inteligr8/alfresco-community-repo
1
0
Fork 0
mirror of https://github.com/Alfresco/alfresco-community-repo.git synced 2025-08-07 17:49:17 +00:00
Code Issues Packages Projects Releases Wiki Activity

Merged HEAD-BUG-FIX (4.3/Cloud) to HEAD (4.3/Cloud)

Browse Source 
64105: Reverse Merge HEAD-BUG-FIX (4.3.0.BF)
      << Reverted to see if commit was reason for build failures >>
      63912: Merged DEV to HEAD-BUG-FIX (4.3.0.BF)
         63885: MNT-10338 : WebDav MT RepositoryAuthenticationDao.getUserFolderLocation() seems to be no tenant-safe
         Implemented a JUnit test.
         Fixed RepositoryAuthenticationDAO.getUserFolderLocation() to use cache keys with tenant domain and use the domain to find correct user store.


git-svn-id: https://svn.alfresco.com/repos/alfresco-enterprise/alfresco/HEAD/root@64358 c4b6b30b-aa2e-2d43-bbcb-ca4b014f7261
This commit is contained in:
Alan Davis
2014-03-14 17:46:41 +00:00
parent 3214f17fe2
commit 983b3640da
2 changed files with 8 additions and 54 deletions
Download Patch File Download Diff File Expand all files Collapse all files

13
source/java/org/alfresco/repo/security/authentication/RepositoryAuthenticationDao.java
View File

@@ -1,5 +1,5 @@
/* /*
* Copyright (C) 2005-2014 Alfresco Software Limited. * Copyright (C) 2005-2013 Alfresco Software Limited.
* *
* This file is part of Alfresco * This file is part of Alfresco
* *
@@ -295,17 +295,14 @@ public class RepositoryAuthenticationDao implements MutableAuthenticationDao, In
private NodeRef getUserFolderLocation(String caseSensitiveUserName) private NodeRef getUserFolderLocation(String caseSensitiveUserName)
{ {
// Use the tenant aware cache key NodeRef userNodeRef = singletonCache.get(KEY_USERFOLDER_NODEREF);
// see MNT-10338
final String cacheKey = tenantService.getUserDomain(caseSensitiveUserName) + KEY_USERFOLDER_NODEREF;
NodeRef userNodeRef = singletonCache.get(cacheKey);
if (userNodeRef == null) if (userNodeRef == null)
{ {
QName qnameAssocSystem = QName.createQName("sys", "system", namespacePrefixResolver); QName qnameAssocSystem = QName.createQName("sys", "system", namespacePrefixResolver);
QName qnameAssocUsers = QName.createQName("sys", "people", namespacePrefixResolver); QName qnameAssocUsers = QName.createQName("sys", "people", namespacePrefixResolver);
// Use tenant domain to get a valid storeRef //StoreRef userStoreRef = tenantService.getName(caseSensitiveUserName, new StoreRef(STOREREF_USERS.getProtocol(), STOREREF_USERS.getIdentifier()));
StoreRef userStoreRef = tenantService.getName(caseSensitiveUserName, new StoreRef(STOREREF_USERS.getProtocol(), STOREREF_USERS.getIdentifier())); StoreRef userStoreRef = new StoreRef(STOREREF_USERS.getProtocol(), STOREREF_USERS.getIdentifier());
// AR-527 // AR-527
NodeRef rootNode = nodeService.getRootNode(userStoreRef); NodeRef rootNode = nodeService.getRootNode(userStoreRef);
@@ -328,7 +325,7 @@ public class RepositoryAuthenticationDao implements MutableAuthenticationDao, In
{ {
userNodeRef = tenantService.getName(results.get(0).getChildRef()); userNodeRef = tenantService.getName(results.get(0).getChildRef());
} }
singletonCache.put(cacheKey, userNodeRef); singletonCache.put(KEY_USERFOLDER_NODEREF, userNodeRef);
} }
return userNodeRef; return userNodeRef;
} }

45
source/test-java/org/alfresco/repo/security/authentication/AuthenticationTest.java
View File

@@ -1,5 +1,5 @@
/* /*
* Copyright (C) 2005-2014 Alfresco Software Limited. * Copyright (C) 2005-2011 Alfresco Software Limited.
* *
* This file is part of Alfresco * This file is part of Alfresco
* *
@@ -51,9 +51,7 @@ import org.alfresco.repo.security.authentication.AuthenticationUtil.RunAsWork;
import org.alfresco.repo.security.authentication.InMemoryTicketComponentImpl.ExpiryMode; import org.alfresco.repo.security.authentication.InMemoryTicketComponentImpl.ExpiryMode;
import org.alfresco.repo.security.authentication.InMemoryTicketComponentImpl.Ticket; import org.alfresco.repo.security.authentication.InMemoryTicketComponentImpl.Ticket;
import org.alfresco.repo.security.authentication.RepositoryAuthenticationDao.CacheEntry; import org.alfresco.repo.security.authentication.RepositoryAuthenticationDao.CacheEntry;
import org.alfresco.repo.tenant.TenantAdminService;
import org.alfresco.repo.tenant.TenantService; import org.alfresco.repo.tenant.TenantService;
import org.alfresco.repo.tenant.TenantUtil;
import org.alfresco.repo.transaction.AlfrescoTransactionSupport; import org.alfresco.repo.transaction.AlfrescoTransactionSupport;
import org.alfresco.repo.transaction.AlfrescoTransactionSupport.TxnReadState; import org.alfresco.repo.transaction.AlfrescoTransactionSupport.TxnReadState;
import org.alfresco.repo.transaction.RetryingTransactionHelper.RetryingTransactionCallback; import org.alfresco.repo.transaction.RetryingTransactionHelper.RetryingTransactionCallback;
@@ -98,7 +96,6 @@ public class AuthenticationTest extends TestCase
private TransactionService transactionService; private TransactionService transactionService;
private PersonService pubPersonService; private PersonService pubPersonService;
private PersonService personService; private PersonService personService;
private TenantAdminService tenantAdminService;
private UserTransaction userTransaction; private UserTransaction userTransaction;
private NodeRef rootNodeRef; private NodeRef rootNodeRef;
@@ -115,11 +112,6 @@ public class AuthenticationTest extends TestCase
private SimpleCache<String, CacheEntry> authenticationCache; private SimpleCache<String, CacheEntry> authenticationCache;
private SimpleCache<String, NodeRef> immutableSingletonCache; private SimpleCache<String, NodeRef> immutableSingletonCache;
private static final String TEST_RUN = System.currentTimeMillis()+"";
private static final String TEST_TENANT_DOMAIN = TEST_RUN+".my.test";
private static final String DEFAULT_ADMIN_PW = "admin";
private static final String TENANT_ADMIN_PW = DEFAULT_ADMIN_PW + TEST_TENANT_DOMAIN;
public AuthenticationTest() public AuthenticationTest()
{ {
super(); super();
@@ -160,7 +152,6 @@ public class AuthenticationTest extends TestCase
// permissionServiceSPI = (PermissionServiceSPI) // permissionServiceSPI = (PermissionServiceSPI)
// ctx.getBean("permissionService"); // ctx.getBean("permissionService");
ticketsCache = (SimpleCache<String, Ticket>) ctx.getBean("ticketsCache"); ticketsCache = (SimpleCache<String, Ticket>) ctx.getBean("ticketsCache");
tenantAdminService = (TenantAdminService) ctx.getBean("tenantAdminService");
dao = (MutableAuthenticationDao) ctx.getBean("authenticationDao"); dao = (MutableAuthenticationDao) ctx.getBean("authenticationDao");
@@ -449,40 +440,6 @@ public class AuthenticationTest extends TestCase
return dao; return dao;
} }
/**
* Test for ALF-20680
* Test of the {@link RepositoryAuthenticationDao#getUserFolderLocation(String)} in multitenancy
*/
public void testAuthenticateMultiTenant()
{
// Create a tenant domain
TenantUtil.runAsSystemTenant(new TenantUtil.TenantRunAsWork<Object>()
{
public Object doWork() throws Exception
{
if (!tenantAdminService.existsTenant(TEST_TENANT_DOMAIN))
{
tenantAdminService.createTenant(TEST_TENANT_DOMAIN, TENANT_ADMIN_PW.toCharArray(), null);
}
return null;
}
}, TenantService.DEFAULT_DOMAIN);
// Use default admin
authenticateMultiTenantWork(AuthenticationUtil.getAdminUserName(), DEFAULT_ADMIN_PW);
// Use tenant admin
authenticateMultiTenantWork(AuthenticationUtil.getAdminUserName() + TenantService.SEPARATOR + TEST_TENANT_DOMAIN, TENANT_ADMIN_PW);
}
private void authenticateMultiTenantWork(String userName, String password)
{
String hashedPassword = dao.getMD4HashedPassword(userName);
assertNotNull(hashedPassword);
UserDetails userDetails = (UserDetails) dao.loadUserByUsername(userName);
assertEquals(passwordEncoder.encodePassword(password, dao.getSalt(userDetails)), hashedPassword);
}
public void testCreateAndyUserAndOtherCRUD() throws NoSuchAlgorithmException, UnsupportedEncodingException public void testCreateAndyUserAndOtherCRUD() throws NoSuchAlgorithmException, UnsupportedEncodingException
{ {
RepositoryAuthenticationDao dao = createRepositoryAuthenticationDao(); RepositoryAuthenticationDao dao = createRepositoryAuthenticationDao();