From 7832a14c40475a86f5979c04d27255f65903421c Mon Sep 17 00:00:00 2001 From: Andrew Hind Date: Mon, 23 Jan 2006 15:32:50 +0000 Subject: [PATCH] Fixes for "AuthenticationService" to allow log in as guset. Fixdes for guset in all group in the open world git-svn-id: https://svn.alfresco.com/repos/alfresco-enterprise/alfresco/HEAD/root@2174 c4b6b30b-aa2e-2d43-bbcb-ca4b014f7261 --- .../public-services-security-context.xml | 1 - .../authentication/AuthenticationTest.java | 52 +++++++++++++++++++ .../authority/SimpleAuthorityServiceImpl.java | 7 ++- 3 files changed, 57 insertions(+), 3 deletions(-) diff --git a/config/alfresco/public-services-security-context.xml b/config/alfresco/public-services-security-context.xml index 093719a4d3..70628de797 100644 --- a/config/alfresco/public-services-security-context.xml +++ b/config/alfresco/public-services-security-context.xml @@ -603,7 +603,6 @@ org.alfresco.service.cmr.security.AuthenticationService.deleteAuthentication=ACL_METHOD.ROLE_ADMINISTRATOR org.alfresco.service.cmr.security.AuthenticationService.setAuthenticationEnabled=ACL_METHOD.ROLE_ADMINISTRATOR org.alfresco.service.cmr.security.AuthenticationService.getAuthenticationEnabled=ACL_METHOD.ROLE_ADMINISTRATOR - org.alfresco.service.cmr.security.AuthenticationService.authenticateAsGuest=ACL_ALLOW org.alfresco.service.cmr.security.AuthenticationService.getCurrentUserName=ACL_ALLOW org.alfresco.service.cmr.security.AuthenticationService.invalidateUserSession=ACL_METHOD.ROLE_ADMINISTRATOR org.alfresco.service.cmr.security.AuthenticationService.invalidateTicket=ACL_ALLOW diff --git a/source/java/org/alfresco/repo/security/authentication/AuthenticationTest.java b/source/java/org/alfresco/repo/security/authentication/AuthenticationTest.java index 8d3b84be87..215ab1b827 100644 --- a/source/java/org/alfresco/repo/security/authentication/AuthenticationTest.java +++ b/source/java/org/alfresco/repo/security/authentication/AuthenticationTest.java @@ -145,6 +145,7 @@ public class AuthenticationTest extends TestCase assertNotNull(personAndyNodeRef); deleteAndy(); + authenticationComponent.clearCurrentSecurityContext(); } @@ -178,6 +179,36 @@ public class AuthenticationTest extends TestCase return properties; } + + public void xtestScalability() + { + long create = 0; + long count = 0; + + long start; + long end; + authenticationComponent.authenticate("admin", "admin".toCharArray()); + for(int i = 0; i < 10000; i++) + { + String id = "TestUser-"+i; + start = System.nanoTime(); + authenticationService.createAuthentication(id, id.toCharArray()); + end = System.nanoTime(); + create += (end - start); + + if((i > 0) && (i % 100 == 0)) + { + System.out.println("Count = "+i); + System.out.println("Average create : "+(create/i/1000000.0f)); + start = System.nanoTime(); + dao.userExists(id); + end = System.nanoTime(); + System.out.println("Exists : "+((end-start)/1000000.0f)); + } + } + authenticationComponent.clearCurrentSecurityContext(); + } + public void testCreateAndyUserAndOtherCRUD() throws NoSuchAlgorithmException, UnsupportedEncodingException { RepositoryAuthenticationDao dao = new RepositoryAuthenticationDao(); @@ -907,6 +938,8 @@ public class AuthenticationTest extends TestCase } } + + public void testPubAuthenticationService3() { @@ -941,6 +974,7 @@ public class AuthenticationTest extends TestCase // change the password pubAuthenticationService.setAuthentication("Andy", "auth3".toCharArray()); authenticationComponent.clearCurrentSecurityContext(); + assertNull(authenticationComponent.getCurrentAuthentication()); // authenticate again to assert password changed pubAuthenticationService.authenticate("Andy", "auth3".toCharArray()); @@ -949,6 +983,9 @@ public class AuthenticationTest extends TestCase // get the ticket that represents the current user authentication // instance String ticket = pubAuthenticationService.getCurrentTicket(); + authenticationComponent.clearCurrentSecurityContext(); + assertNull(authenticationComponent.getCurrentAuthentication()); + // validate our ticket is still valid pubAuthenticationService.validate(ticket); @@ -967,11 +1004,26 @@ public class AuthenticationTest extends TestCase public void testPubAuthenticationService() { + //pubAuthenticationService.authenticateAsGuest(); + //authenticationComponent.clearCurrentSecurityContext(); + + assertNull(authenticationComponent.getCurrentAuthentication()); authenticationComponent.setSystemUserAsCurrentUser(); pubAuthenticationService.createAuthentication("GUEST", "".toCharArray()); authenticationComponent.clearCurrentSecurityContext(); + assertNull(authenticationComponent.getCurrentAuthentication()); pubAuthenticationService.authenticate("GUEST", "".toCharArray()); + pubAuthenticationService.authenticate("GUEST", "".toCharArray()); + authenticationComponent.clearCurrentSecurityContext(); + assertNull(authenticationComponent.getCurrentAuthentication()); + + + + pubAuthenticationService.authenticateAsGuest(); + authenticationComponent.clearCurrentSecurityContext(); + assertNull(authenticationComponent.getCurrentAuthentication()); + // create an authentication object e.g. the user diff --git a/source/java/org/alfresco/repo/security/authority/SimpleAuthorityServiceImpl.java b/source/java/org/alfresco/repo/security/authority/SimpleAuthorityServiceImpl.java index e38be6d639..1d81bb40ee 100644 --- a/source/java/org/alfresco/repo/security/authority/SimpleAuthorityServiceImpl.java +++ b/source/java/org/alfresco/repo/security/authority/SimpleAuthorityServiceImpl.java @@ -87,7 +87,7 @@ public class SimpleAuthorityServiceImpl implements AuthorityService { this.adminUsers = adminUsers; } - + public Set getAuthorities() { Set authorities = new HashSet(); @@ -96,7 +96,10 @@ public class SimpleAuthorityServiceImpl implements AuthorityService { authorities.addAll(adminSet); } - authorities.addAll(allSet); + if(AuthorityType.getAuthorityType(currentUserName) != AuthorityType.GUEST) + { + authorities.addAll(allSet); + } return authorities; }