inteligr8/alfresco-community-repo
1
0
Fork 0
mirror of https://github.com/Alfresco/alfresco-community-repo.git synced 2025-07-24 17:32:48 +00:00
Code Issues Packages Projects Releases Wiki Activity

Fix transaction use after changes to the authentication component.

Browse Source 
git-svn-id: https://svn.alfresco.com/repos/alfresco-enterprise/alfresco/HEAD/root@4739 c4b6b30b-aa2e-2d43-bbcb-ca4b014f7261
This commit is contained in:
Gary Spencer
2007-01-05 14:56:53 +00:00
parent 2857106808
commit 597c7bcb8b
3 changed files with 56 additions and 50 deletions
Download Patch File Download Diff File Expand all files Collapse all files

8
source/java/org/alfresco/filesys/server/auth/AlfrescoAuthenticator.java
View File

@@ -250,6 +250,10 @@ public class AlfrescoAuthenticator extends CifsAuthenticator
*/ */
private final int doMD4UserAuthentication(ClientInfo client, SrvSession sess, int alg) private final int doMD4UserAuthentication(ClientInfo client, SrvSession sess, int alg)
{ {
// Start a transaction
sess.beginReadTransaction( m_transactionService);
// Get the stored MD4 hashed password for the user, or null if the user does not exist // Get the stored MD4 hashed password for the user, or null if the user does not exist
String md4hash = m_authComponent.getMD4HashedPassword(client.getUserName()); String md4hash = m_authComponent.getMD4HashedPassword(client.getUserName());
@@ -352,6 +356,10 @@ public class AlfrescoAuthenticator extends CifsAuthenticator
*/ */
private final int doPassthruUserAuthentication(ClientInfo client, SrvSession sess, int alg) private final int doPassthruUserAuthentication(ClientInfo client, SrvSession sess, int alg)
{ {
// Start a transaction
sess.beginReadTransaction( m_transactionService);
// Get the authentication token for the session // Get the authentication token for the session
NTLMPassthruToken authToken = (NTLMPassthruToken) sess.getAuthenticationToken(); NTLMPassthruToken authToken = (NTLMPassthruToken) sess.getAuthenticationToken();

22
source/java/org/alfresco/filesys/server/auth/EnterpriseCifsAuthenticator.java
View File

@@ -1161,6 +1161,10 @@ public class EnterpriseCifsAuthenticator extends CifsAuthenticator implements Ca
negTokenTarg = new NegTokenTarg( SPNEGO.AcceptCompleted, OID.KERBEROS5, krbDetails.getResponseToken()); negTokenTarg = new NegTokenTarg( SPNEGO.AcceptCompleted, OID.KERBEROS5, krbDetails.getResponseToken());
// Start a transaction
sess.beginReadTransaction( m_transactionService);
// Setup the Acegi authenticated user // Setup the Acegi authenticated user
m_authComponent.setCurrentUser( mapUserNameToPerson(krbDetails.getUserName())); m_authComponent.setCurrentUser( mapUserNameToPerson(krbDetails.getUserName()));
@@ -1350,6 +1354,10 @@ public class EnterpriseCifsAuthenticator extends CifsAuthenticator implements Ca
throw new SMBSrvException( SMBStatus.NTLogonFailure, SMBStatus.DOSAccessDenied, SMBStatus.ErrDos); throw new SMBSrvException( SMBStatus.NTLogonFailure, SMBStatus.DOSAccessDenied, SMBStatus.ErrDos);
} }
// Start a transaction
sess.beginReadTransaction( m_transactionService);
// Check if we are using local MD4 password hashes or passthru authentication // Check if we are using local MD4 password hashes or passthru authentication
if ( m_authComponent.getNTLMMode() == NTLMMode.MD4_PROVIDER) if ( m_authComponent.getNTLMMode() == NTLMMode.MD4_PROVIDER)
@@ -1474,7 +1482,11 @@ public class EnterpriseCifsAuthenticator extends CifsAuthenticator implements Ca
Type2NTLMMessage type2Msg = (Type2NTLMMessage) sess.getSetupObject( client.getProcessId()); Type2NTLMMessage type2Msg = (Type2NTLMMessage) sess.getSetupObject( client.getProcessId());
sess.removeSetupObject( client.getProcessId()); sess.removeSetupObject( client.getProcessId());
// Check if we are using local MD4 password hashes or passthru authentication // Start a transaction
sess.beginReadTransaction( m_transactionService);
// Check if we are using local MD4 password hashes or passthru authentication
if ( m_authComponent.getNTLMMode() == NTLMMode.MD4_PROVIDER) if ( m_authComponent.getNTLMMode() == NTLMMode.MD4_PROVIDER)
{ {
@@ -1591,6 +1603,10 @@ public class EnterpriseCifsAuthenticator extends CifsAuthenticator implements Ca
private final void doNTLMv2Logon(SMBSrvSession sess, ClientInfo client) private final void doNTLMv2Logon(SMBSrvSession sess, ClientInfo client)
throws SMBSrvException throws SMBSrvException
{ {
// Start a transaction
sess.beginReadTransaction( m_transactionService);
// Check if we are using local MD4 password hashes or passthru authentication // Check if we are using local MD4 password hashes or passthru authentication
if ( m_authComponent.getNTLMMode() == NTLMMode.MD4_PROVIDER) if ( m_authComponent.getNTLMMode() == NTLMMode.MD4_PROVIDER)
@@ -1718,6 +1734,10 @@ public class EnterpriseCifsAuthenticator extends CifsAuthenticator implements Ca
Type2NTLMMessage type2Msg = (Type2NTLMMessage) sess.getSetupObject( client.getProcessId()); Type2NTLMMessage type2Msg = (Type2NTLMMessage) sess.getSetupObject( client.getProcessId());
sess.removeSetupObject( client.getProcessId()); sess.removeSetupObject( client.getProcessId());
// Start a transaction
sess.beginReadTransaction( m_transactionService);
// Check if we are using local MD4 password hashes or passthru authentication // Check if we are using local MD4 password hashes or passthru authentication

76
source/java/org/alfresco/filesys/server/auth/passthru/PassthruAuthenticator.java
View File

@@ -119,6 +119,10 @@ public class PassthruAuthenticator extends CifsAuthenticator implements SessionL
return CifsAuthenticator.AUTH_ALLOW; return CifsAuthenticator.AUTH_ALLOW;
} }
// Start a transaction
sess.beginReadTransaction( m_transactionService);
// Check if the client is already authenticated, and it is not a null logon // Check if the client is already authenticated, and it is not a null logon
if ( client.getAuthenticationToken() != null && client.getLogonType() != ClientInfo.LogonNull) if ( client.getAuthenticationToken() != null && client.getLogonType() != ClientInfo.LogonNull)
@@ -207,59 +211,33 @@ public class PassthruAuthenticator extends CifsAuthenticator implements SessionL
} }
else else
{ {
// Wrap the service calls in a transaction // Map the passthru username to an Alfresco person
UserTransaction tx = m_transactionService.getUserTransaction( true);
try
{
// Start the transaction
tx.begin();
// Map the passthru username to an Alfresco person
String username = client.getUserName();
String personName = m_personService.getUserIdentifier( username);
if ( personName != null)
{
// Use the person name as the current user
m_authComponent.setCurrentUser(personName);
// DEBUG
if ( logger.isDebugEnabled())
logger.debug("Setting current user using person " + personName + " (username " + username + ")");
// Allow the user full access to the server String username = client.getUserName();
String personName = m_personService.getUserIdentifier( username);
authSts = CifsAuthenticator.AUTH_ALLOW;
if ( personName != null)
// Debug
if (logger.isDebugEnabled())
logger.debug("Passthru authenticate user=" + client.getUserName() + ", FULL");
}
else if ( logger.isDebugEnabled())
logger.debug("Failed to find person matching user " + username);
}
finally
{ {
// Commit the transaction // Use the person name as the current user
m_authComponent.setCurrentUser(personName);
if ( tx != null) // DEBUG
{
try { if ( logger.isDebugEnabled())
tx.commit(); logger.debug("Setting current user using person " + personName + " (username " + username + ")");
}
catch (Exception ex) // Allow the user full access to the server
{
// Sink it authSts = CifsAuthenticator.AUTH_ALLOW;
}
} // Debug
if (logger.isDebugEnabled())
logger.debug("Passthru authenticate user=" + client.getUserName() + ", FULL");
} }
else if ( logger.isDebugEnabled())
logger.debug("Failed to find person matching user " + username);
} }
} }
catch (Exception ex) catch (Exception ex)