diff --git a/source/java/org/alfresco/web/app/servlet/AuthenticationFilter.java b/source/java/org/alfresco/web/app/servlet/AuthenticationFilter.java index 84e57263fe..577c4f3e53 100644 --- a/source/java/org/alfresco/web/app/servlet/AuthenticationFilter.java +++ b/source/java/org/alfresco/web/app/servlet/AuthenticationFilter.java @@ -65,7 +65,7 @@ public class AuthenticationFilter implements Filter if (httpReq.getRequestURI().endsWith(getLoginPage()) == false) { AuthenticationStatus status = - AuthenticationHelper.authenticate(this.context, httpReq, (HttpServletResponse)res); + AuthenticationHelper.authenticate(this.context, httpReq, (HttpServletResponse)res, false); if (status == AuthenticationStatus.Success || status == AuthenticationStatus.Guest) { diff --git a/source/java/org/alfresco/web/app/servlet/AuthenticationHelper.java b/source/java/org/alfresco/web/app/servlet/AuthenticationHelper.java index e7871158e3..5ae7eb3bee 100644 --- a/source/java/org/alfresco/web/app/servlet/AuthenticationHelper.java +++ b/source/java/org/alfresco/web/app/servlet/AuthenticationHelper.java @@ -29,13 +29,13 @@ import org.alfresco.error.AlfrescoRuntimeException; import org.alfresco.i18n.I18NUtil; import org.alfresco.model.ContentModel; import org.alfresco.repo.security.authentication.AuthenticationException; +import org.alfresco.service.ServiceRegistry; import org.alfresco.service.cmr.repository.InvalidNodeRefException; import org.alfresco.service.cmr.repository.NodeRef; import org.alfresco.service.cmr.repository.NodeService; import org.alfresco.service.cmr.security.AuthenticationService; import org.alfresco.service.cmr.security.PermissionService; import org.alfresco.service.cmr.security.PersonService; -import org.alfresco.service.transaction.TransactionService; import org.alfresco.web.app.Application; import org.alfresco.web.app.portlet.AlfrescoFacesPortlet; import org.alfresco.web.bean.LoginBean; @@ -55,7 +55,6 @@ public final class AuthenticationHelper public static final String SESSION_INVALIDATED = "_alfSessionInvalid"; public static final String LOGIN_BEAN = "LoginBean"; - private static final String AUTHENTICATION_SERVICE = "authenticationService"; private static final String COOKIE_ALFUSER = "alfUser"; /** @@ -67,7 +66,7 @@ public final class AuthenticationHelper * @return AuthenticationStatus result. */ public static AuthenticationStatus authenticate( - ServletContext context, HttpServletRequest httpRequest, HttpServletResponse httpResponse) + ServletContext context, HttpServletRequest httpRequest, HttpServletResponse httpResponse, boolean guest) throws IOException { HttpSession session = httpRequest.getSession(); @@ -86,29 +85,29 @@ public final class AuthenticationHelper } // setup the authentication context - WebApplicationContext ctx = WebApplicationContextUtils.getRequiredWebApplicationContext(context); - AuthenticationService auth = (AuthenticationService)ctx.getBean(AUTHENTICATION_SERVICE); + WebApplicationContext wc = WebApplicationContextUtils.getRequiredWebApplicationContext(context); + AuthenticationService auth = (AuthenticationService)wc.getBean(ServletHelper.AUTHENTICATION_SERVICE); - if (user == null) + if (user == null || guest) { if (session.getAttribute(AuthenticationHelper.SESSION_INVALIDATED) == null) { Cookie authCookie = getAuthCookie(httpRequest); - if (authCookie == null) + if (authCookie == null || guest) { - // TODO: "forced" guest access on URLs! - // no previous authentication - attempt Guest access first + // no previous authentication or forced Guest - attempt Guest access UserTransaction tx = null; try { auth.authenticateAsGuest(); // if we get here then Guest access was allowed and successful - tx = ((TransactionService)ctx.getBean("TransactionService")).getUserTransaction(); + ServiceRegistry services = ServletHelper.getServiceRegistry(context); + tx = services.getTransactionService().getUserTransaction(); tx.begin(); - PersonService personService = (PersonService)ctx.getBean("personService"); - NodeService nodeService = (NodeService)ctx.getBean("nodeService"); + NodeService nodeService = services.getNodeService(); + PersonService personService = (PersonService)wc.getBean(ServletHelper.PERSON_SERVICE); NodeRef guestRef = personService.getPerson(PermissionService.GUEST); user = new User(PermissionService.GUEST, auth.getCurrentTicket(), guestRef); NodeRef guestHomeRef = (NodeRef)nodeService.getProperty(guestRef, ContentModel.PROP_HOMEFOLDER); @@ -128,11 +127,8 @@ public final class AuthenticationHelper // Set the current locale I18NUtil.setLocale(Application.getLanguage(httpRequest.getSession())); + // it is the responsibilty of the caller to handle the Guest return status return AuthenticationStatus.Guest; - - // TODO: What now? Any redirects can be performed directly from the appropriate - // servlet entry points, as we are now authenticated and don't - // need to go through the Login screen to gain authentication. } catch (AuthenticationException guestError) { @@ -188,8 +184,8 @@ public final class AuthenticationHelper throws IOException { // setup the authentication context - WebApplicationContext ctx = WebApplicationContextUtils.getRequiredWebApplicationContext(context); - AuthenticationService auth = (AuthenticationService)ctx.getBean(AUTHENTICATION_SERVICE); + WebApplicationContext wc = WebApplicationContextUtils.getRequiredWebApplicationContext(context); + AuthenticationService auth = (AuthenticationService)wc.getBean(ServletHelper.AUTHENTICATION_SERVICE); try { auth.validate(ticket); diff --git a/source/java/org/alfresco/web/app/servlet/DownloadContentServlet.java b/source/java/org/alfresco/web/app/servlet/DownloadContentServlet.java index 7a62083737..0bc2a4d4c7 100644 --- a/source/java/org/alfresco/web/app/servlet/DownloadContentServlet.java +++ b/source/java/org/alfresco/web/app/servlet/DownloadContentServlet.java @@ -45,8 +45,6 @@ import org.alfresco.web.bean.LoginBean; import org.alfresco.web.ui.common.Utils; import org.apache.commons.logging.Log; import org.apache.commons.logging.LogFactory; -import org.springframework.web.context.WebApplicationContext; -import org.springframework.web.context.support.WebApplicationContextUtils; /** * Servlet responsible for streaming node content from the repo directly to the response stream. @@ -87,7 +85,6 @@ public class DownloadContentServlet extends HttpServlet private static final String ARG_PROPERTY = "property"; private static final String ARG_ATTACH = "attach"; - private static final String ARG_TICKET = "ticket"; /** * @see javax.servlet.http.HttpServlet#doGet(javax.servlet.http.HttpServletRequest, javax.servlet.http.HttpServletResponse) @@ -109,16 +106,22 @@ public class DownloadContentServlet extends HttpServlet if (logger.isDebugEnabled()) logger.debug("Processing URL: " + uri + (req.getQueryString() != null ? ("?" + req.getQueryString()) : "")); - // see if a ticket has been supplied + // see if a ticket or guest parameter has been supplied AuthenticationStatus status; - String ticket = req.getParameter(ARG_TICKET); - if (ticket == null || ticket.length() == 0) + String ticket = req.getParameter(ServletHelper.ARG_TICKET); + if (ticket != null && ticket.length() != 0) { - status = AuthenticationHelper.authenticate(getServletContext(), req, res); + status = AuthenticationHelper.authenticate(getServletContext(), req, res, ticket); } else { - status = AuthenticationHelper.authenticate(getServletContext(), req, res, ticket); + boolean forceGuest = false; + String guest = req.getParameter(ServletHelper.ARG_GUEST); + if (guest != null) + { + forceGuest = Boolean.parseBoolean(guest); + } + status = AuthenticationHelper.authenticate(getServletContext(), req, res, forceGuest); } if (status == AuthenticationStatus.Failure) { @@ -177,8 +180,7 @@ public class DownloadContentServlet extends HttpServlet } // get the services we need to retrieve the content - WebApplicationContext context = WebApplicationContextUtils.getRequiredWebApplicationContext(getServletContext()); - ServiceRegistry serviceRegistry = (ServiceRegistry)context.getBean(ServiceRegistry.SERVICE_REGISTRY); + ServiceRegistry serviceRegistry = ServletHelper.getServiceRegistry(getServletContext()); ContentService contentService = serviceRegistry.getContentService(); // get the content reader diff --git a/source/java/org/alfresco/web/app/servlet/ExternalAccessServlet.java b/source/java/org/alfresco/web/app/servlet/ExternalAccessServlet.java index 0c2568a323..5d6c8ce005 100644 --- a/source/java/org/alfresco/web/app/servlet/ExternalAccessServlet.java +++ b/source/java/org/alfresco/web/app/servlet/ExternalAccessServlet.java @@ -56,7 +56,13 @@ public class ExternalAccessServlet extends HttpServlet protected void service(HttpServletRequest req, HttpServletResponse res) throws ServletException, IOException { - AuthenticationStatus status = AuthenticationHelper.authenticate(getServletContext(), req, res); + boolean forceGuest = false; + String guest = req.getParameter(ServletHelper.ARG_GUEST); + if (guest != null) + { + forceGuest = Boolean.parseBoolean(guest); + } + AuthenticationStatus status = AuthenticationHelper.authenticate(getServletContext(), req, res, forceGuest); // The URL contains multiple parts // /alfresco/navigate/ diff --git a/source/java/org/alfresco/web/app/servlet/ServletHelper.java b/source/java/org/alfresco/web/app/servlet/ServletHelper.java new file mode 100644 index 0000000000..c9829ccc35 --- /dev/null +++ b/source/java/org/alfresco/web/app/servlet/ServletHelper.java @@ -0,0 +1,61 @@ +/* + * Copyright (C) 2005 Alfresco, Inc. + * + * Licensed under the Mozilla Public License version 1.1 + * with a permitted attribution clause. You may obtain a + * copy of the License at + * + * http://www.alfresco.org/legal/license.txt + * + * Unless required by applicable law or agreed to in writing, + * software distributed under the License is distributed on an + * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, + * either express or implied. See the License for the specific + * language governing permissions and limitations under the + * License. + */ +package org.alfresco.web.app.servlet; + +import javax.servlet.ServletContext; + +import org.alfresco.service.ServiceRegistry; +import org.springframework.web.context.WebApplicationContext; +import org.springframework.web.context.support.WebApplicationContextUtils; + +/** + * Useful constant values and common methods for Alfresco servlets. + * + * @author Kevin Roast + */ +public final class ServletHelper +{ + /** an existing Ticket can be passed to most servlet for non-session based authentication */ + public static final String ARG_TICKET = "ticket"; + + /** forcing guess access is available on most servlets */ + public static final String ARG_GUEST = "guest"; + + /** public service bean IDs **/ + public static final String AUTHENTICATION_SERVICE = "authenticationService"; + public static final String PERSON_SERVICE = "personService"; + + /** + * Return the ServiceRegistry helper instance + * + * @param sc ServletContext + * + * @return ServiceRegistry + */ + public static ServiceRegistry getServiceRegistry(ServletContext sc) + { + WebApplicationContext wc = WebApplicationContextUtils.getRequiredWebApplicationContext(sc); + return (ServiceRegistry)wc.getBean(ServiceRegistry.SERVICE_REGISTRY); + } + + /** + * Private constructor + */ + private ServletHelper() + { + } +} diff --git a/source/java/org/alfresco/web/app/servlet/TemplateContentServlet.java b/source/java/org/alfresco/web/app/servlet/TemplateContentServlet.java index 0ad2408a1b..b8a594400d 100644 --- a/source/java/org/alfresco/web/app/servlet/TemplateContentServlet.java +++ b/source/java/org/alfresco/web/app/servlet/TemplateContentServlet.java @@ -43,8 +43,6 @@ import org.alfresco.web.bean.LoginBean; import org.alfresco.web.ui.repo.component.template.DefaultModelHelper; import org.apache.commons.logging.Log; import org.apache.commons.logging.LogFactory; -import org.springframework.web.context.WebApplicationContext; -import org.springframework.web.context.support.WebApplicationContextUtils; /** * Servlet responsible for streaming content from a template processed against a node directly @@ -79,7 +77,6 @@ public class TemplateContentServlet extends HttpServlet private static final String MSG_ERROR_CONTENT_MISSING = "error_content_missing"; - private static final String ARG_TICKET = "ticket"; private static final String ARG_MIMETYPE = "mimetype"; /** @@ -97,14 +94,20 @@ public class TemplateContentServlet extends HttpServlet // see if a ticket has been supplied AuthenticationStatus status; - String ticket = req.getParameter(ARG_TICKET); - if (ticket == null || ticket.length() == 0) + String ticket = req.getParameter(ServletHelper.ARG_TICKET); + if (ticket != null && ticket.length() != 0) { - status = AuthenticationHelper.authenticate(getServletContext(), req, res); + status = AuthenticationHelper.authenticate(getServletContext(), req, res, ticket); } else { - status = AuthenticationHelper.authenticate(getServletContext(), req, res, ticket); + boolean forceGuest = false; + String guest = req.getParameter(ServletHelper.ARG_GUEST); + if (guest != null) + { + forceGuest = Boolean.parseBoolean(guest); + } + status = AuthenticationHelper.authenticate(getServletContext(), req, res, forceGuest); } if (status == AuthenticationStatus.Failure) { @@ -130,7 +133,7 @@ public class TemplateContentServlet extends HttpServlet // get NodeRef to the template if supplied NodeRef templateRef = null; - if (tokenCount == 8) + if (tokenCount >= 8) { storeRef = new StoreRef(t.nextToken(), t.nextToken()); templateRef = new NodeRef(storeRef, t.nextToken()); @@ -144,8 +147,7 @@ public class TemplateContentServlet extends HttpServlet res.setContentType(mimetype); // get the services we need to retrieve the content - WebApplicationContext context = WebApplicationContextUtils.getRequiredWebApplicationContext(getServletContext()); - ServiceRegistry serviceRegistry = (ServiceRegistry)context.getBean(ServiceRegistry.SERVICE_REGISTRY); + ServiceRegistry serviceRegistry = ServletHelper.getServiceRegistry(getServletContext()); NodeService nodeService = serviceRegistry.getNodeService(); TemplateService templateService = serviceRegistry.getTemplateService(); diff --git a/source/java/org/alfresco/web/app/servlet/UploadFileServlet.java b/source/java/org/alfresco/web/app/servlet/UploadFileServlet.java index 18fae11f39..7a1abccb7b 100644 --- a/source/java/org/alfresco/web/app/servlet/UploadFileServlet.java +++ b/source/java/org/alfresco/web/app/servlet/UploadFileServlet.java @@ -59,7 +59,7 @@ public class UploadFileServlet extends HttpServlet try { - AuthenticationHelper.authenticate(getServletContext(), request, response); + AuthenticationHelper.authenticate(getServletContext(), request, response, false); if (isMultipart == false) { diff --git a/source/java/org/alfresco/web/bean/AdvancedSearchBean.java b/source/java/org/alfresco/web/bean/AdvancedSearchBean.java index 20edc4f556..50530e2898 100644 --- a/source/java/org/alfresco/web/bean/AdvancedSearchBean.java +++ b/source/java/org/alfresco/web/bean/AdvancedSearchBean.java @@ -84,8 +84,6 @@ import org.alfresco.web.ui.repo.component.UISearchCustomProperties; */ public class AdvancedSearchBean { - private static final String OUTCOME_BROWSE = "browse"; - /** * Default constructor */ @@ -1336,12 +1334,11 @@ public class AdvancedSearchBean Application.getGlossaryFolderName(fc) + "/" + Application.getSavedSearchesFolderName(fc); - NodeRef rootNodeRef = this.nodeService.getRootNode(Repository.getStoreRef()); List results = null; try { results = searchService.selectNodes( - rootNodeRef, + nodeService.getRootNode(Repository.getStoreRef()), xpath, null, namespaceService, @@ -1461,6 +1458,8 @@ public class AdvancedSearchBean private static final String MSG_ERROR_RESTORE_SEARCH = "error_restore_search"; private static final String MSG_SELECT_SAVED_SEARCH = "select_saved_search"; + private static final String OUTCOME_BROWSE = "browse"; + private static final String PANEL_CUSTOM = "custom-panel"; private static final String PANEL_ATTRS = "attrs-panel"; private static final String PANEL_CATEGORIES = "categories-panel"; diff --git a/source/java/org/alfresco/web/bean/users/UserMembersBean.java b/source/java/org/alfresco/web/bean/users/UserMembersBean.java index 48aa70beaf..7a9e304c8b 100644 --- a/source/java/org/alfresco/web/bean/users/UserMembersBean.java +++ b/source/java/org/alfresco/web/bean/users/UserMembersBean.java @@ -288,6 +288,7 @@ public abstract class UserMembersBean if (permission.getAccessStatus() == AccessStatus.ALLOWED && (permission.getAuthorityType() == AuthorityType.USER || permission.getAuthorityType() == AuthorityType.GROUP || + permission.getAuthorityType() == AuthorityType.GUEST || permission.getAuthorityType() == AuthorityType.EVERYONE)) { String authority = permission.getAuthority(); diff --git a/source/java/org/alfresco/web/bean/wizard/InviteUsersWizard.java b/source/java/org/alfresco/web/bean/wizard/InviteUsersWizard.java index c78731c1f9..ef9b296d12 100644 --- a/source/java/org/alfresco/web/bean/wizard/InviteUsersWizard.java +++ b/source/java/org/alfresco/web/bean/wizard/InviteUsersWizard.java @@ -457,7 +457,7 @@ public abstract class InviteUsersWizard extends AbstractWizardBean // build a display label showing the user and their role for the space AuthorityType authType = AuthorityType.getAuthorityType(authority); - if (authType.equals(AuthorityType.USER)) + if (authType.equals(AuthorityType.USER) || authType.equals(AuthorityType.GUEST)) { if (this.personService.personExists(authority) == true) {