diff --git a/src/main/java/org/alfresco/opencmis/AlfrescoCmisServiceImpl.java b/src/main/java/org/alfresco/opencmis/AlfrescoCmisServiceImpl.java
index 90fd0f8220..99bdc935b4 100644
--- a/src/main/java/org/alfresco/opencmis/AlfrescoCmisServiceImpl.java
+++ b/src/main/java/org/alfresco/opencmis/AlfrescoCmisServiceImpl.java
@@ -134,7 +134,6 @@ import org.apache.chemistry.opencmis.commons.impl.server.AbstractCmisService;
import org.apache.chemistry.opencmis.commons.impl.server.ObjectInfoImpl;
import org.apache.chemistry.opencmis.commons.impl.server.RenditionInfoImpl;
import org.apache.chemistry.opencmis.commons.server.CallContext;
-import org.apache.chemistry.opencmis.commons.server.MutableCallContext;
import org.apache.chemistry.opencmis.commons.server.ObjectInfo;
import org.apache.chemistry.opencmis.commons.server.RenditionInfo;
import org.apache.chemistry.opencmis.commons.spi.Holder;
@@ -177,19 +176,7 @@ public class AlfrescoCmisServiceImpl extends AbstractCmisService implements Alfr
@Override
public void open(CallContext context)
{
- if (context instanceof MutableCallContext)
- {
- MutableCallContext mutableCallContext = (MutableCallContext) context;
- if (mutableCallContext.getUsername() == null && AuthenticationUtil.getFullyAuthenticatedUser() != null)
- {
- mutableCallContext.put(CallContext.USERNAME, AuthenticationUtil.getFullyAuthenticatedUser());
- }
- AlfrescoCmisServiceCall.set(mutableCallContext);
- }
- else
- {
- AlfrescoCmisServiceCall.set(context);
- }
+ AlfrescoCmisServiceCall.set(context);
}
protected CallContext getContext()
diff --git a/src/main/java/org/alfresco/opencmis/PublicApiCallContextHandler.java b/src/main/java/org/alfresco/opencmis/PublicApiCallContextHandler.java
index 74619bc1cc..53db597882 100644
--- a/src/main/java/org/alfresco/opencmis/PublicApiCallContextHandler.java
+++ b/src/main/java/org/alfresco/opencmis/PublicApiCallContextHandler.java
@@ -23,21 +23,23 @@
* along with Alfresco. If not, see .
* #L%
*/
-package org.alfresco.opencmis;
-
-import java.util.HashMap;
-import java.util.Map;
-
-import javax.servlet.http.HttpServletRequest;
-
-import org.apache.chemistry.opencmis.server.shared.BasicAuthCallContextHandler;
-
-public class PublicApiCallContextHandler extends BasicAuthCallContextHandler
-{
- private static final long serialVersionUID = 8877878113507734452L;
-
- @Override
- public Map getCallContextMap(HttpServletRequest request)
+package org.alfresco.opencmis;
+
+import java.util.HashMap;
+import java.util.Map;
+
+import javax.servlet.http.HttpServletRequest;
+
+import org.alfresco.repo.security.authentication.AuthenticationUtil;
+import org.apache.chemistry.opencmis.commons.server.CallContext;
+import org.apache.chemistry.opencmis.server.shared.BasicAuthCallContextHandler;
+
+public class PublicApiCallContextHandler extends BasicAuthCallContextHandler
+{
+ private static final long serialVersionUID = 8877878113507734452L;
+
+ @Override
+ public Map getCallContextMap(HttpServletRequest request)
{
Map map = new HashMap();
@@ -46,8 +48,17 @@ public class PublicApiCallContextHandler extends BasicAuthCallContextHandler
{
map.putAll(basicAuthMap);
}
-
- map.put("isPublicApi", "true");
- return map;
- }
-}
+
+ // Adding the username in the context is needed because of the following reasons:
+ // - CMISServletDispatcher is configured to ALWAYS use this class (PublicApiCallContextHandler)
+ // - this class extends the BasicAuthCallContextHandler class which only puts the username in the context ONLY IF the request is having Basic auth
+ // - therefor in the case of a Bearer auth, the username is never in the context, fact that ultimately leads to bugs when the response should be provided
+ if (map.get(CallContext.USERNAME) == null && AuthenticationUtil.getFullyAuthenticatedUser() != null)
+ {
+ map.put(CallContext.USERNAME, AuthenticationUtil.getFullyAuthenticatedUser());
+ }
+
+ map.put("isPublicApi", "true");
+ return map;
+ }
+}