mirror of
https://github.com/Alfresco/alfresco-community-repo.git
synced 2025-08-21 18:09:20 +00:00
Merged HEAD-BUG-FIX (4.3/Cloud) to HEAD (4.3/Cloud)
57508: Merged V4.2-BUG-FIX (4.2.1) to HEAD-BUG-FIX (Cloud/4.3)
57359: Merged V4.1-BUG-FIX (4.1.7) to V4.2-BUG-FIX (4.2.1)
57305: Fix for MNT-9779
git-svn-id: https://svn.alfresco.com/repos/alfresco-enterprise/alfresco/HEAD/root@61838 c4b6b30b-aa2e-2d43-bbcb-ca4b014f7261
This commit is contained in:
Alan Davis
@@ -279,6 +279,10 @@ public abstract class BaseKerberosAuthenticationFilter extends BaseSSOAuthentica
|
|||||||
// Check if the user is already authenticated
|
// Check if the user is already authenticated
|
||||||
SessionUser user = getSessionUser(context, req, resp, true);
|
SessionUser user = getSessionUser(context, req, resp, true);
|
||||||
HttpSession httpSess = req.getSession(true);
|
HttpSession httpSess = req.getSession(true);
|
||||||
|
if (user == null)
|
||||||
|
{
|
||||||
|
user = (SessionUser) httpSess.getAttribute("_alfAuthTicket");
|
||||||
|
}
|
||||||
|
|
||||||
// If the user has been validated and we do not require re-authentication then continue to
|
// If the user has been validated and we do not require re-authentication then continue to
|
||||||
// the next filter
|
// the next filter
|
||||||
@@ -298,7 +302,7 @@ public abstract class BaseKerberosAuthenticationFilter extends BaseSSOAuthentica
|
|||||||
}
|
}
|
||||||
|
|
||||||
// Check if the login page is being accessed, do not intercept the login page
|
// Check if the login page is being accessed, do not intercept the login page
|
||||||
if (hasLoginPage() && req.getRequestURI().endsWith(getLoginPage()))
|
if (checkLoginPage(req, resp))
|
||||||
{
|
{
|
||||||
if (getLogger().isDebugEnabled())
|
if (getLogger().isDebugEnabled())
|
||||||
getLogger().debug("Login page requested, chaining ...");
|
getLogger().debug("Login page requested, chaining ...");
|
||||||
@@ -461,6 +465,11 @@ public abstract class BaseKerberosAuthenticationFilter extends BaseSSOAuthentica
|
|||||||
return false;
|
return false;
|
||||||
}
|
}
|
||||||
|
|
||||||
|
protected boolean checkLoginPage(HttpServletRequest req, HttpServletResponse resp)
|
||||||
|
{
|
||||||
|
return (hasLoginPage() && req.getRequestURI().endsWith(getLoginPage()));
|
||||||
|
}
|
||||||
|
|
||||||
/**
|
/**
|
||||||
* JAAS callback handler
|
* JAAS callback handler
|
||||||
*
|
*
|
||||||
|
|||||||
@@ -1,5 +1,5 @@
|
|||||||
/*
|
/*
|
||||||
* Copyright (C) 2005-2013 Alfresco Software Limited.
|
* Copyright (C) 2005-2013 Alfresco Software Limited.
|
||||||
*
|
*
|
||||||
* This file is part of Alfresco
|
* This file is part of Alfresco
|
||||||
*
|
*
|
||||||
@@ -14,49 +14,78 @@
|
|||||||
* GNU Lesser General Public License for more details.
|
* GNU Lesser General Public License for more details.
|
||||||
*
|
*
|
||||||
* You should have received a copy of the GNU Lesser General Public License
|
* You should have received a copy of the GNU Lesser General Public License
|
||||||
* along with Alfresco. If not, see <http://www.gnu.org/licenses/>.
|
* along with Alfresco. If not, see <http://www.gnu.org/licenses/>.
|
||||||
*/
|
*/
|
||||||
package org.alfresco.repo.webdav.auth;
|
package org.alfresco.repo.webdav.auth;
|
||||||
|
|
||||||
import java.io.IOException;
|
import java.io.IOException;
|
||||||
|
import java.io.PrintWriter;
|
||||||
import javax.servlet.ServletContext;
|
|
||||||
import javax.servlet.http.HttpServletRequest;
|
import javax.servlet.ServletContext;
|
||||||
import javax.servlet.http.HttpServletResponse;
|
import javax.servlet.http.HttpServletRequest;
|
||||||
import javax.servlet.http.HttpSession;
|
import javax.servlet.http.HttpServletResponse;
|
||||||
|
import javax.servlet.http.HttpSession;
|
||||||
import org.alfresco.repo.web.auth.WebCredentials;
|
|
||||||
import org.apache.commons.logging.Log;
|
import org.alfresco.repo.web.auth.WebCredentials;
|
||||||
import org.apache.commons.logging.LogFactory;
|
import org.apache.commons.logging.Log;
|
||||||
|
import org.apache.commons.logging.LogFactory;
|
||||||
/**
|
|
||||||
* WebDAV Kerberos Authentication Filter Class
|
/**
|
||||||
*
|
* WebDAV Kerberos Authentication Filter Class
|
||||||
* @author GKSpencer
|
*
|
||||||
*/
|
* @author GKSpencer
|
||||||
public class KerberosAuthenticationFilter extends BaseKerberosAuthenticationFilter
|
*/
|
||||||
{
|
public class KerberosAuthenticationFilter extends BaseKerberosAuthenticationFilter
|
||||||
// Debug logging
|
{
|
||||||
|
// Debug logging
|
||||||
private static Log logger = LogFactory.getLog(KerberosAuthenticationFilter.class);
|
private static Log logger = LogFactory.getLog(KerberosAuthenticationFilter.class);
|
||||||
|
|
||||||
/* (non-Javadoc)
|
/* (non-Javadoc)
|
||||||
* @see org.alfresco.repo.webdav.auth.BaseSSOAuthenticationFilter#onValidateFailed(javax.servlet.ServletContext, javax.servlet.http.HttpServletRequest, javax.servlet.http.HttpServletResponse, javax.servlet.http.HttpSession)
|
* @see org.alfresco.repo.webdav.auth.BaseSSOAuthenticationFilter#onValidateFailed(javax.servlet.ServletContext, javax.servlet.http.HttpServletRequest, javax.servlet.http.HttpServletResponse, javax.servlet.http.HttpSession)
|
||||||
*/
|
*/
|
||||||
@Override
|
@Override
|
||||||
protected void onValidateFailed(ServletContext sc, HttpServletRequest req, HttpServletResponse res, HttpSession session, WebCredentials credentials)
|
protected void onValidateFailed(ServletContext sc, HttpServletRequest req, HttpServletResponse res, HttpSession session, WebCredentials credentials)
|
||||||
throws IOException
|
throws IOException
|
||||||
{
|
{
|
||||||
super.onValidateFailed(sc, req, res, session, credentials);
|
super.onValidateFailed(sc, req, res, session, credentials);
|
||||||
// Restart the login challenge process if validation fails
|
// Restart the login challenge process if validation fails
|
||||||
restartLoginChallenge(sc, req, res);
|
restartLoginChallenge(sc, req, res);
|
||||||
}
|
}
|
||||||
|
|
||||||
/* (non-Javadoc)
|
/* (non-Javadoc)
|
||||||
* @see org.alfresco.repo.webdav.auth.BaseSSOAuthenticationFilter#getLogger()
|
*
|
||||||
*/
|
* @see org.alfresco.repo.webdav.auth.BaseSSOAuthenticationFilter#getLogger()
|
||||||
@Override
|
*/
|
||||||
protected Log getLogger() {
|
@Override
|
||||||
return logger;
|
protected Log getLogger()
|
||||||
}
|
{
|
||||||
}
|
return logger;
|
||||||
|
}
|
||||||
|
|
||||||
|
@Override
|
||||||
|
protected boolean checkLoginPage(HttpServletRequest req, HttpServletResponse resp)
|
||||||
|
{
|
||||||
|
return (req.getRequestURI().endsWith("/jsp/login.jsp"));
|
||||||
|
}
|
||||||
|
|
||||||
|
/**
|
||||||
|
* Writes link to login page and refresh tag which cause user
|
||||||
|
* to be redirected to the login page.
|
||||||
|
*
|
||||||
|
* @param context ServletContext
|
||||||
|
* @param resp HttpServletResponse
|
||||||
|
* @param httpSess HttpSession
|
||||||
|
* @throws IOException
|
||||||
|
*/
|
||||||
|
protected void writeLoginPageLink(ServletContext context, HttpServletRequest req, HttpServletResponse resp) throws IOException
|
||||||
|
{
|
||||||
|
resp.setContentType(MIME_HTML_TEXT);
|
||||||
|
|
||||||
|
final PrintWriter out = resp.getWriter();
|
||||||
|
out.println("<html><head>");
|
||||||
|
out.println("<meta http-equiv=\"Refresh\" content=\"0; url=" + req.getContextPath() + "/faces/jsp/login.jsp?_alfRedirect=%2Falfresco%2Fwebdav\">");
|
||||||
|
out.println("</head><body><p>Please <a href=\"" + req.getContextPath() + "/faces/jsp/login.jsp?_alfRedirect=%2Falfresco%2Fwebdav\">log in</a>.</p>");
|
||||||
|
out.println("</body></html>");
|
||||||
|
out.close();
|
||||||
|
}
|
||||||
|
}
|
||||||
|
|||||||
Reference in New Issue
Block a user