From a26d52b468123d8dbdfa815c3eb608d1f66b80b7 Mon Sep 17 00:00:00 2001
From: Kevin Roast <kevin.roast@alfresco.com>
Date: Wed, 31 Jan 2007 14:25:45 +0000
Subject: [PATCH] . Fix for http://issues.alfresco.com/browse/AWC-986  - New
 public service method added to AuthenticationService component stack:
 guestUserAuthenticationAllowed()

git-svn-id: https://svn.alfresco.com/repos/alfresco-enterprise/alfresco/HEAD/root@4981 c4b6b30b-aa2e-2d43-bbcb-ca4b014f7261
---
 .../alfresco/public-services-security-context.xml |  3 ++-
 .../AbstractAuthenticationComponent.java          | 15 +++++++++++++++
 .../authentication/AuthenticationComponent.java   |  8 ++++++++
 .../authentication/AuthenticationServiceImpl.java |  4 ++++
 .../ChainingAuthenticationServiceImpl.java        | 13 +++++++++++++
 .../TestAuthenticationServiceImpl.java            |  5 +++++
 .../cmr/security/AuthenticationService.java       |  8 ++++++++
 7 files changed, 55 insertions(+), 1 deletion(-)

diff --git a/config/alfresco/public-services-security-context.xml b/config/alfresco/public-services-security-context.xml
index e686bb7d96..2b8c459ea1 100644
--- a/config/alfresco/public-services-security-context.xml
+++ b/config/alfresco/public-services-security-context.xml
@@ -635,7 +635,7 @@
    <!-- The Authentication Service security interceptor -->
    <!-- =============================================== -->
  
-   <!-- Authentication is excluded as it sets or cleas authentication -->
+   <!-- NOTE: Authentication is excluded as it sets or clears authentication -->
    <!-- The same for validate ticaket -->
    <!-- Update authentication checks internally -->
    <bean id="AuthenticationService_security" class="net.sf.acegisecurity.intercept.method.aopalliance.MethodSecurityInterceptor">
@@ -657,6 +657,7 @@
                 org.alfresco.service.cmr.security.AuthenticationService.getCurrentTicket=ACL_ALLOW
                 org.alfresco.service.cmr.security.AuthenticationService.clearCurrentSecurityContext=ACL_ALLOW
                 org.alfresco.service.cmr.security.AuthenticationService.isCurrentUserTheSystemUser=ACL_ALLOW
+                org.alfresco.service.cmr.security.AuthenticationService.guestUserAuthenticationAllowed=ACL_ALLOW
                 org.alfresco.service.cmr.security.AuthenticationService.getDomains=ACL_METHOD.ROLE_ADMINISTRATOR
                 org.alfresco.service.cmr.security.AuthenticationService.getDomainsThatAllowUserCreation=ACL_METHOD.ROLE_ADMINISTRATOR
                 org.alfresco.service.cmr.security.AuthenticationService.getDomainsThatAllowUserDeletion=ACL_METHOD.ROLE_ADMINISTRATOR
diff --git a/source/java/org/alfresco/repo/security/authentication/AbstractAuthenticationComponent.java b/source/java/org/alfresco/repo/security/authentication/AbstractAuthenticationComponent.java
index 0143e9683b..47ea21acd4 100644
--- a/source/java/org/alfresco/repo/security/authentication/AbstractAuthenticationComponent.java
+++ b/source/java/org/alfresco/repo/security/authentication/AbstractAuthenticationComponent.java
@@ -257,6 +257,21 @@ public abstract class AbstractAuthenticationComponent implements AuthenticationC
     }
 
     protected abstract boolean implementationAllowsGuestLogin();
+    
+    /**
+     * @return true if Guest user authentication is allowed, false otherwise
+     */
+    public boolean guestUserAuthenticationAllowed()
+    {
+        if (allowGuestLogin == null)
+        {
+            return (implementationAllowsGuestLogin());
+        }
+        else
+        {
+            return (allowGuestLogin.booleanValue());
+        }
+    }
 
     /**
      * Remove the current security information
diff --git a/source/java/org/alfresco/repo/security/authentication/AuthenticationComponent.java b/source/java/org/alfresco/repo/security/authentication/AuthenticationComponent.java
index c3fba1c921..d423fd0cfb 100644
--- a/source/java/org/alfresco/repo/security/authentication/AuthenticationComponent.java
+++ b/source/java/org/alfresco/repo/security/authentication/AuthenticationComponent.java
@@ -84,6 +84,14 @@ public interface AuthenticationComponent
     public Authentication setGuestUserAsCurrentUser();
     
     
+    /**
+     * True if Guest user authentication is allowed, false otherwise
+     * 
+     * @return
+     */
+    public boolean guestUserAuthenticationAllowed();
+    
+    
     /**
      * Get the name of the system user
      * 
diff --git a/source/java/org/alfresco/repo/security/authentication/AuthenticationServiceImpl.java b/source/java/org/alfresco/repo/security/authentication/AuthenticationServiceImpl.java
index 151f8c9c9d..e90f94fa48 100644
--- a/source/java/org/alfresco/repo/security/authentication/AuthenticationServiceImpl.java
+++ b/source/java/org/alfresco/repo/security/authentication/AuthenticationServiceImpl.java
@@ -168,6 +168,10 @@ public class AuthenticationServiceImpl implements AuthenticationService
         authenticationComponent.setGuestUserAsCurrentUser();
     }
     
+    public boolean guestUserAuthenticationAllowed()
+    {
+        return authenticationComponent.guestUserAuthenticationAllowed();
+    }
 
     public boolean getAllowsUserCreation()
     {
diff --git a/source/java/org/alfresco/repo/security/authentication/ChainingAuthenticationServiceImpl.java b/source/java/org/alfresco/repo/security/authentication/ChainingAuthenticationServiceImpl.java
index 409d87f13d..c5f36fb472 100644
--- a/source/java/org/alfresco/repo/security/authentication/ChainingAuthenticationServiceImpl.java
+++ b/source/java/org/alfresco/repo/security/authentication/ChainingAuthenticationServiceImpl.java
@@ -181,6 +181,19 @@ public class ChainingAuthenticationServiceImpl implements AuthenticationService
         }
         throw new AuthenticationException("Guest authentication not supported");
     }
+    
+    public boolean guestUserAuthenticationAllowed()
+    {
+        for (AuthenticationService authService : getUsableAuthenticationServices())
+        {
+            if (authService.guestUserAuthenticationAllowed())
+            {
+                return true;
+            }
+        }
+        // it isn't allowed in any of the authentication components
+        return false;
+    }
 
     public boolean authenticationExists(String userName)
     {
diff --git a/source/java/org/alfresco/repo/security/authentication/TestAuthenticationServiceImpl.java b/source/java/org/alfresco/repo/security/authentication/TestAuthenticationServiceImpl.java
index 817109ffd5..9ffdce367b 100644
--- a/source/java/org/alfresco/repo/security/authentication/TestAuthenticationServiceImpl.java
+++ b/source/java/org/alfresco/repo/security/authentication/TestAuthenticationServiceImpl.java
@@ -229,6 +229,11 @@ public class TestAuthenticationServiceImpl implements AuthenticationService
             throw new AuthenticationException("Guest access denied");
         }
     }
+    
+    public boolean guestUserAuthenticationAllowed()
+    {
+        return allowGuest;
+    }
 
     public boolean authenticationExists(String userName)
     {
diff --git a/source/java/org/alfresco/service/cmr/security/AuthenticationService.java b/source/java/org/alfresco/service/cmr/security/AuthenticationService.java
index de4177e5e6..61d54c712e 100644
--- a/source/java/org/alfresco/service/cmr/security/AuthenticationService.java
+++ b/source/java/org/alfresco/service/cmr/security/AuthenticationService.java
@@ -110,6 +110,14 @@ public interface AuthenticationService
     @Auditable
     public void authenticateAsGuest() throws AuthenticationException;
     
+    /**
+     * Check if Guest user authentication is allowed.
+     * 
+     * @return true if Guest user authentication is allowed, false otherwise
+     */
+    @Auditable
+    public boolean guestUserAuthenticationAllowed();
+    
     /**
      * Check if the given authentication exists.
      *