inteligr8/alfresco-community-repo
1
0
Fork 0
mirror of https://github.com/Alfresco/alfresco-community-repo.git synced 2025-07-31 17:39:05 +00:00
Code Issues Packages Projects Releases Wiki Activity

REPO-4859 : HTTP_UNAUTHORIZED instead of HTTP_FORBIDDEN for some CMIS… (#974)

Browse Source 
* REPO-4859 : HTTP_UNAUTHORIZED instead of HTTP_FORBIDDEN for some CMIS apis
    - moved the fix to a more suitable place
    - added explanatory comment
This commit is contained in:
Lucian Tuca
2020-04-30 15:15:16 +03:00
committed by GitHub
parent 382118ceb8
commit a219162f42
2 changed files with 32 additions and 34 deletions
Download Patch File Download Diff File Expand all files Collapse all files

13
src/main/java/org/alfresco/opencmis/AlfrescoCmisServiceImpl.java
View File

@@ -134,7 +134,6 @@ import org.apache.chemistry.opencmis.commons.impl.server.AbstractCmisService;
import org.apache.chemistry.opencmis.commons.impl.server.ObjectInfoImpl;
import org.apache.chemistry.opencmis.commons.impl.server.RenditionInfoImpl;
import org.apache.chemistry.opencmis.commons.server.CallContext;
import org.apache.chemistry.opencmis.commons.server.MutableCallContext;
import org.apache.chemistry.opencmis.commons.server.ObjectInfo;
import org.apache.chemistry.opencmis.commons.server.RenditionInfo;
import org.apache.chemistry.opencmis.commons.spi.Holder;
@@ -176,21 +175,9 @@ public class AlfrescoCmisServiceImpl extends AbstractCmisService implements Alfr
@Override
public void open(CallContext context)
{
if (context instanceof MutableCallContext)
{
MutableCallContext mutableCallContext = (MutableCallContext) context;
if (mutableCallContext.getUsername() == null && AuthenticationUtil.getFullyAuthenticatedUser() != null)
{
mutableCallContext.put(CallContext.USERNAME, AuthenticationUtil.getFullyAuthenticatedUser());
}
AlfrescoCmisServiceCall.set(mutableCallContext);
}
else
{
AlfrescoCmisServiceCall.set(context);
}
}
protected CallContext getContext()
{

11
src/main/java/org/alfresco/opencmis/PublicApiCallContextHandler.java
View File

@@ -30,6 +30,8 @@ import java.util.Map;
import javax.servlet.http.HttpServletRequest;
import org.alfresco.repo.security.authentication.AuthenticationUtil;
import org.apache.chemistry.opencmis.commons.server.CallContext;
import org.apache.chemistry.opencmis.server.shared.BasicAuthCallContextHandler;
public class PublicApiCallContextHandler extends BasicAuthCallContextHandler
@@ -47,6 +49,15 @@ public class PublicApiCallContextHandler extends BasicAuthCallContextHandler
map.putAll(basicAuthMap);
}
// Adding the username in the context is needed because of the following reasons:
// - CMISServletDispatcher is configured to ALWAYS use this class (PublicApiCallContextHandler)
// - this class extends the BasicAuthCallContextHandler class which only puts the username in the context ONLY IF the request is having Basic auth
// - therefor in the case of a Bearer auth, the username is never in the context, fact that ultimately leads to bugs when the response should be provided
if (map.get(CallContext.USERNAME) == null && AuthenticationUtil.getFullyAuthenticatedUser() != null)
{
map.put(CallContext.USERNAME, AuthenticationUtil.getFullyAuthenticatedUser());
}
map.put("isPublicApi", "true");
return map;
}