. Fix for http://issues.alfresco.com/browse/AWC-986

- New public service method added to AuthenticationService component stack: guestUserAuthenticationAllowed() git-svn-id: https://svn.alfresco.com/repos/alfresco-enterprise/alfresco/HEAD/root@4981 c4b6b30b-aa2e-2d43-bbcb-ca4b014f7261
2025-07-24 17:32:48 +00:00 · 2007-01-31 14:25:45 +00:00
parent 2ad8f02979
commit a26d52b468
7 changed files with 55 additions and 1 deletions
--- a/config/alfresco/public-services-security-context.xml
+++ b/config/alfresco/public-services-security-context.xml
@@ -635,7 +635,7 @@
   <!-- The Authentication Service security interceptor -->
   <!-- =============================================== -->
 
-   <!-- Authentication is excluded as it sets or cleas authentication -->
+   <!-- NOTE: Authentication is excluded as it sets or clears authentication -->
   <!-- The same for validate ticaket -->
   <!-- Update authentication checks internally -->
   <bean id="AuthenticationService_security" class="net.sf.acegisecurity.intercept.method.aopalliance.MethodSecurityInterceptor">
@@ -657,6 +657,7 @@
                org.alfresco.service.cmr.security.AuthenticationService.getCurrentTicket=ACL_ALLOW
                org.alfresco.service.cmr.security.AuthenticationService.clearCurrentSecurityContext=ACL_ALLOW
                org.alfresco.service.cmr.security.AuthenticationService.isCurrentUserTheSystemUser=ACL_ALLOW
+                org.alfresco.service.cmr.security.AuthenticationService.guestUserAuthenticationAllowed=ACL_ALLOW
                org.alfresco.service.cmr.security.AuthenticationService.getDomains=ACL_METHOD.ROLE_ADMINISTRATOR
                org.alfresco.service.cmr.security.AuthenticationService.getDomainsThatAllowUserCreation=ACL_METHOD.ROLE_ADMINISTRATOR
                org.alfresco.service.cmr.security.AuthenticationService.getDomainsThatAllowUserDeletion=ACL_METHOD.ROLE_ADMINISTRATOR
--- a/source/java/org/alfresco/repo/security/authentication/AbstractAuthenticationComponent.java
+++ b/source/java/org/alfresco/repo/security/authentication/AbstractAuthenticationComponent.java
@@ -257,6 +257,21 @@ public abstract class AbstractAuthenticationComponent implements AuthenticationC
    }

    protected abstract boolean implementationAllowsGuestLogin();
+    
+    /**
+     * @return true if Guest user authentication is allowed, false otherwise
+     */
+    public boolean guestUserAuthenticationAllowed()
+    {
+        if (allowGuestLogin == null)
+        {
+            return (implementationAllowsGuestLogin());
+        }
+        else
+        {
+            return (allowGuestLogin.booleanValue());
+        }
+    }

    /**
     * Remove the current security information
--- a/source/java/org/alfresco/repo/security/authentication/AuthenticationComponent.java
+++ b/source/java/org/alfresco/repo/security/authentication/AuthenticationComponent.java
@@ -84,6 +84,14 @@ public interface AuthenticationComponent
    public Authentication setGuestUserAsCurrentUser();
    
    
+    /**
+     * True if Guest user authentication is allowed, false otherwise
+     * 
+     * @return
+     */
+    public boolean guestUserAuthenticationAllowed();
+    
+    
    /**
     * Get the name of the system user
     * 
--- a/source/java/org/alfresco/repo/security/authentication/AuthenticationServiceImpl.java
+++ b/source/java/org/alfresco/repo/security/authentication/AuthenticationServiceImpl.java
@@ -168,6 +168,10 @@ public class AuthenticationServiceImpl implements AuthenticationService
        authenticationComponent.setGuestUserAsCurrentUser();
    }
    
+    public boolean guestUserAuthenticationAllowed()
+    {
+        return authenticationComponent.guestUserAuthenticationAllowed();
+    }

    public boolean getAllowsUserCreation()
    {
--- a/source/java/org/alfresco/repo/security/authentication/ChainingAuthenticationServiceImpl.java
+++ b/source/java/org/alfresco/repo/security/authentication/ChainingAuthenticationServiceImpl.java
@@ -181,6 +181,19 @@ public class ChainingAuthenticationServiceImpl implements AuthenticationService
        }
        throw new AuthenticationException("Guest authentication not supported");
    }
+    
+    public boolean guestUserAuthenticationAllowed()
+    {
+        for (AuthenticationService authService : getUsableAuthenticationServices())
+        {
+            if (authService.guestUserAuthenticationAllowed())
+            {
+                return true;
+            }
+        }
+        // it isn't allowed in any of the authentication components
+        return false;
+    }

    public boolean authenticationExists(String userName)
    {
--- a/source/java/org/alfresco/repo/security/authentication/TestAuthenticationServiceImpl.java
+++ b/source/java/org/alfresco/repo/security/authentication/TestAuthenticationServiceImpl.java
@@ -229,6 +229,11 @@ public class TestAuthenticationServiceImpl implements AuthenticationService
            throw new AuthenticationException("Guest access denied");
        }
    }
+    
+    public boolean guestUserAuthenticationAllowed()
+    {
+        return allowGuest;
+    }

    public boolean authenticationExists(String userName)
    {
--- a/source/java/org/alfresco/service/cmr/security/AuthenticationService.java
+++ b/source/java/org/alfresco/service/cmr/security/AuthenticationService.java
@@ -110,6 +110,14 @@ public interface AuthenticationService
    @Auditable
    public void authenticateAsGuest() throws AuthenticationException;
    
+    /**
+     * Check if Guest user authentication is allowed.
+     * 
+     * @return true if Guest user authentication is allowed, false otherwise
+     */
+    @Auditable
+    public boolean guestUserAuthenticationAllowed();
+    
    /**
     * Check if the given authentication exists.
     *