inteligr8/alfresco-community-repo
1
0
Fork 0
mirror of https://github.com/Alfresco/alfresco-community-repo.git synced 2025-08-21 18:09:20 +00:00
Code Issues Packages Projects Releases Wiki Activity

Merged V4.1-BUG-FIX (4.1.7) to V4.2-BUG-FIX (4.2.1)

Browse Source 
57305: Fix for MNT-9779


git-svn-id: https://svn.alfresco.com/repos/alfresco-enterprise/alfresco/BRANCHES/DEV/V4.2-BUG-FIX/root@57359 c4b6b30b-aa2e-2d43-bbcb-ca4b014f7261
This commit is contained in:
Alan Davis
2013-10-30 11:12:00 +00:00
parent 8a4df11d3a
commit 7ac24bfec4
2 changed files with 87 additions and 49 deletions
Download Patch File Download Diff File Expand all files Collapse all files

11
source/java/org/alfresco/repo/webdav/auth/BaseKerberosAuthenticationFilter.java
View File

@@ -279,6 +279,10 @@ public abstract class BaseKerberosAuthenticationFilter extends BaseSSOAuthentica
// Check if the user is already authenticated
SessionUser user = getSessionUser(context, req, resp, true);
HttpSession httpSess = req.getSession(true);
if (user == null)
{
user = (SessionUser) httpSess.getAttribute("_alfAuthTicket");
}
// If the user has been validated and we do not require re-authentication then continue to
// the next filter
@@ -298,7 +302,7 @@ public abstract class BaseKerberosAuthenticationFilter extends BaseSSOAuthentica
}
// Check if the login page is being accessed, do not intercept the login page
if (hasLoginPage() && req.getRequestURI().endsWith(getLoginPage()))
if (checkLoginPage(req, resp))
{
if (getLogger().isDebugEnabled())
getLogger().debug("Login page requested, chaining ...");
@@ -461,6 +465,11 @@ public abstract class BaseKerberosAuthenticationFilter extends BaseSSOAuthentica
return false;
}
protected boolean checkLoginPage(HttpServletRequest req, HttpServletResponse resp)
{
return (hasLoginPage() && req.getRequestURI().endsWith(getLoginPage()));
}
/**
* JAAS callback handler
*

125
source/java/org/alfresco/repo/webdav/auth/KerberosAuthenticationFilter.java
View File

@@ -1,5 +1,5 @@
/*
* Copyright (C) 2005-2013 Alfresco Software Limited.
/*
* Copyright (C) 2005-2013 Alfresco Software Limited.
*
* This file is part of Alfresco
*
@@ -14,49 +14,78 @@
* GNU Lesser General Public License for more details.
*
* You should have received a copy of the GNU Lesser General Public License
* along with Alfresco. If not, see <http://www.gnu.org/licenses/>.
*/
package org.alfresco.repo.webdav.auth;
import java.io.IOException;
import javax.servlet.ServletContext;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import javax.servlet.http.HttpSession;
import org.alfresco.repo.web.auth.WebCredentials;
import org.apache.commons.logging.Log;
import org.apache.commons.logging.LogFactory;
/**
* WebDAV Kerberos Authentication Filter Class
*
* @author GKSpencer
*/
public class KerberosAuthenticationFilter extends BaseKerberosAuthenticationFilter
{
// Debug logging
private static Log logger = LogFactory.getLog(KerberosAuthenticationFilter.class);
/* (non-Javadoc)
* @see org.alfresco.repo.webdav.auth.BaseSSOAuthenticationFilter#onValidateFailed(javax.servlet.ServletContext, javax.servlet.http.HttpServletRequest, javax.servlet.http.HttpServletResponse, javax.servlet.http.HttpSession)
*/
@Override
protected void onValidateFailed(ServletContext sc, HttpServletRequest req, HttpServletResponse res, HttpSession session, WebCredentials credentials)
throws IOException
{
super.onValidateFailed(sc, req, res, session, credentials);
// Restart the login challenge process if validation fails
restartLoginChallenge(sc, req, res);
}
/* (non-Javadoc)
* @see org.alfresco.repo.webdav.auth.BaseSSOAuthenticationFilter#getLogger()
*/
@Override
protected Log getLogger() {
return logger;
}
}
* along with Alfresco. If not, see <http://www.gnu.org/licenses/>.
*/
package org.alfresco.repo.webdav.auth;
import java.io.IOException;
import java.io.PrintWriter;
import javax.servlet.ServletContext;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import javax.servlet.http.HttpSession;
import org.alfresco.repo.web.auth.WebCredentials;
import org.apache.commons.logging.Log;
import org.apache.commons.logging.LogFactory;
/**
* WebDAV Kerberos Authentication Filter Class
*
* @author GKSpencer
*/
public class KerberosAuthenticationFilter extends BaseKerberosAuthenticationFilter
{
// Debug logging
private static Log logger = LogFactory.getLog(KerberosAuthenticationFilter.class);
/* (non-Javadoc)
* @see org.alfresco.repo.webdav.auth.BaseSSOAuthenticationFilter#onValidateFailed(javax.servlet.ServletContext, javax.servlet.http.HttpServletRequest, javax.servlet.http.HttpServletResponse, javax.servlet.http.HttpSession)
*/
@Override
protected void onValidateFailed(ServletContext sc, HttpServletRequest req, HttpServletResponse res, HttpSession session, WebCredentials credentials)
throws IOException
{
super.onValidateFailed(sc, req, res, session, credentials);
// Restart the login challenge process if validation fails
restartLoginChallenge(sc, req, res);
}
/* (non-Javadoc)
*
* @see org.alfresco.repo.webdav.auth.BaseSSOAuthenticationFilter#getLogger()
*/
@Override
protected Log getLogger()
{
return logger;
}
@Override
protected boolean checkLoginPage(HttpServletRequest req, HttpServletResponse resp)
{
return (req.getRequestURI().endsWith("/jsp/login.jsp"));
}
/**
* Writes link to login page and refresh tag which cause user
* to be redirected to the login page.
*
* @param context ServletContext
* @param resp HttpServletResponse
* @param httpSess HttpSession
* @throws IOException
*/
protected void writeLoginPageLink(ServletContext context, HttpServletRequest req, HttpServletResponse resp) throws IOException
{
resp.setContentType(MIME_HTML_TEXT);
final PrintWriter out = resp.getWriter();
out.println("<html><head>");
out.println("<meta http-equiv=\"Refresh\" content=\"0; url=" + req.getContextPath() + "/faces/jsp/login.jsp?_alfRedirect=%2Falfresco%2Fwebdav\">");
out.println("</head><body><p>Please <a href=\"" + req.getContextPath() + "/faces/jsp/login.jsp?_alfRedirect=%2Falfresco%2Fwebdav\">log in</a>.</p>");
out.println("</body></html>");
out.close();
}
}