inteligr8/alfresco-community-repo
1
0
Fork 0
mirror of https://github.com/Alfresco/alfresco-community-repo.git synced 2025-08-07 17:49:17 +00:00
Code Issues Packages Projects Releases Wiki Activity

Fix authentication, upload and download to handle generic JSR-168 portals - means we can run against Liferay and other portals besides JBoss

Browse Source 
git-svn-id: https://svn.alfresco.com/repos/alfresco-enterprise/alfresco/HEAD/root@3188 c4b6b30b-aa2e-2d43-bbcb-ca4b014f7261
This commit is contained in:
Kevin Roast
2006-06-22 10:33:58 +00:00
parent 88cf70d910
commit 63e31ad63a
9 changed files with 73 additions and 60 deletions
Download Patch File Download Diff File Expand all files Collapse all files

6
source/java/org/alfresco/web/app/Application.java
View File

@@ -62,7 +62,7 @@ public class Application
public static final String MESSAGE_BUNDLE = "alfresco.messages.webclient";
private static ThreadLocal<Boolean> inPortalServer = new ThreadLocal<Boolean>();
private static boolean inPortalServer = false;
private static StoreRef repoStoreRef;
private static String rootPath;
private static String companyRootId;
@@ -88,7 +88,7 @@ public class Application
*/
public static void setInPortalServer(boolean inPortal)
{
inPortalServer.set(inPortal);
inPortalServer = inPortal;
}
/**
@@ -98,7 +98,7 @@ public class Application
*/
public static boolean inPortalServer()
{
return (inPortalServer.get() != null ? inPortalServer.get() : false);
return inPortalServer;
}
/**

46
source/java/org/alfresco/web/app/ContextListener.java
View File

@@ -16,6 +16,7 @@
*/
package org.alfresco.web.app;
import java.util.Enumeration;
import java.util.List;
import javax.servlet.ServletContext;
@@ -35,7 +36,6 @@ import org.alfresco.service.cmr.search.SearchService;
import org.alfresco.service.cmr.security.AuthenticationService;
import org.alfresco.service.namespace.NamespaceService;
import org.alfresco.service.transaction.TransactionService;
import org.alfresco.web.app.portlet.AlfrescoFacesPortlet;
import org.alfresco.web.app.servlet.AuthenticationHelper;
import org.alfresco.web.bean.repository.Repository;
import org.alfresco.web.bean.repository.User;
@@ -164,7 +164,8 @@ public class ContextListener implements ServletContextListener, HttpSessionListe
*/
public void sessionCreated(HttpSessionEvent event)
{
if (logger.isDebugEnabled()) logger.debug("HTTP session created: " + event.getSession().getId());
if (logger.isDebugEnabled())
logger.debug("HTTP session created: " + event.getSession().getId());
}
/**
@@ -172,27 +173,42 @@ public class ContextListener implements ServletContextListener, HttpSessionListe
*/
public void sessionDestroyed(HttpSessionEvent event)
{
if (logger.isDebugEnabled()) logger.debug("HTTP session destroyed: " + event.getSession().getId());
String userKey;
if (logger.isDebugEnabled())
logger.debug("HTTP session destroyed: " + event.getSession().getId());
String userKey = null;
if (Application.inPortalServer() == false)
{
userKey = AuthenticationHelper.AUTHENTICATION_USER;
}
else
{
userKey = AlfrescoFacesPortlet.MANAGED_BEAN_PREFIX + AuthenticationHelper.AUTHENTICATION_USER;
// search for the user object in the portlet wrapped session keys
// each vendor uses a different naming scheme so we search by hand
String userKeyPostfix = "?" + AuthenticationHelper.AUTHENTICATION_USER;
Enumeration enumNames = event.getSession().getAttributeNames();
while (enumNames.hasMoreElements())
{
String name = (String)enumNames.nextElement();
if (name.endsWith(userKeyPostfix))
{
userKey = name;
break;
}
}
}
User user = (User)event.getSession().getAttribute(userKey);
if (user != null)
if (userKey != null)
{
// invalidate ticket and clear the Security context for this thread
WebApplicationContext ctx = WebApplicationContextUtils.getRequiredWebApplicationContext(servletContext);
AuthenticationService authService = (AuthenticationService)ctx.getBean("authenticationService");
authService.invalidateTicket(user.getTicket());
authService.clearCurrentSecurityContext();
event.getSession().removeAttribute(userKey);
User user = (User)event.getSession().getAttribute(userKey);
if (user != null)
{
// invalidate ticket and clear the Security context for this thread
WebApplicationContext ctx = WebApplicationContextUtils.getRequiredWebApplicationContext(servletContext);
AuthenticationService authService = (AuthenticationService)ctx.getBean("authenticationService");
authService.invalidateTicket(user.getTicket());
authService.clearCurrentSecurityContext();
event.getSession().removeAttribute(userKey);
}
}
}
}

6
source/java/org/alfresco/web/app/portlet/AlfrescoFacesPortlet.java
View File

@@ -63,8 +63,6 @@ import org.springframework.web.context.WebApplicationContext;
public class AlfrescoFacesPortlet extends MyFacesGenericPortlet
{
private static final String PREF_ALF_USERNAME = "_alfUserName";
public static final String INSTANCE_NAME = "AlfrescoClientInstance";
public static final String MANAGED_BEAN_PREFIX = "javax.portlet.p." + INSTANCE_NAME + "?";
private static final String ERROR_PAGE_PARAM = "error-page";
private static final String ERROR_OCCURRED = "error-occurred";
@@ -165,11 +163,9 @@ public class AlfrescoFacesPortlet extends MyFacesGenericPortlet
LoginBean loginBean = (LoginBean)request.getPortletSession().getAttribute(AuthenticationHelper.LOGIN_BEAN);
if (loginBean != null)
{
//
// TODO: Need to login to JBoss Portal to get a user here to store prefs against
// TODO: Need to login to the Portal to get a user here to store prefs against
// so not really a suitable solution as they get thrown away at present!
// Also would need to store prefs PER user - so auto login for each...?
//
String oldValue = request.getPreferences().getValue(PREF_ALF_USERNAME, null);
if (oldValue == null || oldValue.equals(loginBean.getUsernameInternal()) == false)
{

32
source/java/org/alfresco/web/app/servlet/AuthenticationHelper.java
View File

@@ -17,6 +17,7 @@
package org.alfresco.web.app.servlet;
import java.io.IOException;
import java.util.Enumeration;
import javax.portlet.PortletSession;
import javax.servlet.ServletContext;
@@ -39,7 +40,6 @@ import org.alfresco.service.cmr.security.AuthenticationService;
import org.alfresco.service.cmr.security.PermissionService;
import org.alfresco.service.cmr.security.PersonService;
import org.alfresco.web.app.Application;
import org.alfresco.web.app.portlet.AlfrescoFacesPortlet;
import org.alfresco.web.bean.LoginBean;
import org.alfresco.web.bean.repository.User;
import org.apache.commons.logging.Log;
@@ -78,6 +78,9 @@ public final class AuthenticationHelper
/** cookie names */
private static final String COOKIE_ALFUSER = "alfUser";
/** portal mode key name */
private static ThreadLocal<String> portalUserKeyName = new ThreadLocal<String>();
private static Log logger = LogFactory.getLog(AuthenticationHelper.class);
@@ -98,7 +101,7 @@ public final class AuthenticationHelper
HttpSession session = httpRequest.getSession();
// examine the appropriate session for our User object
User user;
User user = null;
LoginBean loginBean = null;
if (Application.inPortalServer() == false)
{
@@ -107,9 +110,28 @@ public final class AuthenticationHelper
}
else
{
// TODO: this prefix is not consistent between JSR-168 vendors!
// we need a solution for each vendor?
user = (User)session.getAttribute(AlfrescoFacesPortlet.MANAGED_BEAN_PREFIX + AUTHENTICATION_USER);
// naff solution as we need to enumerate all session keys until we find the one that
// should match our User objects - this is weak but we don't know how the underlying
// Portal vendor has decided to encode the objects in the session
if (portalUserKeyName.get() == null)
{
String userKeyPostfix = "?" + AUTHENTICATION_USER;
Enumeration enumNames = session.getAttributeNames();
while (enumNames.hasMoreElements())
{
String name = (String)enumNames.nextElement();
if (name.endsWith(userKeyPostfix))
{
// cache the key value once found!
portalUserKeyName.set(name);
break;
}
}
}
if (portalUserKeyName.get() != null)
{
user = (User)session.getAttribute(portalUserKeyName.get());
}
}
// setup the authentication context