Added checks to the file server configuration bean initialization to check that the configured

authenticator matches the authentication component NTLM mode. Updated authenticator base class required for passthru changes. git-svn-id: https://svn.alfresco.com/repos/alfresco-enterprise/alfresco/HEAD/root@2479 c4b6b30b-aa2e-2d43-bbcb-ca4b014f7261
2025-07-24 17:32:48 +00:00 · 2006-02-23 13:59:50 +00:00
parent f737be201b
commit 6fac2e9b25
3 changed files with 46 additions and 5 deletions
--- a/source/java/org/alfresco/filesys/server/auth/AlfrescoAuthenticator.java
+++ b/source/java/org/alfresco/filesys/server/auth/AlfrescoAuthenticator.java
@@ -47,6 +47,21 @@ public class AlfrescoAuthenticator extends SrvAuthenticator
        setEncryptedPasswords(true);
    }

+    /**
+     * Validate that the authentication component supports the required mode
+     * 
+     * @return boolean
+     */
+    protected boolean validateAuthenticationMode()
+    {
+        // Make sure the authentication component supports MD4 hashed passwords or passthru mode
+        
+        if ( m_authComponent.getNTLMMode() != NTLMMode.MD4_PROVIDER &&
+                m_authComponent.getNTLMMode() != NTLMMode.PASS_THROUGH)
+            return false;
+        return true;
+    }
+    
    /**
     * Authenticate a user
     * 
--- a/source/java/org/alfresco/filesys/server/auth/SrvAuthenticator.java
+++ b/source/java/org/alfresco/filesys/server/auth/SrvAuthenticator.java
@@ -228,10 +228,6 @@ public abstract class SrvAuthenticator
        if ( m_authComponent == null)
            throw new InvalidConfigurationException("Authentication component not available");
        
-        if ( m_authComponent.getNTLMMode() != NTLMMode.MD4_PROVIDER &&
-                m_authComponent.getNTLMMode() != NTLMMode.PASS_THROUGH)
-            throw new InvalidConfigurationException("Required authentication mode not available");
-        
        // Get hold of various services
        
        m_nodeService = config.getNodeService();
@@ -242,8 +238,23 @@ public abstract class SrvAuthenticator
        // Set the guest user name
        
        setGuestUserName( m_authComponent.getGuestUserName());
+        
+        // Check that the authentication component is the required type for this authenticator
+        
+        if ( validateAuthenticationMode() == false)
+            throw new InvalidConfigurationException("Required authentication mode not available");
    }

+    /**
+     * Validate that the authentication component supports the required mode
+     * 
+     * @return boolean
+     */
+    protected boolean validateAuthenticationMode()
+    {
+        return true;
+    }
+    
    /**
     * Encrypt the plain text password with the specified encryption key using the specified
     * encryption algorithm.
--- a/source/java/org/alfresco/filesys/server/config/ServerConfiguration.java
+++ b/source/java/org/alfresco/filesys/server/config/ServerConfiguration.java
@@ -73,6 +73,7 @@ import org.alfresco.filesys.smb.DialectSelector;
 import org.alfresco.filesys.smb.ServerType;
 import org.alfresco.filesys.util.IPAddress;
 import org.alfresco.repo.security.authentication.AuthenticationComponent;
+import org.alfresco.repo.security.authentication.NTLMMode;
 import org.alfresco.service.cmr.repository.NodeService;
 import org.alfresco.service.cmr.security.AuthenticationService;
 import org.alfresco.service.cmr.security.PersonService;
@@ -516,7 +517,7 @@ public class ServerConfiguration implements ApplicationListener
        {
            // Configuration error

-            logger.error("CIFS server configuration error, " + ex.getMessage(), ex);
+            logger.error("File server configuration error, " + ex.getMessage(), ex);

            // Disable the CIFS server

@@ -1531,6 +1532,10 @@ public class ServerConfiguration implements ApplicationListener
            if (authType == null)
                throw new AlfrescoRuntimeException("Authenticator type not specified");

+            // Get the authentication component type
+            
+            NTLMMode ntlmMode = m_authenticationComponent.getNTLMMode();
+            
            // Set the authenticator class to use

            SrvAuthenticator auth = null;
@@ -1538,6 +1543,11 @@ public class ServerConfiguration implements ApplicationListener
                auth = new LocalAuthenticator();
            else if (authType.equalsIgnoreCase("passthru"))
            {
+                // Check if the appropriate authentication component type is configured
+                
+                if ( ntlmMode != NTLMMode.NONE)
+                    throw new AlfrescoRuntimeException("Wrong authentication setup for passthru authenticator");
+                
                // Load the passthru authenticator dynamically
                
                auth = loadAuthenticatorClass("org.alfresco.filesys.server.auth.passthru.PassthruAuthenticator");
@@ -1554,6 +1564,11 @@ public class ServerConfiguration implements ApplicationListener
            }
            else if (authType.equalsIgnoreCase("alfresco"))
            {
+                // Standard authenticator requires MD4 or passthru based authentication
+                
+                if ( ntlmMode == NTLMMode.NONE)
+                    throw new AlfrescoRuntimeException("Wrong authentication setup for alfresco authenticator");
+                
                // Load the Alfresco authenticator dynamically
                
                auth = loadAuthenticatorClass("org.alfresco.filesys.server.auth.ntlm.AlfrescoAuthenticator");