inteligr8/alfresco-community-repo
1
0
Fork 0
mirror of https://github.com/Alfresco/alfresco-community-repo.git synced 2025-08-07 17:49:17 +00:00
Code Issues Packages Projects Releases Wiki Activity

Merged V3.3-BUG-FIX to HEAD

Browse Source 
20954: Calendar Dashlet updates. Fixes: ALF-2907 (meeting workspace issue)
   20968: Minor VersionableAspect fix to onDeleteNode policy firing (follow-on for r19507)
   20981: Removed Install Jammer installers from V3.3.3
   20982: AVMTestSuite - run PurgeTestP after AVMServiceTest (investigating ALF-3611)
   20997: Fix for ALF-2605 - updated share-config-custom.xml.sample and removed obsolete extension files
   21030: Pulled XAMConnector AMP into main 3.3SP3 codeline.  Apart from build changes (incl. EOL), there are no repo changes.
   21032: StoreSelector passes through NodeContentContext allowing stores access to node information
   21036: Fix ALF-245: Can't delete space that contains "translation without content"
      - Delete triggers 'unmakeTranslation'
      - Empty translations are marked with sys:temporary before being deleted
   21051: More on fix ALF-245.  Reduced complexity by not deleting empty translations twice
   21064: Merged V3.3 to V3.3-BUG_FIX
      20898: Merged HEAD to V3.3
         20724: AVMTestSuite - temporarily comment out PurgeTestP
            - TODO: investigate intermittent test failure
      20903: Incremented version revision
      20921: AVM - fix purge store so that vr nodes are actually orphaned (ALF-3627)
      20952: Fix for ALF-3704: Module conflict - Alfresco web client config property page missing metadata. 
         This is application of a fix made to the config service in a hotfix. The change provides a deterministic load order for config files loaded via the ConfigBootstrap spring bean. More importantly it means that config files loaded by modules on different machines in a cluster load in the same order.

         The forms client and AWE config files have been updated to take advantage of the new loading order.
      21061: Merged PATCHES/V3.1.2 to V3.3 (RECORD ONLY)
         20890: ALF-3687: Apply LUCENE-1383 patch to Lucene 2.1.0 to reduce memory leaks from ThreadLocals
         20891: ALF-3687: Build classpath fix
         20892: Incremented version label
      21062: Merged PATCHES/V3.2.1 to V3.3
         20897: (RECORD ONLY) Incremented version label
         20901: (RECORD ONLY) ALF-3740: Merged V3.3 to PATCHES/V3.2.1
            20524: VersionMigrator - option to run as scheduled job (ALF-1000)
         20904: (RECORD ONLY) ALF-3732: Merged PATCHES/V3.2.r to PATCHES/V3.2.1
            19803: ALF-558: File servers (CIFS / FTP / NFS) can now handle concurrent write operations on Alfresco repository
               - ContentDiskDriver / AVMDiskDriver now use retrying transactions for write operations
               - Disable EagerContentStoreCleaner on ContentDiskDriver / AVMDiskDriver closeFile() operations so that they may be retried after rollback (Sony zero byte problem)
               - Allow manual association of AVM ContentData with nodes so that closeFile() may be retried
               - Propagation of new argument through AVM interfaces
         20905: (RECORD ONLY) ALF-3732: Rolled back the now unnecessary reference()/dereference() stuff from ALF-558
         20906: (RECORD ONLY) ALF-3732: Merged DEV/V3.3-BUG-FIX to PATCHES/V3.2.1
            20623: Fix for ALF-3188 : Access Denied when updating doc via CIFS
         20907: (RECORD ONLY) ALF-3732: Merged V3.3 to PATCHES/V3.2.1
            20173: Propagate IOExceptions from retryable write transactions in AlfrescoDiskDriver
         20950: ALF-3779: Upgrades on large repositories from v2.1 and v2.2 were failing on MySQL due to "The total number of locks exceeds the lock table size" errors
            - Solution was to add support for new --BEGIN TXN and --END TXN comments and execute LOCK TABLES statements in the same transaction as large INSERT - SELECT statements.
         20990: ALF-3789: Concurrency issues with InMemoryTicketComponentImpl
            - Previous ETHREEOH-1842 method of caching web session 'ref counts' against tickets could cause tickets to unpredictably fall out of the transactional cache
            - Rolled back original ETHREEOH-1842 fix. Would be too much overhead to keep these ref counts consistent across a cluster.
            - Instead, avoid invalidating tickets on web session timeout and only do it on explicit log out.
            - Now tickets maintained in non-transactional shared cache so they can't drop out unpredictably
            - Logic for ticket inactivity timeout caching improved so that it should work across a cluster
         20991: (RECORD ONLY) Incremented version label
         20993: ALF-3789: Fixed Spring configuration backward compatibily issue with previous fix
            - Ticket cache bean name restored to ticketsCache. This is actually now a non-transactional cache.
            - Also externalized parameters so that they can now be controlled by alfresco-global.properties without any bean overrides
               authentication.ticket.ticketsExpire=false
               authentication.ticket.expiryMode=AFTER_FIXED_TIME
               authentication.ticket.validDuration=PT1H
         20994: Eclipse classpath fixes for unit testing after ant build
         21057: ALF-3592: PassthruCifsAuthenticator now auto-creates / imports users who do not already exist in Alfresco
            - At least one of the following properties must be true for this to happen
               synchronization.autoCreatePeopleOnLogin
               synchronization.syncWhenMissingPeopleLogIn
            - Also improved debug logging of unknown passthru domains
      21063: Merged PATCHES/V3.2.r to V3.3
         21037: ALF-3793: Final attempt at realigning saved XForm data with a modified Schema
            - removeRemovedNodes / insertUpdatedNodes / insertPrototypeNodes replaced by a one stop recursive process that builds a new instance tree from scratch
            - Nodes copied over in correct order
            - Missing nodes added in and extra nodes discarded
            - Prototype nodes appended at appropriate points
         21038: (RECORD ONLY) Incremented version label


git-svn-id: https://svn.alfresco.com/repos/alfresco-enterprise/alfresco/HEAD/root@21065 c4b6b30b-aa2e-2d43-bbcb-ca4b014f7261
This commit is contained in:
Dave Ward
2010-07-11 14:22:26 +00:00
parent 596ee7e831
commit 53fc77ff7f
11 changed files with 273 additions and 444 deletions
Download Patch File Download Diff File Expand all files Collapse all files

58
source/java/org/alfresco/web/app/Application.java
View File

@@ -28,12 +28,15 @@ import java.util.ResourceBundle;
import javax.faces.context.FacesContext; import javax.faces.context.FacesContext;
import javax.servlet.ServletContext; import javax.servlet.ServletContext;
import javax.servlet.ServletException; import javax.servlet.ServletException;
import javax.servlet.http.Cookie;
import javax.servlet.http.HttpServletRequest; import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse; import javax.servlet.http.HttpServletResponse;
import javax.servlet.http.HttpSession; import javax.servlet.http.HttpSession;
import org.alfresco.repo.SessionUser;
import org.alfresco.repo.importer.ImporterBootstrap; import org.alfresco.repo.importer.ImporterBootstrap;
import org.alfresco.service.cmr.repository.StoreRef; import org.alfresco.service.cmr.repository.StoreRef;
import org.alfresco.service.cmr.security.AuthenticationService;
import org.alfresco.web.app.portlet.AlfrescoFacesPortlet; import org.alfresco.web.app.portlet.AlfrescoFacesPortlet;
import org.alfresco.web.app.servlet.AuthenticationHelper; import org.alfresco.web.app.servlet.AuthenticationHelper;
import org.alfresco.web.app.servlet.FacesHelper; import org.alfresco.web.app.servlet.FacesHelper;
@@ -69,6 +72,7 @@ public class Application
public static final String BEAN_CONFIG_SERVICE = "webClientConfigService"; public static final String BEAN_CONFIG_SERVICE = "webClientConfigService";
public static final String BEAN_DATA_DICTIONARY = "dataDictionary"; public static final String BEAN_DATA_DICTIONARY = "dataDictionary";
public static final String BEAN_IMPORTER_BOOTSTRAP = "spacesBootstrap"; public static final String BEAN_IMPORTER_BOOTSTRAP = "spacesBootstrap";
private static final String BEAN_UNPROTECTED_AUTH_SERVICE = "authenticationService";
public static final String MESSAGE_BUNDLE = "alfresco.messages.webclient"; public static final String MESSAGE_BUNDLE = "alfresco.messages.webclient";
@@ -289,6 +293,60 @@ public class Application
} }
} }
/**
* Invalidate Alfresco ticket and Web/Portlet session and clear the Security context for this thread.
* @param context
*/
public static void logOut(FacesContext context)
{
String ticket = null;
if (Application.inPortalServer())
{
ticket = AlfrescoFacesPortlet.onLogOut(context.getExternalContext().getRequest());
}
else
{
SessionUser user = getCurrentUser(context);
if (user != null)
{
ticket = user.getTicket();
}
HttpServletRequest request = (HttpServletRequest) context.getExternalContext().getRequest();
HttpSession session = request.getSession(false);
if (session != null)
{
session.invalidate();
}
// remove the username cookie value
Cookie authCookie = AuthenticationHelper.getAuthCookie(request);
if (authCookie != null)
{
HttpServletResponse response = (HttpServletResponse) context.getExternalContext().getResponse();
if (response.isCommitted())
{
// It's too late to do it now, but we can ask the login page to do it
request.getSession().setAttribute(AuthenticationHelper.SESSION_INVALIDATED, true);
}
else
{
authCookie.setMaxAge(0);
response.addCookie(authCookie);
}
}
}
// Explicitly invalidate the Alfresco ticket. This no longer happens on session expiry to allow for ticket
// 'sharing'
WebApplicationContext wc = FacesContextUtils.getRequiredWebApplicationContext(context);
AuthenticationService unprotAuthService = (AuthenticationService) wc.getBean(BEAN_UNPROTECTED_AUTH_SERVICE);
if (ticket != null)
{
unprotAuthService.invalidateTicket(ticket);
}
unprotAuthService.clearCurrentSecurityContext();
}
/** /**
* @return Returns the repository store URL (retrieved from config service) * @return Returns the repository store URL (retrieved from config service)
*/ */

16
source/java/org/alfresco/web/app/ContextListener.java
View File

@@ -18,8 +18,6 @@
*/ */
package org.alfresco.web.app; package org.alfresco.web.app;
import java.util.Enumeration;
import javax.servlet.ServletContext; import javax.servlet.ServletContext;
import javax.servlet.ServletContextEvent; import javax.servlet.ServletContextEvent;
import javax.servlet.ServletContextListener; import javax.servlet.ServletContextListener;
@@ -28,7 +26,6 @@ import javax.servlet.http.HttpSessionListener;
import javax.transaction.UserTransaction; import javax.transaction.UserTransaction;
import org.alfresco.error.AlfrescoRuntimeException; import org.alfresco.error.AlfrescoRuntimeException;
import org.alfresco.repo.SessionUser;
import org.alfresco.repo.cache.InternalEhCacheManagerFactoryBean; import org.alfresco.repo.cache.InternalEhCacheManagerFactoryBean;
import org.alfresco.repo.security.authentication.AuthenticationContext; import org.alfresco.repo.security.authentication.AuthenticationContext;
import org.alfresco.service.ServiceRegistry; import org.alfresco.service.ServiceRegistry;
@@ -36,10 +33,8 @@ import org.alfresco.service.cmr.repository.NodeRef;
import org.alfresco.service.cmr.repository.NodeService; import org.alfresco.service.cmr.repository.NodeService;
import org.alfresco.service.cmr.repository.StoreRef; import org.alfresco.service.cmr.repository.StoreRef;
import org.alfresco.service.cmr.search.SearchService; import org.alfresco.service.cmr.search.SearchService;
import org.alfresco.service.cmr.security.AuthenticationService;
import org.alfresco.service.namespace.NamespaceService; import org.alfresco.service.namespace.NamespaceService;
import org.alfresco.service.transaction.TransactionService; import org.alfresco.service.transaction.TransactionService;
import org.alfresco.web.app.servlet.AuthenticationHelper;
import org.alfresco.web.bean.repository.Repository; import org.alfresco.web.bean.repository.Repository;
import org.apache.commons.logging.Log; import org.apache.commons.logging.Log;
import org.apache.commons.logging.LogFactory; import org.apache.commons.logging.LogFactory;
@@ -156,16 +151,5 @@ public class ContextListener implements ServletContextListener, HttpSessionListe
{ {
if (logger.isDebugEnabled()) if (logger.isDebugEnabled())
logger.debug("HTTP session destroyed: " + event.getSession().getId()); logger.debug("HTTP session destroyed: " + event.getSession().getId());
SessionUser user = (SessionUser)event.getSession().getAttribute(AuthenticationHelper.AUTHENTICATION_USER);
if (user != null)
{
// invalidate ticket and clear the Security context for this thread
WebApplicationContext ctx = WebApplicationContextUtils.getRequiredWebApplicationContext(servletContext);
AuthenticationService authService = (AuthenticationService)ctx.getBean("authenticationService");
authService.invalidateTicket(user.getTicket(), event.getSession().getId());
authService.clearCurrentSecurityContext();
event.getSession().removeAttribute(AuthenticationHelper.AUTHENTICATION_USER);
}
} }
} }

39
source/java/org/alfresco/web/app/portlet/AlfrescoFacesPortlet.java
View File

@@ -20,6 +20,7 @@ package org.alfresco.web.app.portlet;
import java.io.File; import java.io.File;
import java.io.IOException; import java.io.IOException;
import java.util.Enumeration;
import java.util.Iterator; import java.util.Iterator;
import java.util.List; import java.util.List;
import java.util.Locale; import java.util.Locale;
@@ -179,7 +180,7 @@ public class AlfrescoFacesPortlet extends MyFacesGenericPortlet
WebApplicationContext ctx = (WebApplicationContext)getPortletContext().getAttribute( WebApplicationContext ctx = (WebApplicationContext)getPortletContext().getAttribute(
WebApplicationContext.ROOT_WEB_APPLICATION_CONTEXT_ATTRIBUTE); WebApplicationContext.ROOT_WEB_APPLICATION_CONTEXT_ATTRIBUTE);
AuthenticationService auth = (AuthenticationService)ctx.getBean("AuthenticationService"); AuthenticationService auth = (AuthenticationService)ctx.getBean("AuthenticationService");
auth.validate(user.getTicket(), null); auth.validate(user.getTicket());
// save last username into portlet preferences, get from LoginBean state // save last username into portlet preferences, get from LoginBean state
LoginBean loginBean = (LoginBean)request.getPortletSession().getAttribute(AuthenticationHelper.LOGIN_BEAN); LoginBean loginBean = (LoginBean)request.getPortletSession().getAttribute(AuthenticationHelper.LOGIN_BEAN);
@@ -361,7 +362,7 @@ public class AlfrescoFacesPortlet extends MyFacesGenericPortlet
logger.debug("Validating ticket: " + user.getTicket()); logger.debug("Validating ticket: " + user.getTicket());
// setup the authentication context // setup the authentication context
auth.validate(user.getTicket(), null); auth.validate(user.getTicket());
} }
// do the normal JSF processing // do the normal JSF processing
@@ -580,6 +581,38 @@ public class AlfrescoFacesPortlet extends MyFacesGenericPortlet
return FacesHelper.getFacesContext(portletReq, portletRes, portletConfig.getPortletContext()); return FacesHelper.getFacesContext(portletReq, portletRes, portletConfig.getPortletContext());
} }
public static String onLogOut(Object req)
{
PortletRequest portletReq = null;
if (req instanceof ServletRequest)
{
portletReq = (PortletRequest) ((ServletRequest) req).getAttribute("javax.portlet.request");
}
else if (req instanceof PortletRequest)
{
portletReq = (PortletRequest) req;
}
if (portletReq == null)
{
return null;
}
// remove all objects from our session by hand
// we do this as invalidating the Portal session would invalidate all other portlets!
PortletSession session = portletReq.getPortletSession();
SessionUser user = (SessionUser) session.getAttribute(AuthenticationHelper.AUTHENTICATION_USER,
PortletSession.APPLICATION_SCOPE);
Enumeration<String> i = session.getAttributeNames();
while (i.hasMoreElements())
{
session.removeAttribute(i.nextElement());
}
session.setAttribute(AuthenticationHelper.SESSION_INVALIDATED, true);
return user == null ? null : user.getTicket();
}
/** /**
* Handles errors that occur during a render request * Handles errors that occur during a render request
*/ */
@@ -641,7 +674,7 @@ public class AlfrescoFacesPortlet extends MyFacesGenericPortlet
*/ */
private static User portalGuestAuthenticate(WebApplicationContext ctx, PortletSession session, AuthenticationService auth) private static User portalGuestAuthenticate(WebApplicationContext ctx, PortletSession session, AuthenticationService auth)
{ {
User user = AuthenticationHelper.portalGuestAuthenticate(ctx, session.getId(), auth); User user = AuthenticationHelper.portalGuestAuthenticate(ctx, auth);
if (user != null) if (user != null)
{ {

26
source/java/org/alfresco/web/app/servlet/AuthenticationHelper.java
View File

@@ -204,7 +204,7 @@ public final class AuthenticationHelper
auth.authenticateAsGuest(); auth.authenticateAsGuest();
// if we get here then Guest access was allowed and successful // if we get here then Guest access was allowed and successful
setUser(sc, req, AuthenticationUtil.getGuestUserName(), auth.getCurrentTicket(session.getId()), false); setUser(sc, req, AuthenticationUtil.getGuestUserName(), auth.getCurrentTicket(), false);
// Set up the thread context // Set up the thread context
setupThread(sc, req, res); setupThread(sc, req, res);
@@ -223,8 +223,7 @@ public final class AuthenticationHelper
{ {
// Guest is unable to access either properties on Person // Guest is unable to access either properties on Person
AuthenticationService unprotAuthService = (AuthenticationService)wc.getBean(UNPROTECTED_AUTH_SERVICE); AuthenticationService unprotAuthService = (AuthenticationService)wc.getBean(UNPROTECTED_AUTH_SERVICE);
String sessionId = session.getId(); unprotAuthService.invalidateTicket(unprotAuthService.getCurrentTicket());
unprotAuthService.invalidateTicket(unprotAuthService.getCurrentTicket(sessionId), sessionId);
unprotAuthService.clearCurrentSecurityContext(); unprotAuthService.clearCurrentSecurityContext();
logger.warn("Unable to login as Guest: " + accessError.getMessage()); logger.warn("Unable to login as Guest: " + accessError.getMessage());
} }
@@ -232,8 +231,7 @@ public final class AuthenticationHelper
{ {
// Some other kind of serious failure to report // Some other kind of serious failure to report
AuthenticationService unprotAuthService = (AuthenticationService)wc.getBean(UNPROTECTED_AUTH_SERVICE); AuthenticationService unprotAuthService = (AuthenticationService)wc.getBean(UNPROTECTED_AUTH_SERVICE);
String sessionId = session.getId(); unprotAuthService.invalidateTicket(unprotAuthService.getCurrentTicket());
unprotAuthService.invalidateTicket(unprotAuthService.getCurrentTicket(sessionId), sessionId);
unprotAuthService.clearCurrentSecurityContext(); unprotAuthService.clearCurrentSecurityContext();
throw new AlfrescoRuntimeException("Failed to authenticate as Guest user.", e); throw new AlfrescoRuntimeException("Failed to authenticate as Guest user.", e);
} }
@@ -288,7 +286,7 @@ public final class AuthenticationHelper
} }
// Validate the ticket and associate it with the session // Validate the ticket and associate it with the session
auth.validate(ticket, session.getId()); auth.validate(ticket);
// Cache a new user in the session if required // Cache a new user in the session if required
if (user == null) if (user == null)
@@ -309,8 +307,7 @@ public final class AuthenticationHelper
{ {
// Some other kind of serious failure // Some other kind of serious failure
AuthenticationService unprotAuthService = (AuthenticationService)wc.getBean(UNPROTECTED_AUTH_SERVICE); AuthenticationService unprotAuthService = (AuthenticationService)wc.getBean(UNPROTECTED_AUTH_SERVICE);
String sessionId = session.getId(); unprotAuthService.invalidateTicket(unprotAuthService.getCurrentTicket());
unprotAuthService.invalidateTicket(unprotAuthService.getCurrentTicket(sessionId), sessionId);
unprotAuthService.clearCurrentSecurityContext(); unprotAuthService.clearCurrentSecurityContext();
return AuthenticationStatus.Failure; return AuthenticationStatus.Failure;
} }
@@ -414,13 +411,13 @@ public final class AuthenticationHelper
* @param auth * @param auth
* AuthenticationService * AuthenticationService
*/ */
public static User portalGuestAuthenticate(WebApplicationContext ctx, String sessionId, AuthenticationService auth) public static User portalGuestAuthenticate(WebApplicationContext ctx, AuthenticationService auth)
{ {
try try
{ {
auth.authenticateAsGuest(); auth.authenticateAsGuest();
return createUser(ctx, AuthenticationUtil.getGuestUserName(), auth.getCurrentTicket(sessionId)); return createUser(ctx, AuthenticationUtil.getGuestUserName(), auth.getCurrentTicket());
} }
catch (AuthenticationException guestError) catch (AuthenticationException guestError)
{ {
@@ -430,7 +427,7 @@ public final class AuthenticationHelper
{ {
// Guest is unable to access either properties on Person // Guest is unable to access either properties on Person
AuthenticationService unprotAuthService = (AuthenticationService) ctx.getBean(UNPROTECTED_AUTH_SERVICE); AuthenticationService unprotAuthService = (AuthenticationService) ctx.getBean(UNPROTECTED_AUTH_SERVICE);
unprotAuthService.invalidateTicket(unprotAuthService.getCurrentTicket(sessionId), sessionId); unprotAuthService.invalidateTicket(unprotAuthService.getCurrentTicket());
unprotAuthService.clearCurrentSecurityContext(); unprotAuthService.clearCurrentSecurityContext();
logger.warn("Unable to login as Guest: " + accessError.getMessage()); logger.warn("Unable to login as Guest: " + accessError.getMessage());
} }
@@ -438,7 +435,7 @@ public final class AuthenticationHelper
{ {
// Some other kind of serious failure to report // Some other kind of serious failure to report
AuthenticationService unprotAuthService = (AuthenticationService) ctx.getBean(UNPROTECTED_AUTH_SERVICE); AuthenticationService unprotAuthService = (AuthenticationService) ctx.getBean(UNPROTECTED_AUTH_SERVICE);
unprotAuthService.invalidateTicket(unprotAuthService.getCurrentTicket(sessionId), sessionId); unprotAuthService.invalidateTicket(unprotAuthService.getCurrentTicket());
unprotAuthService.clearCurrentSecurityContext(); unprotAuthService.clearCurrentSecurityContext();
throw new AlfrescoRuntimeException("Failed to authenticate as Guest user.", e); throw new AlfrescoRuntimeException("Failed to authenticate as Guest user.", e);
} }
@@ -481,7 +478,7 @@ public final class AuthenticationHelper
AuthenticationService auth = (AuthenticationService) wc.getBean(AUTHENTICATION_SERVICE); AuthenticationService auth = (AuthenticationService) wc.getBean(AUTHENTICATION_SERVICE);
try try
{ {
auth.validate(sessionUser.getTicket(), session.getId()); auth.validate(sessionUser.getTicket());
if (sessionUser instanceof User) if (sessionUser instanceof User)
{ {
user = (User)sessionUser; user = (User)sessionUser;
@@ -523,8 +520,7 @@ public final class AuthenticationHelper
.getBean(AUTHENTICATION_COMPONENT); .getBean(AUTHENTICATION_COMPONENT);
authenticationComponent.setCurrentUser(userId); authenticationComponent.setCurrentUser(userId);
AuthenticationService authenticationService = (AuthenticationService) wc.getBean(AUTHENTICATION_SERVICE); AuthenticationService authenticationService = (AuthenticationService) wc.getBean(AUTHENTICATION_SERVICE);
session = httpRequest.getSession(); user = setUser(sc, httpRequest, userId, authenticationService.getCurrentTicket(), true);
user = setUser(sc, httpRequest, userId, authenticationService.getCurrentTicket(session.getId()), true);
} }
} }
return user; return user;

3
source/java/org/alfresco/web/app/servlet/ExternalAccessServlet.java
View File

@@ -327,7 +327,8 @@ public class ExternalAccessServlet extends BaseServlet
else if (OUTCOME_LOGOUT.equals(outcome)) else if (OUTCOME_LOGOUT.equals(outcome))
{ {
// special case for logout // special case for logout
req.getSession().invalidate(); // invalidate ticket and clear the Security context for this thread
Application.logOut(fc);
res.sendRedirect(req.getContextPath() + FACES_SERVLET + Application.getLoginPage(getServletContext())); res.sendRedirect(req.getContextPath() + FACES_SERVLET + Application.getLoginPage(getServletContext()));
return; return;
} }

3
source/java/org/alfresco/web/app/servlet/HTTPRequestAuthenticationFilter.java
View File

@@ -230,8 +230,7 @@ public class HTTPRequestAuthenticationFilter implements Filter
authComponent.setCurrentUser(userName); authComponent.setCurrentUser(userName);
// Set up the user information // Set up the user information
AuthenticationHelper.setUser(context, req, userName, authenticationService.getCurrentTicket(req.getSession() AuthenticationHelper.setUser(context, req, userName, authenticationService.getCurrentTicket(), true);
.getId()), true);
// Set the locale using the session // Set the locale using the session
AuthenticationHelper.setupThread(this.context, req, res); AuthenticationHelper.setupThread(this.context, req, res);

47
source/java/org/alfresco/web/bean/LoginBean.java
View File

@@ -28,11 +28,8 @@ import javax.faces.application.FacesMessage;
import javax.faces.component.UIComponent; import javax.faces.component.UIComponent;
import javax.faces.context.FacesContext; import javax.faces.context.FacesContext;
import javax.faces.validator.ValidatorException; import javax.faces.validator.ValidatorException;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpSession;
import org.alfresco.model.ContentModel; import org.alfresco.model.ContentModel;
import org.alfresco.repo.SessionUser;
import org.alfresco.repo.security.authentication.AuthenticationDisallowedException; import org.alfresco.repo.security.authentication.AuthenticationDisallowedException;
import org.alfresco.repo.security.authentication.AuthenticationException; import org.alfresco.repo.security.authentication.AuthenticationException;
import org.alfresco.repo.security.authentication.AuthenticationMaxUsersException; import org.alfresco.repo.security.authentication.AuthenticationMaxUsersException;
@@ -295,19 +292,10 @@ public class LoginBean implements Serializable
// remove the session invalidated flag (used to remove last username cookie by AuthenticationFilter) // remove the session invalidated flag (used to remove last username cookie by AuthenticationFilter)
session.remove(AuthenticationHelper.SESSION_INVALIDATED); session.remove(AuthenticationHelper.SESSION_INVALIDATED);
// Try to make an association between the session ID and the ticket ID (if not possible here, it will
// happen during first pass through security filters)
String sessionId = null;
Object httpSession = fc.getExternalContext().getSession(false);
if (httpSession != null && httpSession instanceof HttpSession)
{
sessionId = ((HttpSession) httpSession).getId();
}
// setup User object and Home space ID // setup User object and Home space ID
User user = new User( User user = new User(
this.username, this.username,
this.getAuthenticationService().getCurrentTicket(sessionId), this.getAuthenticationService().getCurrentTicket(),
getPersonService().getPerson(this.username)); getPersonService().getPerson(this.username));
NodeRef homeSpaceRef = (NodeRef) this.getNodeService().getProperty(getPersonService().getPerson(this.username), ContentModel.PROP_HOMEFOLDER); NodeRef homeSpaceRef = (NodeRef) this.getNodeService().getProperty(getPersonService().getPerson(this.username), ContentModel.PROP_HOMEFOLDER);
@@ -417,37 +405,8 @@ public class LoginBean implements Serializable
Locale language = Application.getLanguage(context); Locale language = Application.getLanguage(context);
// Invalidate Session for this user. // Perform log out actions
if (Application.inPortalServer() == false) Application.logOut(context);
{
// This causes the sessionDestroyed() event to be processed by ContextListener
// which is responsible for invalidating the ticket and clearing the security context
HttpServletRequest request = (HttpServletRequest)FacesContext.getCurrentInstance().getExternalContext().getRequest();
request.getSession().invalidate();
}
else
{
Map session = context.getExternalContext().getSessionMap();
SessionUser user = Application.getCurrentUser(context);
if (user != null)
{
// invalidate ticket and clear the Security context for this thread
getAuthenticationService().invalidateTicket(user.getTicket(), null);
getAuthenticationService().clearCurrentSecurityContext();
}
// remove all objects from our session by hand
// we do this as invalidating the Portal session would invalidate all other portlets!
for (Object key : session.keySet())
{
session.remove(key);
}
}
// Request that the username cookie state is removed - this is not
// possible from JSF - so instead we setup a session variable
// which will be detected by the login.jsp/Portlet as appropriate.
Map session = context.getExternalContext().getSessionMap();
session.put(AuthenticationHelper.SESSION_INVALIDATED, true);
// set language to last used on the login page // set language to last used on the login page
Application.setLanguage(context, language.toString()); Application.setLanguage(context, language.toString());

473
source/java/org/alfresco/web/forms/xforms/Schema2XForms.java
View File

@@ -71,8 +71,10 @@ import org.w3c.dom.Attr;
import org.w3c.dom.Comment; import org.w3c.dom.Comment;
import org.w3c.dom.Document; import org.w3c.dom.Document;
import org.w3c.dom.Element; import org.w3c.dom.Element;
import org.w3c.dom.NamedNodeMap;
import org.w3c.dom.Node; import org.w3c.dom.Node;
import org.w3c.dom.NodeList; import org.w3c.dom.NodeList;
import org.w3c.dom.Text;
/** /**
* An abstract implementation of the Schema2XForms interface allowing * An abstract implementation of the Schema2XForms interface allowing
@@ -234,7 +236,7 @@ public class Schema2XForms implements Serializable
{ {
continue; continue;
} }
final String prefix = this.addNamespace(xformsDocument.getDocumentElement(), final String prefix = addNamespace(xformsDocument.getDocumentElement(),
schemaDocument.lookupPrefix(schemaNamespaces.item(i)), schemaDocument.lookupPrefix(schemaNamespaces.item(i)),
schemaNamespaces.item(i)); schemaNamespaces.item(i));
if (LOGGER.isDebugEnabled()) if (LOGGER.isDebugEnabled())
@@ -273,7 +275,7 @@ public class Schema2XForms implements Serializable
this.setXFormsId(instanceElement); this.setXFormsId(instanceElement);
final Element defaultInstanceDocumentElement = xformsDocument.createElement(rootElementName); final Element defaultInstanceDocumentElement = xformsDocument.createElement(rootElementName);
this.addNamespace(defaultInstanceDocumentElement, addNamespace(defaultInstanceDocumentElement,
NamespaceConstants.XMLSCHEMA_INSTANCE_PREFIX, NamespaceConstants.XMLSCHEMA_INSTANCE_PREFIX,
NamespaceConstants.XMLSCHEMA_INSTANCE_NS); NamespaceConstants.XMLSCHEMA_INSTANCE_NS);
if (this.targetNamespace != null) if (this.targetNamespace != null)
@@ -287,15 +289,15 @@ public class Schema2XForms implements Serializable
" to xform and default instance element"); " to xform and default instance element");
} }
this.addNamespace(defaultInstanceDocumentElement, addNamespace(defaultInstanceDocumentElement,
targetNamespacePrefix, targetNamespacePrefix,
this.targetNamespace); this.targetNamespace);
this.addNamespace(xformsDocument.getDocumentElement(), addNamespace(xformsDocument.getDocumentElement(),
targetNamespacePrefix, targetNamespacePrefix,
this.targetNamespace); this.targetNamespace);
} }
Element importedInstanceDocumentElement = null; Element prototypeInstanceElement = null;
if (instanceDocument == null || instanceDocument.getDocumentElement() == null) if (instanceDocument == null || instanceDocument.getDocumentElement() == null)
{ {
instanceElement.appendChild(defaultInstanceDocumentElement); instanceElement.appendChild(defaultInstanceDocumentElement);
@@ -313,15 +315,7 @@ public class Schema2XForms implements Serializable
if (LOGGER.isDebugEnabled()) if (LOGGER.isDebugEnabled())
LOGGER.debug("[buildXForm] importing rootElement from other document"); LOGGER.debug("[buildXForm] importing rootElement from other document");
importedInstanceDocumentElement = (Element) prototypeInstanceElement =
xformsDocument.importNode(instanceDocumentElement, true);
//add XMLSchema instance NS
this.addNamespace(importedInstanceDocumentElement,
NamespaceConstants.XMLSCHEMA_INSTANCE_PREFIX,
NamespaceConstants.XMLSCHEMA_INSTANCE_NS);
instanceElement.appendChild(importedInstanceDocumentElement);
final Element prototypeInstanceElement =
xformsDocument.createElementNS(NamespaceConstants.XFORMS_NS, xformsDocument.createElementNS(NamespaceConstants.XFORMS_NS,
NamespaceConstants.XFORMS_PREFIX + ":instance"); NamespaceConstants.XFORMS_PREFIX + ":instance");
modelSection.appendChild(prototypeInstanceElement); modelSection.appendChild(prototypeInstanceElement);
@@ -349,18 +343,10 @@ public class Schema2XForms implements Serializable
} }
this.setXFormsId(rootGroup, "alfresco-xforms-root-group"); this.setXFormsId(rootGroup, "alfresco-xforms-root-group");
if (importedInstanceDocumentElement != null) if (prototypeInstanceElement != null)
{ {
Schema2XForms.removeRemovedNodes(importedInstanceDocumentElement, Schema2XForms.rebuildInstance(prototypeInstanceElement, instanceDocument,
defaultInstanceDocumentElement, instanceElement, schemaNamespacesMap);
schemaNamespacesMap);
Schema2XForms.insertUpdatedNodes(importedInstanceDocumentElement,
defaultInstanceDocumentElement,
schemaNamespacesMap);
Schema2XForms.insertPrototypeNodes(importedInstanceDocumentElement,
defaultInstanceDocumentElement,
schemaNamespacesMap);
} }
this.createSubmitElements(xformsDocument, modelSection, rootGroup); this.createSubmitElements(xformsDocument, modelSection, rootGroup);
@@ -388,137 +374,15 @@ public class Schema2XForms implements Serializable
this.counter.clear(); this.counter.clear();
} }
/**
* Inserts nodes that exist in the prototype document that are absent in the imported instance.
* This is to handle the case where a schema has been updated since the last time the
* imported document was modified.
*
* @param instanceDocumentElement the user provided instance document
* @param prototypeInstanceElement the generated prototype instance document
* @param schemaNamespaces the namespaces used by the instance document needed for
* initializing the xpath context.
*/
@SuppressWarnings("unchecked") @SuppressWarnings("unchecked")
public static void insertUpdatedNodes(final Element instanceDocumentElement, public static void rebuildInstance(final Node prototypeNode, final Node oldInstanceNode,
final Element prototypeDocumentElement, final Node newInstanceNode,
final HashMap<String, String> schemaNamespaces) final HashMap<String, String> schemaNamespaces)
{ {
if (LOGGER.isDebugEnabled()) final JXPathContext prototypeContext = JXPathContext.newContext(prototypeNode);
LOGGER.debug("[insertUpdatedNodes] updating imported instance document");
final JXPathContext prototypeContext =
JXPathContext.newContext(prototypeDocumentElement);
prototypeContext.registerNamespace(NamespaceService.ALFRESCO_PREFIX,
NamespaceService.ALFRESCO_URI);
final JXPathContext instanceContext =
JXPathContext.newContext(instanceDocumentElement);
instanceContext.registerNamespace(NamespaceService.ALFRESCO_PREFIX,
NamespaceService.ALFRESCO_URI);
// identify all non prototype elements in the prototypeDocument
for (final String prefix : schemaNamespaces.keySet())
{
prototypeContext.registerNamespace(prefix, schemaNamespaces.get(prefix));
instanceContext.registerNamespace(prefix, schemaNamespaces.get(prefix));
}
final Iterator it =
prototypeContext.iteratePointers("//*[not(@" + NamespaceService.ALFRESCO_PREFIX +
":prototype='true')] | //@*[name()!='" + NamespaceService.ALFRESCO_PREFIX +
":prototype']");
while (it.hasNext())
{
final Pointer p = (Pointer)it.next();
if (LOGGER.isDebugEnabled())
{
LOGGER.debug("[insertUpdatedNodes] evaluating prototype node " + p.asPath() +
" normalized " + p.asPath().replaceAll("\\[\\d+\\]", ""));
}
String path = p.asPath().replaceAll("\\[\\d+\\]", "");
if (path.lastIndexOf("/") == 0)
{
if (instanceContext.selectNodes(path).size() == 0)
{
if (LOGGER.isDebugEnabled())
LOGGER.debug("[insertUpdatedNodes] copying " + path + " into imported instance");
// remove child elements - we want attributes but don't want to
// copy any potential prototyp nodes
final Node clone = ((Node)p.getNode()).cloneNode(true);
if (clone instanceof Attr)
{
instanceDocumentElement.setAttributeNode((Attr)clone);
}
else
{
final NodeList children = clone.getChildNodes();
for (int i = 0; i < children.getLength(); i++)
{
if (children.item(i) instanceof Element)
{
clone.removeChild(children.item(i));
}
}
instanceDocumentElement.appendChild(clone);
}
}
}
else
{
// change path /foo/bar into /foo[not(child::bar)]
if (path.indexOf("@") >= 0)
{
path = path.replaceAll("\\/(@.+)$", "[not($1)]");
}
else
{
path = path.replaceAll("\\/([^/]+)$", "[not(child::$1)]");
}
final List<Node> l = (List<Node>)instanceContext.selectNodes(path);
if (LOGGER.isDebugEnabled())
{
LOGGER.debug("[insertUpdatedNodes] appending node " + ((Node)p.getNode()).getNodeName() +
" to the " + l.size() + " selected nodes matching path " + path);
}
for (Node n : l)
{
// remove child elements - we want attributes but don't want to
// copy any potential prototyp nodes
final Node clone = ((Node)p.getNode()).cloneNode(true);
if (clone instanceof Attr)
{
((Element)n).setAttributeNode((Attr)clone);
}
else
{
final NodeList children = clone.getChildNodes();
for (int i = 0; i < children.getLength(); i++)
{
if (children.item(i) instanceof Element)
{
clone.removeChild(children.item(i));
}
}
n.appendChild(clone);
}
}
}
}
}
@SuppressWarnings("unchecked")
public static void removeRemovedNodes(final Element instanceDocumentElement, final Element prototypeDocumentElement,
final HashMap<String, String> schemaNamespaces)
{
if (LOGGER.isDebugEnabled())
LOGGER.debug("[removeRemovedNodes] updating imported instance document");
final JXPathContext prototypeContext = JXPathContext.newContext(prototypeDocumentElement);
prototypeContext.registerNamespace(NamespaceService.ALFRESCO_PREFIX, NamespaceService.ALFRESCO_URI); prototypeContext.registerNamespace(NamespaceService.ALFRESCO_PREFIX, NamespaceService.ALFRESCO_URI);
final JXPathContext instanceContext = JXPathContext.newContext(instanceDocumentElement); final JXPathContext instanceContext = JXPathContext.newContext(oldInstanceNode);
instanceContext.registerNamespace(NamespaceService.ALFRESCO_PREFIX, NamespaceService.ALFRESCO_URI); instanceContext.registerNamespace(NamespaceService.ALFRESCO_PREFIX, NamespaceService.ALFRESCO_URI);
for (final String prefix : schemaNamespaces.keySet()) for (final String prefix : schemaNamespaces.keySet())
@@ -527,224 +391,161 @@ public class Schema2XForms implements Serializable
instanceContext.registerNamespace(prefix, schemaNamespaces.get(prefix)); instanceContext.registerNamespace(prefix, schemaNamespaces.get(prefix));
} }
// Check all elements and attributes in the instance document // Evaluate non-recursive XPaths for all prototype elements at this level
OUTER: for (;;) final Iterator<Pointer> it = prototypeContext.iteratePointers("*");
{
final Iterator<Pointer> it = instanceContext.iteratePointers("//* | //@*");
while (it.hasNext()) while (it.hasNext())
{ {
final Pointer p = it.next(); final Pointer p = it.next();
String path = p.asPath().replaceAll("\\[\\d+\\]", ""); Element proto = (Element) p.getNode();
String path = p.asPath();
// check if this is a prototype element with the attribute set
boolean isPrototype = proto.hasAttributeNS(NamespaceService.ALFRESCO_URI, "prototype")
&& proto.getAttributeNS(NamespaceService.ALFRESCO_URI, "prototype").equals("true");
// We shouldn't locate a repeatable child with a fixed path
if (isPrototype)
{
path = path.replaceAll("\\[(\\d+)\\]", "[position() >= $1]");
if (LOGGER.isDebugEnabled()) if (LOGGER.isDebugEnabled())
{ {
LOGGER.debug("[removeRemovedNodes] evaluating instance node " + p.asPath() + " normalized " LOGGER.debug("[rebuildInstance] evaluating prototyped nodes " + path);
+ path + " in prototype document"); }
}
else
{
if (LOGGER.isDebugEnabled())
{
LOGGER.debug("[rebuildInstance] evaluating child node with positional path " + path);
}
} }
final List<Node> l = (List<Node>) prototypeContext.selectNodes(path); Document newInstanceDocument = newInstanceNode.getOwnerDocument();
// Locate the corresponding nodes in the instance document
List<Node> l = (List<Node>) instanceContext.selectNodes(path);
// If the prototype node isn't a prototype element, copy it in as a missing node, complete with all its children. We won't need to recurse on this node
if (l.isEmpty()) if (l.isEmpty())
{ {
final Node node = (Node) p.getNode(); if (!isPrototype)
if (LOGGER.isDebugEnabled())
{ {
LOGGER.debug("[removeRemovedNodes] removing instance node " + node.getNodeName() +" with no prototype nodes matching path " + path); LOGGER.debug("[rebuildInstance] copying in missing node " + proto.getNodeName() + " to "
+ XMLUtil.buildXPath(newInstanceNode, newInstanceDocument.getDocumentElement()));
// Clone the prototype node and all its children
Element clone = (Element)proto.cloneNode(true);
newInstanceNode.appendChild(clone);
if (oldInstanceNode instanceof Document)
{
// add XMLSchema instance NS
addNamespace(clone, NamespaceConstants.XMLSCHEMA_INSTANCE_PREFIX,
NamespaceConstants.XMLSCHEMA_INSTANCE_NS);
}
} }
if (node instanceof Attr)
{
((Attr) node).getOwnerElement().removeAttributeNode((Attr) node);
} }
else else
{ {
node.getParentNode().removeChild(node); // Otherwise, append the matches from the old instance document in order
for (Node old : l)
{
Element oldEl = (Element)old;
// Copy the old instance element rather than cloning it, so we don't copy over attributes
Element clone = newInstanceDocument.createElementNS(oldEl.getNamespaceURI(), oldEl.getTagName());
newInstanceNode.appendChild(clone);
if (oldInstanceNode instanceof Document)
{
// add XMLSchema instance NS
addNamespace(clone, NamespaceConstants.XMLSCHEMA_INSTANCE_PREFIX,
NamespaceConstants.XMLSCHEMA_INSTANCE_NS);
} }
// We have removed a node and potentially an entire sub-tree of paths. Restart the search // Copy over child text if this is not a complex type
continue OUTER; boolean isEmpty = true;
for (Node n = old.getFirstChild(); n != null; n = n.getNextSibling())
{
if (n instanceof Text)
{
clone.appendChild(newInstanceDocument.importNode(n, false));
isEmpty = false;
} }
else if (n instanceof Element)
{
break;
} }
// We completed the search
break OUTER;
} }
// Check the nil attribute
if (oldEl.getAttributeNS(NamespaceConstants.XMLSCHEMA_INSTANCE_NS, "nil").equals("true"))
{
clone.setAttributeNS(NamespaceConstants.XMLSCHEMA_INSTANCE_NS,
NamespaceConstants.XMLSCHEMA_INSTANCE_PREFIX + ":nil", "true");
} }
/** // Copy over attributes present in the prototype
* Inserts prototype nodes into the provided instance document by aggregating insertion NamedNodeMap attributes = proto.getAttributes();
* points from the generated prototype instance docment. for (int i = 0; i < attributes.getLength(); i++)
*
* @param instanceDocumentElement the user provided instance document
* @param prototypeInstanceElement the generated prototype instance document
* @param schemaNamespaces the namespaces used by the instance document needed for
* initializing the xpath context.
*/
@SuppressWarnings("unchecked")
public static void insertPrototypeNodes(final Element instanceDocumentElement,
final Element prototypeDocumentElement,
final HashMap<String, String> schemaNamespaces)
{ {
final JXPathContext prototypeContext = Attr attribute = (Attr) attributes.item(i);
JXPathContext.newContext(prototypeDocumentElement); String localName = attribute.getLocalName();
prototypeContext.registerNamespace(NamespaceService.ALFRESCO_PREFIX, if (localName == null)
NamespaceService.ALFRESCO_URI);
final JXPathContext instanceContext =
JXPathContext.newContext(instanceDocumentElement);
instanceContext.registerNamespace(NamespaceService.ALFRESCO_PREFIX,
NamespaceService.ALFRESCO_URI);
for (final String prefix : schemaNamespaces.keySet())
{ {
prototypeContext.registerNamespace(prefix, schemaNamespaces.get(prefix)); String name = attribute.getName();
instanceContext.registerNamespace(prefix, schemaNamespaces.get(prefix)); if (oldEl.hasAttribute(name))
}
class PrototypeInsertionData
{ {
final Node prototype; clone.setAttributeNode((Attr) newInstanceDocument.importNode(oldEl.getAttributeNode(name),
final List<Node> nodes;
final boolean append;
PrototypeInsertionData(final Node prototype,
final List<Node> nodes,
final boolean append)
{
this.prototype = prototype;
this.nodes = nodes;
this.append = append;
}
};
final HashMap<String, PrototypeInsertionData> prototypesToInsert =
new HashMap<String, PrototypeInsertionData>();
// find all prototype nodes
final Iterator it =
prototypeContext.iteratePointers("//*[@" + NamespaceService.ALFRESCO_PREFIX +
":prototype='true'][ancestor::*[not(@" + NamespaceService.ALFRESCO_PREFIX +
":prototype)]]");
// find all relevant insertion points within the instance document
while (it.hasNext())
{
final Pointer p = (Pointer)it.next();
if (LOGGER.isDebugEnabled())
{
LOGGER.debug("[insertPrototypeNodes] evaluating prototype node " + p.asPath());
}
String path = p.asPath().replaceAll("\\[\\d+\\]", "") + "[last()]";
if (prototypesToInsert.containsKey(path))
{
if (LOGGER.isDebugEnabled())
{
LOGGER.debug("[insertPrototypeNodes] already checked path " + path + " - ignoring.");
}
continue;
}
if (LOGGER.isDebugEnabled())
{
LOGGER.debug("[insertPrototypeNodes] evaluating " + path + " against instance document");
}
List<Node> l = (List<Node>)instanceContext.selectNodes(path);
if (l.size() != 0)
{
// this is a 1 to n repeat - add a prototype node to the list of repeat instances
if (LOGGER.isDebugEnabled())
{
LOGGER.debug("[insertPrototypeNodes] path " + path + " evaluated to " + l.size() + " nodes");
}
prototypesToInsert.put(path, new PrototypeInsertionData((Node)p.getNode(),
l,
false)); false));
} }
else
if (path.lastIndexOf("/") != 0)
{ {
// this could be a 0 to n repeat - check if there are any relevant parent LOGGER.debug("[rebuildInstance] copying in missing attribute " + attribute.getNodeName()
// insertion points + " to " + XMLUtil.buildXPath(clone, newInstanceDocument.getDocumentElement()));
path = path.replaceAll("\\/([^/]+)\\[last\\(\\)\\]$", "[not(child::$1)]");
l = (List<Node>)instanceContext.selectNodes(path); clone.setAttributeNode((Attr) attribute.cloneNode(false));
if (LOGGER.isDebugEnabled())
{
LOGGER.debug("[insertPrototypeNodes] path " + path + " evaluated to " + l.size() + " nodes");
} }
prototypesToInsert.put(path, new PrototypeInsertionData((Node)p.getNode(),
l,
true));
} }
else else
{ {
// this could be a repeat at the root of the document String namespace = attribute.getNamespaceURI();
path = path.replaceAll("\\[last\\(\\)\\]$", ""); if (!((!isEmpty
l = (List<Node>)instanceContext.selectNodes(path); && (namespace.equals(NamespaceConstants.XMLSCHEMA_INSTANCE_NS) && localName.equals("nil")) || (namespace
if (LOGGER.isDebugEnabled()) .equals(NamespaceService.ALFRESCO_URI) && localName.equals("prototype")))))
{ {
LOGGER.debug("[insertPrototypeNodes] path " + path + " evaluated to " + l.size() + " nodes"); if (oldEl.hasAttributeNS(namespace, localName))
}
if (l.size() == 0)
{ {
l.add(instanceDocumentElement); clone.setAttributeNodeNS((Attr) newInstanceDocument.importNode(oldEl.getAttributeNodeNS(
prototypesToInsert.put(path, new PrototypeInsertionData((Node)p.getNode(), namespace, localName), false));
l,
true));
}
}
}
// apply prototype nodes to all discovered insertion points
if (LOGGER.isDebugEnabled())
{
LOGGER.debug("[insertPrototypeNodes] instance dcoument before mutation =\n" +
XMLUtil.toString(instanceDocumentElement, true));
}
for (Map.Entry<String, PrototypeInsertionData> me : prototypesToInsert.entrySet())
{
final PrototypeInsertionData data = me.getValue();
if (LOGGER.isDebugEnabled())
{
LOGGER.debug("[insertPrototypeNodes] adding prototype for " + data.prototype.getNodeName() +
" from path " + me.getKey() +
" to " + data.nodes.size() + " nodes");
}
for (final Node n : data.nodes)
{
if (data.append)
{
if (LOGGER.isDebugEnabled())
{
LOGGER.debug("[insertPrototypeNodes] appending " + data.prototype.getNodeName() +
" to " + XMLUtil.buildXPath(n, instanceDocumentElement));
}
n.appendChild(data.prototype.cloneNode(true));
}
else if (n.getNextSibling() != null)
{
if (LOGGER.isDebugEnabled())
{
LOGGER.debug("[insertPrototypeNodes] inserting " + data.prototype.getNodeName() +
" into " + XMLUtil.buildXPath(n.getParentNode(),
instanceDocumentElement) +
" before " + XMLUtil.buildXPath(n.getNextSibling(),
instanceDocumentElement));
}
n.getParentNode().insertBefore(data.prototype.cloneNode(true),
n.getNextSibling());
} }
else else
{
LOGGER.debug("[rebuildInstance] copying in missing attribute " + attribute.getNodeName()
+ " to " + XMLUtil.buildXPath(clone, newInstanceDocument.getDocumentElement()));
clone.setAttributeNodeNS((Attr) attribute.cloneNode(false));
}
}
}
}
// recurse on children
rebuildInstance(proto, oldEl, clone, schemaNamespaces);
}
}
// Now add in a new copy of the prototype
if (isPrototype)
{ {
if (LOGGER.isDebugEnabled()) if (LOGGER.isDebugEnabled())
{ {
LOGGER.debug("[insertPrototypeNodes] appending " + data.prototype.getNodeName() + LOGGER.debug("[rebuildInstance] appending "
" to " + XMLUtil.buildXPath(n.getParentNode(), + proto.getNodeName()
instanceDocumentElement)); + " to "
+ XMLUtil.buildXPath(newInstanceNode, newInstanceDocument
.getDocumentElement()));
} }
n.getParentNode().appendChild(data.prototype.cloneNode(true)); newInstanceNode.appendChild(proto.cloneNode(true));
}
}
if (LOGGER.isDebugEnabled())
{
LOGGER.debug("[insertPrototypeNodes] instance dcoument after mutation =\n" +
XMLUtil.toString(instanceDocumentElement, true));
} }
} }
} }
@@ -2349,19 +2150,19 @@ public class Schema2XForms implements Serializable
xformsDocument.appendChild(envelopeElement); xformsDocument.appendChild(envelopeElement);
//set namespace attribute //set namespace attribute
this.addNamespace(envelopeElement, addNamespace(envelopeElement,
NamespaceConstants.XHTML_PREFIX, NamespaceConstants.XHTML_PREFIX,
NamespaceConstants.XHTML_NS); NamespaceConstants.XHTML_NS);
this.addNamespace(envelopeElement, addNamespace(envelopeElement,
NamespaceConstants.XFORMS_PREFIX, NamespaceConstants.XFORMS_PREFIX,
NamespaceConstants.XFORMS_NS); NamespaceConstants.XFORMS_NS);
this.addNamespace(envelopeElement, addNamespace(envelopeElement,
NamespaceConstants.XMLEVENTS_PREFIX, NamespaceConstants.XMLEVENTS_PREFIX,
NamespaceConstants.XMLEVENTS_NS); NamespaceConstants.XMLEVENTS_NS);
this.addNamespace(envelopeElement, addNamespace(envelopeElement,
NamespaceConstants.XMLSCHEMA_INSTANCE_PREFIX, NamespaceConstants.XMLSCHEMA_INSTANCE_PREFIX,
NamespaceConstants.XMLSCHEMA_INSTANCE_NS); NamespaceConstants.XMLSCHEMA_INSTANCE_NS);
this.addNamespace(envelopeElement, addNamespace(envelopeElement,
NamespaceService.ALFRESCO_PREFIX, NamespaceService.ALFRESCO_PREFIX,
NamespaceService.ALFRESCO_URI); NamespaceService.ALFRESCO_URI);
@@ -3164,9 +2965,7 @@ public class Schema2XForms implements Serializable
return elementName; return elementName;
} }
private String addNamespace(final Element e, private static String addNamespace(final Element e, String nsPrefix, final String ns)
String nsPrefix,
final String ns)
{ {
String prefix; String prefix;
if ((prefix = NamespaceResolver.getPrefix(e, ns)) != null) if ((prefix = NamespaceResolver.getPrefix(e, ns)) != null)

2
source/java/org/alfresco/web/sharepoint/auth/BasicAuthenticationHandler.java
View File

@@ -79,7 +79,7 @@ public class BasicAuthenticationHandler extends AbstractAuthenticationHandler
if (mapper.isSiteMember(request, alfrescoContext, username)) if (mapper.isSiteMember(request, alfrescoContext, username))
{ {
user = new User(username, authenticationService.getCurrentTicket(session.getId()), personService.getPerson(username)); user = new User(username, authenticationService.getCurrentTicket(), personService.getPerson(username));
if (session != null) if (session != null)
session.setAttribute(USER_SESSION_ATTRIBUTE, user); session.setAttribute(USER_SESSION_ATTRIBUTE, user);
} }

8
source/java/org/alfresco/web/sharepoint/auth/ntlm/NtlmAuthenticationHandler.java
View File

@@ -153,7 +153,7 @@ public class NtlmAuthenticationHandler extends AbstractAuthenticationHandler imp
{ {
try try
{ {
authenticationService.validate(user.getTicket(), session.getId()); authenticationService.validate(user.getTicket());
needToAuthenticate = false; needToAuthenticate = false;
} }
catch (AuthenticationException e) catch (AuthenticationException e)
@@ -246,7 +246,7 @@ public class NtlmAuthenticationHandler extends AbstractAuthenticationHandler imp
{ {
try try
{ {
authenticationService.validate(user.getTicket(), session.getId()); authenticationService.validate(user.getTicket());
return user; return user;
} }
catch (AuthenticationException ae) catch (AuthenticationException ae)
@@ -437,7 +437,7 @@ public class NtlmAuthenticationHandler extends AbstractAuthenticationHandler imp
// user already exists - revalidate ticket to authenticate the current user thread // user already exists - revalidate ticket to authenticate the current user thread
try try
{ {
authenticationService.validate(user.getTicket(), session.getId()); authenticationService.validate(user.getTicket());
} }
catch (AuthenticationException ex) catch (AuthenticationException ex)
{ {
@@ -517,7 +517,7 @@ public class NtlmAuthenticationHandler extends AbstractAuthenticationHandler imp
String username = AuthenticationUtil.runAs(getUserNameRunAsWork, AuthenticationUtil.SYSTEM_USER_NAME); String username = AuthenticationUtil.runAs(getUserNameRunAsWork, AuthenticationUtil.SYSTEM_USER_NAME);
authenticationComponent.setCurrentUser(userName); authenticationComponent.setCurrentUser(userName);
String currentTicket = authenticationService.getCurrentTicket(session.getId()); String currentTicket = authenticationService.getCurrentTicket();
// Create the user object to be stored in the session // Create the user object to be stored in the session
user = new User(username, currentTicket, personNodeRef); user = new User(username, currentTicket, personNodeRef);

6
source/web/index.jsp
View File

@@ -54,7 +54,7 @@ if (user != null)
tx.begin(); tx.begin();
try try
{ {
authService.validate(user.getTicket(), session.getId()); authService.validate(user.getTicket());
// ensure construction of the FacesContext before attemping a service call // ensure construction of the FacesContext before attemping a service call
FacesContext fc = FacesHelper.getFacesContext(request, response, application); FacesContext fc = FacesHelper.getFacesContext(request, response, application);
@@ -72,7 +72,7 @@ if (user != null)
// expired ticket // expired ticket
AuthenticationService unpAuth = (AuthenticationService)context.getBean("authenticationService"); AuthenticationService unpAuth = (AuthenticationService)context.getBean("authenticationService");
unpAuth.invalidateTicket(unpAuth.getCurrentTicket(session.getId()), session.getId()); unpAuth.invalidateTicket(unpAuth.getCurrentTicket());
unpAuth.clearCurrentSecurityContext(); unpAuth.clearCurrentSecurityContext();
} }
catch (Throwable e) catch (Throwable e)
@@ -89,7 +89,7 @@ else
authService.authenticateAsGuest(); authService.authenticateAsGuest();
PersonService personService = (PersonService)context.getBean("personService"); PersonService personService = (PersonService)context.getBean("personService");
NodeRef guestRef = personService.getPerson(PermissionService.GUEST_AUTHORITY); NodeRef guestRef = personService.getPerson(PermissionService.GUEST_AUTHORITY);
user = new User(authService.getCurrentUserName(), authService.getCurrentTicket(session.getId()), guestRef); user = new User(authService.getCurrentUserName(), authService.getCurrentTicket(), guestRef);
session.setAttribute(AuthenticationHelper.AUTHENTICATION_USER, user); session.setAttribute(AuthenticationHelper.AUTHENTICATION_USER, user);
// ensure construction of the FacesContext before attemping a service call // ensure construction of the FacesContext before attemping a service call