inteligr8/alfresco-community-repo
1
0
Fork 0
mirror of https://github.com/Alfresco/alfresco-community-repo.git synced 2025-08-07 17:49:17 +00:00
Code Issues Packages Projects Releases Wiki Activity

ALF-679: Corrected regular expression matching logic in DefaultRemoteUserMapper

Browse Source 
git-svn-id: https://svn.alfresco.com/repos/alfresco-enterprise/alfresco/HEAD/root@19986 c4b6b30b-aa2e-2d43-bbcb-ca4b014f7261
This commit is contained in:
Dave Ward
2010-04-26 14:21:12 +00:00
parent 4cae5cd7e7
commit 7612a95c3e
2 changed files with 14 additions and 6 deletions
Download Patch File Download Diff File Expand all files Collapse all files

4
source/java/org/alfresco/web/app/servlet/DefaultRemoteUserMapper.java
View File

@@ -207,6 +207,10 @@ public class DefaultRemoteUserMapper implements RemoteUserMapper, ActivateableBe
{ {
userId = matcher.group(1).trim(); userId = matcher.group(1).trim();
} }
else
{
return null;
}
} }
return userId.length() == 0 ? null : userId; return userId.length() == 0 ? null : userId;
} }

16
source/java/org/alfresco/web/app/servlet/DefaultRemoteUserMapperTest.java
View File

@@ -100,26 +100,30 @@ public class DefaultRemoteUserMapperTest extends AbstractChainedSubsystemTest
// Set the proxy user name // Set the proxy user name
childApplicationContextFactory.stop(); childApplicationContextFactory.stop();
childApplicationContextFactory.setProperty("external.authentication.proxyUserName", "bob"); childApplicationContextFactory.setProperty("external.authentication.proxyUserName", "bob");
// Mock a request with both a user and a header // Mock a request with both a user and a header
HttpServletRequest mockRequest = mock(HttpServletRequest.class); HttpServletRequest mockRequest = mock(HttpServletRequest.class);
when(mockRequest.getRemoteUser()).thenReturn("bob"); when(mockRequest.getRemoteUser()).thenReturn("bob");
when(mockRequest.getHeader("X-Alfresco-Remote-User")).thenReturn("AdMiN"); when(mockRequest.getHeader("X-Alfresco-Remote-User")).thenReturn("AdMiN");
assertEquals("admin", ((RemoteUserMapper) childApplicationContextFactory.getApplicationContext().getBean( assertEquals("admin", ((RemoteUserMapper) childApplicationContextFactory.getApplicationContext().getBean(
"remoteUserMapper")).getRemoteUser(mockRequest)); "remoteUserMapper")).getRemoteUser(mockRequest));
// Now try header pattern matching // Now try header pattern matching
childApplicationContextFactory.stop(); childApplicationContextFactory.stop();
childApplicationContextFactory.setProperty("external.authentication.userIdPattern", "abc-(.*)-999"); childApplicationContextFactory.setProperty("external.authentication.userIdPattern", "abc-(.*)-999");
when(mockRequest.getHeader("X-Alfresco-Remote-User")).thenReturn("abc-AdMiN-999"); when(mockRequest.getHeader("X-Alfresco-Remote-User")).thenReturn("abc-AdMiN-999");
assertEquals("admin", ((RemoteUserMapper) childApplicationContextFactory.getApplicationContext().getBean( assertEquals("admin", ((RemoteUserMapper) childApplicationContextFactory.getApplicationContext().getBean(
"remoteUserMapper")).getRemoteUser(mockRequest)); "remoteUserMapper")).getRemoteUser(mockRequest));
// Try a request with an invalid match
when(mockRequest.getHeader("X-Alfresco-Remote-User")).thenReturn("abc-AdMiN-998");
assertNull(((RemoteUserMapper) childApplicationContextFactory.getApplicationContext().getBean(
"remoteUserMapper")).getRemoteUser(mockRequest));
// Try a request without the remote user // Try a request without the remote user
when(mockRequest.getRemoteUser()).thenReturn(null); when(mockRequest.getRemoteUser()).thenReturn(null);
assertNull(((RemoteUserMapper) childApplicationContextFactory.getApplicationContext().getBean( assertNull(((RemoteUserMapper) childApplicationContextFactory.getApplicationContext().getBean(
"remoteUserMapper")).getRemoteUser(mockRequest)); "remoteUserMapper")).getRemoteUser(mockRequest));
} }
} }