diff --git a/source/java/org/alfresco/repo/tenant/MultiTAdminServiceImpl.java b/source/java/org/alfresco/repo/tenant/MultiTAdminServiceImpl.java index 5004b23f21..68d4ca208d 100755 --- a/source/java/org/alfresco/repo/tenant/MultiTAdminServiceImpl.java +++ b/source/java/org/alfresco/repo/tenant/MultiTAdminServiceImpl.java @@ -241,11 +241,11 @@ public class MultiTAdminServiceImpl extends AbstractLifecycleBean implements Ten // register file store - to allow enable/disable tenant callbacks register(tenantFileContentStore); - UserTransaction userTransaction = transactionService.getUserTransaction(); - authenticationComponent.setSystemUserAsCurrentUser(); - + UserTransaction userTransaction = transactionService.getUserTransaction(); + try { + authenticationComponent.setSystemUserAsCurrentUser(); userTransaction.begin(); // bootstrap Tenant Service internal cache @@ -268,7 +268,7 @@ public class MultiTAdminServiceImpl extends AbstractLifecycleBean implements Ten disableTenant(tenant.getTenantDomain(), false); disabledCount++; } - } + } tenantService.register(this); // callback to refresh tenantStatus cache @@ -284,9 +284,12 @@ public class MultiTAdminServiceImpl extends AbstractLifecycleBean implements Ten { // rollback the transaction try { if (userTransaction != null) {userTransaction.rollback();} } catch (Exception ex) {} - try {authenticationComponent.clearCurrentSecurityContext(); } catch (Exception ex) {} throw new AlfrescoRuntimeException("Failed to bootstrap tenants", e); } + finally + { + authenticationComponent.clearCurrentSecurityContext(); + } } @Override @@ -907,50 +910,44 @@ public class MultiTAdminServiceImpl extends AbstractLifecycleBean implements Ten { // rollback the transaction try { if (userTransaction != null) {userTransaction.rollback();} } catch (Exception ex) {} - try {authenticationComponent.clearCurrentSecurityContext(); } catch (Exception ex) {} throw new AlfrescoRuntimeException("Failed to get tenants", e); } - - String currentUser = AuthenticationUtil.getCurrentUserName(); - - try + finally { - for (Tenant tenant : tenants) - { - if (tenant.isEnabled()) + authenticationComponent.clearCurrentSecurityContext(); + } + + for (Tenant tenant : tenants) + { + if (tenant.isEnabled()) + { + try { - try - { - // switch to admin in order to deploy within context of tenant domain - // assumes each tenant has default "admin" user - AuthenticationUtil.runAs(new RunAsWork() - { - public Object doWork() - { - // init the service within tenant context - deployer.init(); - return null; - } - }, getSystemUser(tenant.getTenantDomain())); - - } - catch (Throwable e) + // switch to admin in order to deploy within context of tenant domain + // assumes each tenant has default "admin" user + AuthenticationUtil.runAs(new RunAsWork() { - logger.error("Deployment failed" + e); - - StringWriter stringWriter = new StringWriter(); - e.printStackTrace(new PrintWriter(stringWriter)); - logger.error(stringWriter.toString()); - - // tenant deploy failure should not necessarily affect other tenants - } + public Object doWork() + { + // init the service within tenant context + deployer.init(); + return null; + } + }, getSystemUser(tenant.getTenantDomain())); + + } + catch (Throwable e) + { + logger.error("Deployment failed" + e); + + StringWriter stringWriter = new StringWriter(); + e.printStackTrace(new PrintWriter(stringWriter)); + logger.error(stringWriter.toString()); + + // tenant deploy failure should not necessarily affect other tenants } } } - finally - { - if (currentUser != null) { AuthenticationUtil.setCurrentUser(currentUser); } - } } } diff --git a/source/java/org/alfresco/repo/tenant/MultiTServiceImpl.java b/source/java/org/alfresco/repo/tenant/MultiTServiceImpl.java index b8a3ccb4a5..887acf287b 100755 --- a/source/java/org/alfresco/repo/tenant/MultiTServiceImpl.java +++ b/source/java/org/alfresco/repo/tenant/MultiTServiceImpl.java @@ -536,7 +536,7 @@ public class MultiTServiceImpl implements TenantService protected void checkTenantEnabled(String tenantDomain) { // note: System user can access disabled tenants - if (! getBaseNameUser(AuthenticationUtil.getCurrentUserName()).equals(AuthenticationUtil.getSystemUserName())) + if (! (AuthenticationUtil.getSystemUserName().equals(getBaseNameUser(AuthenticationUtil.getCurrentUserName())))) { if (getTenant(tenantDomain).isEnabled() == false) {