inteligr8/alfresco-community-repo
1
0
Fork 0
mirror of https://github.com/Alfresco/alfresco-community-repo.git synced 2025-07-24 17:32:48 +00:00
Code Issues Packages Projects Releases Wiki Activity

Added checks to the file server configuration bean initialization to check that the configured

Browse Source 
authenticator matches the authentication component NTLM mode.
Updated authenticator base class required for passthru changes.

git-svn-id: https://svn.alfresco.com/repos/alfresco-enterprise/alfresco/HEAD/root@2479 c4b6b30b-aa2e-2d43-bbcb-ca4b014f7261
This commit is contained in:
Gary Spencer
2006-02-23 13:59:50 +00:00
parent f737be201b
commit 6fac2e9b25
3 changed files with 46 additions and 5 deletions
Download Patch File Download Diff File Expand all files Collapse all files

15
source/java/org/alfresco/filesys/server/auth/AlfrescoAuthenticator.java
View File

@@ -47,6 +47,21 @@ public class AlfrescoAuthenticator extends SrvAuthenticator
setEncryptedPasswords(true); setEncryptedPasswords(true);
} }
/**
* Validate that the authentication component supports the required mode
*
* @return boolean
*/
protected boolean validateAuthenticationMode()
{
// Make sure the authentication component supports MD4 hashed passwords or passthru mode
if ( m_authComponent.getNTLMMode() != NTLMMode.MD4_PROVIDER &&
m_authComponent.getNTLMMode() != NTLMMode.PASS_THROUGH)
return false;
return true;
}
/** /**
* Authenticate a user * Authenticate a user
* *

19
source/java/org/alfresco/filesys/server/auth/SrvAuthenticator.java
View File

@@ -228,10 +228,6 @@ public abstract class SrvAuthenticator
if ( m_authComponent == null) if ( m_authComponent == null)
throw new InvalidConfigurationException("Authentication component not available"); throw new InvalidConfigurationException("Authentication component not available");
if ( m_authComponent.getNTLMMode() != NTLMMode.MD4_PROVIDER &&
m_authComponent.getNTLMMode() != NTLMMode.PASS_THROUGH)
throw new InvalidConfigurationException("Required authentication mode not available");
// Get hold of various services // Get hold of various services
m_nodeService = config.getNodeService(); m_nodeService = config.getNodeService();
@@ -242,6 +238,21 @@ public abstract class SrvAuthenticator
// Set the guest user name // Set the guest user name
setGuestUserName( m_authComponent.getGuestUserName()); setGuestUserName( m_authComponent.getGuestUserName());
// Check that the authentication component is the required type for this authenticator
if ( validateAuthenticationMode() == false)
throw new InvalidConfigurationException("Required authentication mode not available");
}
/**
* Validate that the authentication component supports the required mode
*
* @return boolean
*/
protected boolean validateAuthenticationMode()
{
return true;
} }
/** /**

17
source/java/org/alfresco/filesys/server/config/ServerConfiguration.java
View File

@@ -73,6 +73,7 @@ import org.alfresco.filesys.smb.DialectSelector;
import org.alfresco.filesys.smb.ServerType; import org.alfresco.filesys.smb.ServerType;
import org.alfresco.filesys.util.IPAddress; import org.alfresco.filesys.util.IPAddress;
import org.alfresco.repo.security.authentication.AuthenticationComponent; import org.alfresco.repo.security.authentication.AuthenticationComponent;
import org.alfresco.repo.security.authentication.NTLMMode;
import org.alfresco.service.cmr.repository.NodeService; import org.alfresco.service.cmr.repository.NodeService;
import org.alfresco.service.cmr.security.AuthenticationService; import org.alfresco.service.cmr.security.AuthenticationService;
import org.alfresco.service.cmr.security.PersonService; import org.alfresco.service.cmr.security.PersonService;
@@ -516,7 +517,7 @@ public class ServerConfiguration implements ApplicationListener
{ {
// Configuration error // Configuration error
logger.error("CIFS server configuration error, " + ex.getMessage(), ex); logger.error("File server configuration error, " + ex.getMessage(), ex);
// Disable the CIFS server // Disable the CIFS server
@@ -1531,6 +1532,10 @@ public class ServerConfiguration implements ApplicationListener
if (authType == null) if (authType == null)
throw new AlfrescoRuntimeException("Authenticator type not specified"); throw new AlfrescoRuntimeException("Authenticator type not specified");
// Get the authentication component type
NTLMMode ntlmMode = m_authenticationComponent.getNTLMMode();
// Set the authenticator class to use // Set the authenticator class to use
SrvAuthenticator auth = null; SrvAuthenticator auth = null;
@@ -1538,6 +1543,11 @@ public class ServerConfiguration implements ApplicationListener
auth = new LocalAuthenticator(); auth = new LocalAuthenticator();
else if (authType.equalsIgnoreCase("passthru")) else if (authType.equalsIgnoreCase("passthru"))
{ {
// Check if the appropriate authentication component type is configured
if ( ntlmMode != NTLMMode.NONE)
throw new AlfrescoRuntimeException("Wrong authentication setup for passthru authenticator");
// Load the passthru authenticator dynamically // Load the passthru authenticator dynamically
auth = loadAuthenticatorClass("org.alfresco.filesys.server.auth.passthru.PassthruAuthenticator"); auth = loadAuthenticatorClass("org.alfresco.filesys.server.auth.passthru.PassthruAuthenticator");
@@ -1554,6 +1564,11 @@ public class ServerConfiguration implements ApplicationListener
} }
else if (authType.equalsIgnoreCase("alfresco")) else if (authType.equalsIgnoreCase("alfresco"))
{ {
// Standard authenticator requires MD4 or passthru based authentication
if ( ntlmMode == NTLMMode.NONE)
throw new AlfrescoRuntimeException("Wrong authentication setup for alfresco authenticator");
// Load the Alfresco authenticator dynamically // Load the Alfresco authenticator dynamically
auth = loadAuthenticatorClass("org.alfresco.filesys.server.auth.ntlm.AlfrescoAuthenticator"); auth = loadAuthenticatorClass("org.alfresco.filesys.server.auth.ntlm.AlfrescoAuthenticator");