inteligr8/alfresco-community-repo
1
0
Fork 0
mirror of https://github.com/Alfresco/alfresco-community-repo.git synced 2025-07-24 17:32:48 +00:00
Code Issues Packages Projects Releases Wiki Activity

Authentication service fix.

Browse Source 
Clean context if login fails or ticket validation falis

git-svn-id: https://svn.alfresco.com/repos/alfresco-enterprise/alfresco/HEAD/root@2030 c4b6b30b-aa2e-2d43-bbcb-ca4b014f7261
This commit is contained in:
Andrew Hind
2005-12-13 09:29:22 +00:00
parent dbb20b17ab
commit 8e31d3ba1b
3 changed files with 100 additions and 4 deletions
Download Patch File Download Diff File Expand all files Collapse all files

7
source/java/org/alfresco/repo/security/authentication/AbstractAuthenticationComponent.java
View File

@@ -57,8 +57,13 @@ public abstract class AbstractAuthenticationComponent implements AuthenticationC
* String * String
* @return Authentication * @return Authentication
*/ */
public Authentication setCurrentUser(String userName) public Authentication setCurrentUser(String userName) throws AuthenticationException
{ {
if(userName == null)
{
throw new AuthenticationException("Null user name");
}
try try
{ {
UserDetails ud = null; UserDetails ud = null;

20
source/java/org/alfresco/repo/security/authentication/AuthenticationServiceImpl.java
View File

@@ -88,7 +88,15 @@ public class AuthenticationServiceImpl implements AuthenticationService
public void authenticate(String userName, char[] password) throws AuthenticationException public void authenticate(String userName, char[] password) throws AuthenticationException
{ {
authenticationComponent.authenticate(userName, password); try
{
authenticationComponent.authenticate(userName, password);
}
catch(AuthenticationException ae)
{
clearCurrentSecurityContext();
throw ae;
}
} }
public String getCurrentUserName() throws AuthenticationException public String getCurrentUserName() throws AuthenticationException
@@ -108,7 +116,15 @@ public class AuthenticationServiceImpl implements AuthenticationService
public void validate(String ticket) throws AuthenticationException public void validate(String ticket) throws AuthenticationException
{ {
authenticationComponent.setCurrentUser(ticketComponent.validateTicket(ticket)); try
{
authenticationComponent.setCurrentUser(ticketComponent.validateTicket(ticket));
}
catch(AuthenticationException ae)
{
clearCurrentSecurityContext();
throw ae;
}
} }
public String getCurrentTicket() public String getCurrentTicket()

75
source/java/org/alfresco/repo/security/authentication/AuthenticationTest.java
View File

@@ -470,6 +470,7 @@ public class AuthenticationTest extends TestCase
tc.validateTicket(ticket); tc.validateTicket(ticket);
tc.validateTicket(ticket); tc.validateTicket(ticket);
tc.validateTicket(ticket); tc.validateTicket(ticket);
synchronized (this) synchronized (this)
{ {
try try
@@ -492,6 +493,50 @@ public class AuthenticationTest extends TestCase
} }
try
{
tc.validateTicket(ticket);
assertNotNull(null);
}
catch (AuthenticationException e)
{
}
try
{
tc.validateTicket(ticket);
assertNotNull(null);
}
catch (AuthenticationException e)
{
}
synchronized (this)
{
try
{
wait(10000);
}
catch (InterruptedException e)
{
// TODO Auto-generated catch block
e.printStackTrace();
}
}
try
{
tc.validateTicket(ticket);
assertNotNull(null);
}
catch (AuthenticationException e)
{
}
dao.deleteUser("Andy"); dao.deleteUser("Andy");
// assertNull(dao.getUserOrNull("Andy")); // assertNull(dao.getUserOrNull("Andy"));
} }
@@ -579,6 +624,7 @@ public class AuthenticationTest extends TestCase
} }
authenticationService.authenticate("Andy", "auth3".toCharArray());
// get the ticket that represents the current user authentication // get the ticket that represents the current user authentication
// instance // instance
String ticket = authenticationService.getCurrentTicket(); String ticket = authenticationService.getCurrentTicket();
@@ -597,6 +643,34 @@ public class AuthenticationTest extends TestCase
} }
Authentication current = authenticationComponent.getCurrentAuthentication();
if(current != null)
{
assertFalse(current.isAuthenticated());
}
try
{
authenticationService.validate(ticket);
assertNotNull(null);
}
catch (AuthenticationException e)
{
}
try
{
authenticationService.validate(ticket);
assertNotNull(null);
}
catch (AuthenticationException e)
{
}
// clear any context and check we are no longer authenticated // clear any context and check we are no longer authenticated
authenticationService.clearCurrentSecurityContext(); authenticationService.clearCurrentSecurityContext();
assertNull(authenticationService.getCurrentUserName()); assertNull(authenticationService.getCurrentUserName());
@@ -650,6 +724,7 @@ public class AuthenticationTest extends TestCase
} }
pubAuthenticationService.authenticate("Andy", "auth3".toCharArray());
// get the ticket that represents the current user authentication // get the ticket that represents the current user authentication
// instance // instance
String ticket = pubAuthenticationService.getCurrentTicket(); String ticket = pubAuthenticationService.getCurrentTicket();