mirror of
https://github.com/Alfresco/alfresco-community-repo.git
synced 2025-07-31 17:39:05 +00:00
Guest access auto-login for JBoss Portal
git-svn-id: https://svn.alfresco.com/repos/alfresco-enterprise/alfresco/HEAD/root@2285 c4b6b30b-aa2e-2d43-bbcb-ca4b014f7261
This commit is contained in:
Kevin Roast
@@ -18,6 +18,7 @@ package org.alfresco.web.app.servlet;
|
||||
|
||||
import java.io.IOException;
|
||||
|
||||
import javax.portlet.PortletSession;
|
||||
import javax.servlet.ServletContext;
|
||||
import javax.servlet.http.Cookie;
|
||||
import javax.servlet.http.HttpServletRequest;
|
||||
@@ -37,6 +38,7 @@ import org.alfresco.service.cmr.repository.NodeService;
|
||||
import org.alfresco.service.cmr.security.AuthenticationService;
|
||||
import org.alfresco.service.cmr.security.PermissionService;
|
||||
import org.alfresco.service.cmr.security.PersonService;
|
||||
import org.alfresco.service.transaction.TransactionService;
|
||||
import org.alfresco.web.app.Application;
|
||||
import org.alfresco.web.app.portlet.AlfrescoFacesPortlet;
|
||||
import org.alfresco.web.bean.LoginBean;
|
||||
@@ -250,6 +252,80 @@ public final class AuthenticationHelper
|
||||
return AuthenticationStatus.Success;
|
||||
}
|
||||
|
||||
/**
|
||||
* For no previous authentication or forced Guest - attempt Guest access
|
||||
*
|
||||
* @param ctx WebApplicationContext
|
||||
* @param auth AuthenticationService
|
||||
*/
|
||||
public static AuthenticationStatus portalGuestAuthenticate(WebApplicationContext ctx, PortletSession session, AuthenticationService auth)
|
||||
{
|
||||
UserTransaction tx = null;
|
||||
try
|
||||
{
|
||||
auth.authenticateAsGuest();
|
||||
|
||||
// if we get here then Guest access was allowed and successful
|
||||
ServiceRegistry services = (ServiceRegistry)ctx.getBean(ServiceRegistry.SERVICE_REGISTRY);
|
||||
tx = services.getTransactionService().getUserTransaction();
|
||||
tx.begin();
|
||||
|
||||
NodeService nodeService = services.getNodeService();
|
||||
PersonService personService = (PersonService)ctx.getBean(PERSON_SERVICE);
|
||||
NodeRef guestRef = personService.getPerson(PermissionService.GUEST);
|
||||
User user = new User(PermissionService.GUEST, auth.getCurrentTicket(), guestRef);
|
||||
NodeRef guestHomeRef = (NodeRef)nodeService.getProperty(guestRef, ContentModel.PROP_HOMEFOLDER);
|
||||
|
||||
// check that the home space node exists - else Guest cannot proceed
|
||||
if (nodeService.exists(guestHomeRef) == false)
|
||||
{
|
||||
throw new InvalidNodeRefException(guestHomeRef);
|
||||
}
|
||||
user.setHomeSpaceId(guestHomeRef.getId());
|
||||
|
||||
tx.commit();
|
||||
tx = null; // clear this so we know not to rollback
|
||||
|
||||
// store the User object in the Session - the authentication servlet will then proceed
|
||||
session.setAttribute(AuthenticationHelper.AUTHENTICATION_USER, user);
|
||||
|
||||
// Set the current locale
|
||||
I18NUtil.setLocale(Application.getLanguage(session));
|
||||
|
||||
// remove the session invalidated flag
|
||||
session.removeAttribute(AuthenticationHelper.SESSION_INVALIDATED);
|
||||
|
||||
// it is the responsibilty of the caller to handle the Guest return status
|
||||
return AuthenticationStatus.Guest;
|
||||
}
|
||||
catch (AuthenticationException guestError)
|
||||
{
|
||||
// Expected if Guest access not allowed - continue to login page as usual
|
||||
}
|
||||
catch (AccessDeniedException accessError)
|
||||
{
|
||||
// Guest is unable to access either properties on Person
|
||||
AuthenticationService unprotAuthService = (AuthenticationService)ctx.getBean(UNPROTECTED_AUTH_SERVICE);
|
||||
unprotAuthService.invalidateTicket(unprotAuthService.getCurrentTicket());
|
||||
unprotAuthService.clearCurrentSecurityContext();
|
||||
logger.warn("Unable to login as Guest: " + accessError.getMessage());
|
||||
}
|
||||
catch (Throwable e)
|
||||
{
|
||||
// Some other kind of serious failure to report
|
||||
AuthenticationService unprotAuthService = (AuthenticationService)ctx.getBean(UNPROTECTED_AUTH_SERVICE);
|
||||
unprotAuthService.invalidateTicket(unprotAuthService.getCurrentTicket());
|
||||
unprotAuthService.clearCurrentSecurityContext();
|
||||
throw new AlfrescoRuntimeException("Failed to authenticate as Guest user.", e);
|
||||
}
|
||||
finally
|
||||
{
|
||||
try { if (tx != null) {tx.rollback();} } catch (Exception tex) {}
|
||||
}
|
||||
|
||||
return AuthenticationStatus.Failure;
|
||||
}
|
||||
|
||||
/**
|
||||
* Setup the Alfresco auth cookie value.
|
||||
*
|
||||
|
||||
@@ -31,7 +31,6 @@ import org.alfresco.repo.webdav.WebDAVServlet;
|
||||
import org.alfresco.service.cmr.repository.NodeRef;
|
||||
import org.alfresco.service.cmr.repository.StoreRef;
|
||||
import org.alfresco.web.bean.BrowseBean;
|
||||
import org.alfresco.web.bean.NavigationBean;
|
||||
import org.apache.commons.logging.Log;
|
||||
import org.apache.commons.logging.LogFactory;
|
||||
|
||||
@@ -104,7 +103,7 @@ public class ExternalAccessServlet extends HttpServlet
|
||||
logger.debug("External outcome found: " + outcome);
|
||||
|
||||
// we almost always need this bean reference
|
||||
FacesContext fc = ServletHelper.getFacesContext(req, res, getServletContext());
|
||||
FacesContext fc = FacesHelper.getFacesContext(req, res, getServletContext());
|
||||
BrowseBean browseBean = (BrowseBean)ServletHelper.getManagedBean(fc, "BrowseBean");
|
||||
|
||||
// setup is required for certain outcome requests
|
||||
|
||||
81
source/java/org/alfresco/web/app/servlet/FacesHelper.java
Normal file
81
source/java/org/alfresco/web/app/servlet/FacesHelper.java
Normal file
@@ -0,0 +1,81 @@
|
||||
/*
|
||||
* Copyright (C) 2005 Alfresco, Inc.
|
||||
*
|
||||
* Licensed under the Mozilla Public License version 1.1
|
||||
* with a permitted attribution clause. You may obtain a
|
||||
* copy of the License at
|
||||
*
|
||||
* http://www.alfresco.org/legal/license.txt
|
||||
*
|
||||
* Unless required by applicable law or agreed to in writing,
|
||||
* software distributed under the License is distributed on an
|
||||
* "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND,
|
||||
* either express or implied. See the License for the specific
|
||||
* language governing permissions and limitations under the
|
||||
* License.
|
||||
*/
|
||||
package org.alfresco.web.app.servlet;
|
||||
|
||||
import javax.faces.FactoryFinder;
|
||||
import javax.faces.component.UIViewRoot;
|
||||
import javax.faces.context.FacesContext;
|
||||
import javax.faces.context.FacesContextFactory;
|
||||
import javax.faces.lifecycle.Lifecycle;
|
||||
import javax.faces.lifecycle.LifecycleFactory;
|
||||
|
||||
/**
|
||||
* @author Kevin Roast
|
||||
*/
|
||||
public final class FacesHelper
|
||||
{
|
||||
/**
|
||||
* Private constructor
|
||||
*/
|
||||
private FacesHelper()
|
||||
{
|
||||
}
|
||||
|
||||
/**
|
||||
* Return a valid FacesContext for the specific context, request and response.
|
||||
* The FacesContext can be constructor for Servlet and Portlet use.
|
||||
*
|
||||
* @param context ServletContext or PortletContext
|
||||
* @param request ServletRequest or PortletRequest
|
||||
* @param response ServletReponse or PortletResponse
|
||||
*
|
||||
* @return FacesContext
|
||||
*/
|
||||
public static FacesContext getFacesContext(Object context, Object request, Object response)
|
||||
{
|
||||
FacesContext facesContext = FacesContext.getCurrentInstance();
|
||||
if (facesContext != null) return facesContext;
|
||||
|
||||
FacesContextFactory contextFactory = (FacesContextFactory)FactoryFinder.getFactory(FactoryFinder.FACES_CONTEXT_FACTORY);
|
||||
LifecycleFactory lifecycleFactory = (LifecycleFactory)FactoryFinder.getFactory(FactoryFinder.LIFECYCLE_FACTORY);
|
||||
Lifecycle lifecycle = lifecycleFactory.getLifecycle(LifecycleFactory.DEFAULT_LIFECYCLE);
|
||||
|
||||
// Doesn't set this instance as the current instance of FacesContext.getCurrentInstance
|
||||
facesContext = contextFactory.getFacesContext(context, request, response, lifecycle);
|
||||
|
||||
// Set using our inner class
|
||||
InnerFacesContext.setFacesContextAsCurrent(facesContext);
|
||||
|
||||
// set a new viewRoot, otherwise context.getViewRoot returns null
|
||||
UIViewRoot view = facesContext.getApplication().getViewHandler().createView(facesContext, "/jsp/root");
|
||||
facesContext.setViewRoot(view);
|
||||
|
||||
return facesContext;
|
||||
}
|
||||
|
||||
/**
|
||||
* We need an inner class to be able to call FacesContext.setCurrentInstance
|
||||
* since it's a protected method
|
||||
*/
|
||||
private abstract static class InnerFacesContext extends FacesContext
|
||||
{
|
||||
protected static void setFacesContextAsCurrent(FacesContext facesContext)
|
||||
{
|
||||
FacesContext.setCurrentInstance(facesContext);
|
||||
}
|
||||
}
|
||||
}
|
||||
@@ -22,16 +22,9 @@ import java.net.URLDecoder;
|
||||
import java.util.ArrayList;
|
||||
import java.util.List;
|
||||
|
||||
import javax.faces.FactoryFinder;
|
||||
import javax.faces.component.UIViewRoot;
|
||||
import javax.faces.context.FacesContext;
|
||||
import javax.faces.context.FacesContextFactory;
|
||||
import javax.faces.el.ValueBinding;
|
||||
import javax.faces.lifecycle.Lifecycle;
|
||||
import javax.faces.lifecycle.LifecycleFactory;
|
||||
import javax.servlet.ServletContext;
|
||||
import javax.servlet.ServletRequest;
|
||||
import javax.servlet.ServletResponse;
|
||||
import javax.servlet.http.HttpServletRequest;
|
||||
import javax.servlet.http.HttpServletResponse;
|
||||
|
||||
@@ -124,49 +117,6 @@ public final class ServletHelper
|
||||
return status;
|
||||
}
|
||||
|
||||
/**
|
||||
* Return FacesContext made available to servlets and servlet filters.
|
||||
* {@link http://www.thoughtsabout.net/blog/archives/000033.html}
|
||||
*
|
||||
* @return FacesContext
|
||||
*/
|
||||
public static FacesContext getFacesContext(ServletRequest req, ServletResponse res, ServletContext sc)
|
||||
{
|
||||
FacesContext facesContext = FacesContext.getCurrentInstance();
|
||||
if (facesContext != null) return facesContext;
|
||||
|
||||
FacesContextFactory contextFactory = (FacesContextFactory)FactoryFinder.getFactory(FactoryFinder.FACES_CONTEXT_FACTORY);
|
||||
LifecycleFactory lifecycleFactory = (LifecycleFactory)FactoryFinder.getFactory(FactoryFinder.LIFECYCLE_FACTORY);
|
||||
Lifecycle lifecycle = lifecycleFactory.getLifecycle(LifecycleFactory.DEFAULT_LIFECYCLE);
|
||||
|
||||
// Can get ServletContext here like this:
|
||||
// ServletContext servletContext = ((HttpServletRequest)request).getSession().getServletContext();
|
||||
|
||||
// Doesn't set this instance as the current instance of FacesContext.getCurrentInstance
|
||||
facesContext = contextFactory.getFacesContext(sc, req, res, lifecycle);
|
||||
|
||||
// Set using our inner class
|
||||
InnerFacesContext.setFacesContextAsCurrent(facesContext);
|
||||
|
||||
// set a new viewRoot, otherwise context.getViewRoot returns null
|
||||
UIViewRoot view = facesContext.getApplication().getViewHandler().createView(facesContext, "/jsp/root");
|
||||
facesContext.setViewRoot(view);
|
||||
|
||||
return facesContext;
|
||||
}
|
||||
|
||||
/**
|
||||
* We need an inner class to be able to call FacesContext.setCurrentInstance
|
||||
* since it's a protected method
|
||||
*/
|
||||
private abstract static class InnerFacesContext extends FacesContext
|
||||
{
|
||||
protected static void setFacesContextAsCurrent(FacesContext facesContext)
|
||||
{
|
||||
FacesContext.setCurrentInstance(facesContext);
|
||||
}
|
||||
}
|
||||
|
||||
/**
|
||||
* Return a JSF managed bean reference.
|
||||
*
|
||||
@@ -210,7 +160,6 @@ public final class ServletHelper
|
||||
Application.getCompanyRootId());
|
||||
|
||||
WebApplicationContext wc = FacesContextUtils.getRequiredWebApplicationContext(context);
|
||||
//WebApplicationContext wc = WebApplicationContextUtils.getRequiredWebApplicationContext(context);
|
||||
FileFolderService ffs = (FileFolderService)wc.getBean("FileFolderService");
|
||||
file = ffs.resolveNamePath(companyHome, paths);
|
||||
nodeRef = file.getNodeRef();
|
||||
|
||||
Reference in New Issue
Block a user