inteligr8/alfresco-community-repo
1
0
Fork 0
mirror of https://github.com/Alfresco/alfresco-community-repo.git synced 2025-08-07 17:49:17 +00:00
Code Issues Packages Projects Releases Wiki Activity

Two new editable properties supported by Synchronization Subsystem

Browse Source 
- synchronization.syncWhenMissingPeopleLogIn
- synchronization.autoCreatePeopleOnLogin
When both are false you can now cause users who your LDAP sync doesn't bring in to be rejected (seems to be a requirement)

git-svn-id: https://svn.alfresco.com/repos/alfresco-enterprise/alfresco/HEAD/root@14814 c4b6b30b-aa2e-2d43-bbcb-ca4b014f7261
This commit is contained in:
Dave Ward
2009-06-19 16:52:17 +00:00
parent d22b8baa6c
commit 68f87e6c05
7 changed files with 140 additions and 80 deletions
Download Patch File Download Diff File Expand all files Collapse all files

49
source/java/org/alfresco/repo/security/authentication/AbstractAuthenticationComponent.java
View File

@@ -44,7 +44,6 @@ import org.alfresco.repo.transaction.RetryingTransactionHelper;
import org.alfresco.repo.transaction.AlfrescoTransactionSupport.TxnReadState;
import org.alfresco.service.cmr.repository.NodeRef;
import org.alfresco.service.cmr.repository.NodeService;
import org.alfresco.service.cmr.security.AuthorityType;
import org.alfresco.service.cmr.security.PersonService;
import org.alfresco.service.transaction.TransactionService;
@@ -63,10 +62,6 @@ public abstract class AbstractAuthenticationComponent implements AuthenticationC
private Set<String> defaultAdministratorUserNames = Collections.emptySet();
private boolean syncWhenMissingPeopleLogIn = true;
private boolean autoCreatePeopleOnLogin = true;
private AuthenticationContext authenticationContext;
private PersonService personService;
@@ -136,21 +131,6 @@ public abstract class AbstractAuthenticationComponent implements AuthenticationC
{
return personService;
}
public boolean isAutoCreatePeopleOnLogin()
{
return autoCreatePeopleOnLogin;
}
public void setAutoCreatePeopleOnLogin(boolean autoCreatePeopleOnLogin)
{
this.autoCreatePeopleOnLogin = autoCreatePeopleOnLogin;
}
public void setSyncWhenMissingPeopleLogIn(boolean syncWhenMissingPeopleLogIn)
{
this.syncWhenMissingPeopleLogIn = syncWhenMissingPeopleLogIn;
}
public void authenticate(String userName, char[] password) throws AuthenticationException
{
@@ -448,30 +428,7 @@ public abstract class AbstractAuthenticationComponent implements AuthenticationC
{
public String doWork() throws Exception
{
boolean personExists = personService.personExists(userName);
// If the person is missing, synchronize or auto-create the missing person if we are allowed
if (!personExists)
{
if ((userName != null) && !userName.equals(AuthenticationUtil.getSystemUserName()))
{
if (syncWhenMissingPeopleLogIn)
{
userRegistrySynchronizer.synchronize(false);
personExists = personService.personExists(userName);
}
if (!personExists && autoCreatePeopleOnLogin && personService.createMissingPeople())
{
AuthorityType authorityType = AuthorityType.getAuthorityType(userName);
if (authorityType == AuthorityType.USER)
{
personService.getPerson(userName);
}
}
}
}
if (personExists)
if (personService.personExists(userName)|| userRegistrySynchronizer.createMissingPerson(userName))
{
NodeRef userNode = personService.getPerson(userName);
if (userNode != null)
@@ -480,8 +437,8 @@ public abstract class AbstractAuthenticationComponent implements AuthenticationC
// checks
return (String) nodeService.getProperty(userNode, ContentModel.PROP_USERNAME);
}
}
return userName;
}
throw new AuthenticationException("Person does not exist in Alfresco");
}
}, getSystemUserName(getUserDomain(userName)));