidateFailed(ServletContext sc, HttpServletRequest req, HttpServletResponse res, HttpSession session, WebCredentials credentials)
|
||||
throws IOException
|
||||
{
|
||||
super.onValidateFailed(sc, req, res, session, credentials);
|
||||
// Restart the login challenge process if validation fails
|
||||
restartLoginChallenge(sc, req, res);
|
||||
}
|
||||
|
||||
/* (non-Javadoc)
|
||||
*
|
||||
* @see org.alfresco.repo.webdav.auth.BaseSSOAuthenticationFilter#getLogger()
|
||||
*/
|
||||
@Override
|
||||
protected Log getLogger()
|
||||
{
|
||||
return logger;
|
||||
}
|
||||
|
||||
@Override
|
||||
protected boolean checkLoginPage(HttpServletRequest req, HttpServletResponse resp)
|
||||
{
|
||||
return (req.getRequestURI().endsWith("/jsp/login.jsp"));
|
||||
}
|
||||
|
||||
/**
|
||||
* Writes link to login page and refresh tag which cause user
|
||||
* to be redirected to the login page.
|
||||
*
|
||||
* @param context ServletContext
|
||||
* @param resp HttpServletResponse
|
||||
* @param httpSess HttpSession
|
||||
* @throws IOException
|
||||
*/
|
||||
protected void writeLoginPageLink(ServletContext context, HttpServletRequest req, HttpServletResponse resp) throws IOException
|
||||
{
|
||||
resp.setContentType(MIME_HTML_TEXT);
|
||||
|
||||
final PrintWriter out = resp.getWriter();
|
||||
out.println("<html><head>");
|
||||
out.println("<meta http-equiv=\"Refresh\" content=\"0; url=" + req.getContextPath() + "/faces/jsp/login.jsp?_alfRedirect=%2Falfresco%2Fwebdav\">");
|
||||
out.println("</head><body><p>Please <a href=\"" + req.getContextPath() + "/faces/jsp/login.jsp?_alfRedirect=%2Falfresco%2Fwebdav\">log in</a>.</p>");
|
||||
out.println("</body></html>");
|
||||
out.close();
|
||||
}
|
||||
}
|
||||
|
||||
Reference in New Issue
Block a user