inteligr8/alfresco-community-repo
1
0
Fork 0
mirror of https://github.com/Alfresco/alfresco-community-repo.git synced 2025-07-24 17:32:48 +00:00
Code Issues Packages Projects Releases Wiki Activity

Authentication service fix.

Browse Source 
Clean context if login fails or ticket validation falis

git-svn-id: https://svn.alfresco.com/repos/alfresco-enterprise/alfresco/HEAD/root@2030 c4b6b30b-aa2e-2d43-bbcb-ca4b014f7261
This commit is contained in:
Andrew Hind
2005-12-13 09:29:22 +00:00
parent dbb20b17ab
commit 8e31d3ba1b
3 changed files with 100 additions and 4 deletions
Download Patch File Download Diff File Expand all files Collapse all files

7
source/java/org/alfresco/repo/security/authentication/AbstractAuthenticationComponent.java
View File

@@ -57,8 +57,13 @@ public abstract class AbstractAuthenticationComponent implements AuthenticationC
* String
* @return Authentication
*/
public Authentication setCurrentUser(String userName)
public Authentication setCurrentUser(String userName) throws AuthenticationException
{
if(userName == null)
{
throw new AuthenticationException("Null user name");
}
try
{
UserDetails ud = null;

16
source/java/org/alfresco/repo/security/authentication/AuthenticationServiceImpl.java
View File

@@ -87,9 +87,17 @@ public class AuthenticationServiceImpl implements AuthenticationService
}
public void authenticate(String userName, char[] password) throws AuthenticationException
{
try
{
authenticationComponent.authenticate(userName, password);
}
catch(AuthenticationException ae)
{
clearCurrentSecurityContext();
throw ae;
}
}
public String getCurrentUserName() throws AuthenticationException
{
@@ -107,9 +115,17 @@ public class AuthenticationServiceImpl implements AuthenticationService
}
public void validate(String ticket) throws AuthenticationException
{
try
{
authenticationComponent.setCurrentUser(ticketComponent.validateTicket(ticket));
}
catch(AuthenticationException ae)
{
clearCurrentSecurityContext();
throw ae;
}
}
public String getCurrentTicket()
{

75
source/java/org/alfresco/repo/security/authentication/AuthenticationTest.java
View File

@@ -470,6 +470,7 @@ public class AuthenticationTest extends TestCase
tc.validateTicket(ticket);
tc.validateTicket(ticket);
tc.validateTicket(ticket);
synchronized (this)
{
try
@@ -492,6 +493,50 @@ public class AuthenticationTest extends TestCase
}
try
{
tc.validateTicket(ticket);
assertNotNull(null);
}
catch (AuthenticationException e)
{
}
try
{
tc.validateTicket(ticket);
assertNotNull(null);
}
catch (AuthenticationException e)
{
}
synchronized (this)
{
try
{
wait(10000);
}
catch (InterruptedException e)
{
// TODO Auto-generated catch block
e.printStackTrace();
}
}
try
{
tc.validateTicket(ticket);
assertNotNull(null);
}
catch (AuthenticationException e)
{
}
dao.deleteUser("Andy");
// assertNull(dao.getUserOrNull("Andy"));
}
@@ -579,6 +624,7 @@ public class AuthenticationTest extends TestCase
}
authenticationService.authenticate("Andy", "auth3".toCharArray());
// get the ticket that represents the current user authentication
// instance
String ticket = authenticationService.getCurrentTicket();
@@ -597,6 +643,34 @@ public class AuthenticationTest extends TestCase
}
Authentication current = authenticationComponent.getCurrentAuthentication();
if(current != null)
{
assertFalse(current.isAuthenticated());
}
try
{
authenticationService.validate(ticket);
assertNotNull(null);
}
catch (AuthenticationException e)
{
}
try
{
authenticationService.validate(ticket);
assertNotNull(null);
}
catch (AuthenticationException e)
{
}
// clear any context and check we are no longer authenticated
authenticationService.clearCurrentSecurityContext();
assertNull(authenticationService.getCurrentUserName());
@@ -650,6 +724,7 @@ public class AuthenticationTest extends TestCase
}
pubAuthenticationService.authenticate("Andy", "auth3".toCharArray());
// get the ticket that represents the current user authentication
// instance
String ticket = pubAuthenticationService.getCurrentTicket();