Merged V3.0 to HEAD

12795: ALFCOM-2419: ResourceBundleWrapper is no longer (de)serializable after changes merged from 2.1-A rev 8323 12826: Fix for ETHREEOH-37 and ETHREEOH-176. git-svn-id: https://svn.alfresco.com/repos/alfresco-enterprise/alfresco/HEAD/root@12828 c4b6b30b-aa2e-2d43-bbcb-ca4b014f7261
2025-08-07 17:49:17 +00:00 · 2009-01-16 14:20:15 +00:00
parent 60e4ed397e
commit 533dee1800
3 changed files with 16 additions and 0 deletions
--- a/source/java/org/alfresco/repo/webdav/auth/BaseKerberosAuthenticationFilter.java
+++ b/source/java/org/alfresco/repo/webdav/auth/BaseKerberosAuthenticationFilter.java
@@ -338,6 +338,8 @@ public abstract class BaseKerberosAuthenticationFilter extends BaseSSOAuthentica
                if ( getLogger().isErrorEnabled())
                    getLogger().error("Failed to validate user " + user.getUserName(), ex);
                
+                removeSessionUser( httpSess);
+                
                reqAuth = true;
            }
        }
--- a/source/java/org/alfresco/repo/webdav/auth/BaseNTLMAuthenticationFilter.java
+++ b/source/java/org/alfresco/repo/webdav/auth/BaseNTLMAuthenticationFilter.java
@@ -250,6 +250,8 @@ public abstract class BaseNTLMAuthenticationFilter extends BaseSSOAuthentication
                if (getLogger().isErrorEnabled())
                    getLogger().error("Failed to validate user " + user.getUserName(), ex);
                
+                removeSessionUser( httpSess);
+                
                reqAuth = true;
            }
        }
@@ -536,6 +538,8 @@ public abstract class BaseNTLMAuthenticationFilter extends BaseSSOAuthentication
                if (logger.isErrorEnabled())
                    logger.error("Failed to validate user " + user.getUserName(), ex);
                
+                removeSessionUser(session);
+                
                onValidateFailed(req, res, session);
                return;
            }
@@ -659,6 +663,8 @@ public abstract class BaseNTLMAuthenticationFilter extends BaseSSOAuthentication
                        if (logger.isErrorEnabled())
                            logger.error("Failed to validate user " + user.getUserName(), ex);
                        
+                        removeSessionUser(session);
+                        
                        onValidateFailed(req, res, session);
                        return;
                    }
--- a/source/java/org/alfresco/repo/webdav/auth/BaseSSOAuthenticationFilter.java
+++ b/source/java/org/alfresco/repo/webdav/auth/BaseSSOAuthenticationFilter.java
@@ -249,6 +249,14 @@ public abstract class BaseSSOAuthenticationFilter implements Filter
        return (SessionUser)session.getAttribute( getUserAttributeName());
    }
    
+    /**
+     * Remove the user from the session - after failed ticket auth
+     */
+    protected void removeSessionUser(HttpSession session)
+    {
+        session.removeAttribute( getUserAttributeName());
+    }
+    
    /**
     * Return the user object session attribute name
     *