mirror of
https://github.com/Alfresco/alfresco-community-repo.git
synced 2025-07-24 17:32:48 +00:00
Merged V2.1 to HEAD
6386: Fix for AR-1649
6387: Fix for AR-1645
6388: Updated Polish messages
6389: Updated security providers
6392: Add support to log in as guest with any password (if guest is allowed)
6393: AR-1562 : Cannot directly exit/disable Alfresco JavaScript Debugger window
6394: Allow creation of PropertyValue persisted properties without knowing the type QName
6397: Log Serializable properties don't cause infinte waits
6398: Build fix and tidy up for authentication chaining
Resolved conflicted state of 'root\projects\repository\source\java\org\alfresco\repo\security\authentication\AuthenticationUtil.java'
6402: AR-1643 Web Script args object does not handle multi-value arguments
6407: Removed use of QName "{}silly" as a data type definition.
git-svn-id: https://svn.alfresco.com/repos/alfresco-enterprise/alfresco/HEAD/root@6728 c4b6b30b-aa2e-2d43-bbcb-ca4b014f7261
This commit is contained in:
Derek Hulley
@@ -39,9 +39,8 @@ import org.alfresco.error.AlfrescoRuntimeException;
|
||||
import org.alfresco.service.cmr.security.PermissionService;
|
||||
|
||||
/**
|
||||
* This class abstract the support required to set up and query the Acegi context for security enforcement.
|
||||
*
|
||||
* There are some simple default method implementations to support simple authentication.
|
||||
* This class abstract the support required to set up and query the Acegi context for security enforcement. There are
|
||||
* some simple default method implementations to support simple authentication.
|
||||
*
|
||||
* @author Andy Hind
|
||||
*/
|
||||
@@ -50,7 +49,7 @@ public abstract class AbstractAuthenticationComponent implements AuthenticationC
|
||||
|
||||
// Name of the system user
|
||||
|
||||
private static final String SYSTEM_USER_NAME = "System";
|
||||
static final String SYSTEM_USER_NAME = "System";
|
||||
|
||||
private Boolean allowGuestLogin = null;
|
||||
|
||||
@@ -63,7 +62,24 @@ public abstract class AbstractAuthenticationComponent implements AuthenticationC
|
||||
{
|
||||
this.allowGuestLogin = allowGuestLogin;
|
||||
}
|
||||
|
||||
|
||||
public void authenticate(String userName, char[] password) throws AuthenticationException
|
||||
{
|
||||
if ((userName != null) && (userName.equalsIgnoreCase(PermissionService.GUEST_AUTHORITY)))
|
||||
{
|
||||
setGuestUserAsCurrentUser();
|
||||
}
|
||||
else
|
||||
{
|
||||
authenticateImpl(userName, password);
|
||||
}
|
||||
}
|
||||
|
||||
protected void authenticateImpl(String userName, char[] password)
|
||||
{
|
||||
throw new UnsupportedOperationException();
|
||||
}
|
||||
|
||||
/**
|
||||
* Explicitly set the current user to be authenticated.
|
||||
*
|
||||
@@ -97,8 +113,7 @@ public abstract class AbstractAuthenticationComponent implements AuthenticationC
|
||||
ud = getUserDetails(userName);
|
||||
}
|
||||
|
||||
UsernamePasswordAuthenticationToken auth = new UsernamePasswordAuthenticationToken(ud, "", ud
|
||||
.getAuthorities());
|
||||
UsernamePasswordAuthenticationToken auth = new UsernamePasswordAuthenticationToken(ud, "", ud.getAuthorities());
|
||||
auth.setDetails(ud);
|
||||
auth.setAuthenticated(true);
|
||||
return setCurrentAuthentication(auth);
|
||||
@@ -133,28 +148,7 @@ public abstract class AbstractAuthenticationComponent implements AuthenticationC
|
||||
*/
|
||||
public Authentication setCurrentAuthentication(Authentication authentication)
|
||||
{
|
||||
if (authentication == null)
|
||||
{
|
||||
clearCurrentSecurityContext();
|
||||
return null;
|
||||
}
|
||||
else
|
||||
{
|
||||
Context context = ContextHolder.getContext();
|
||||
SecureContext sc = null;
|
||||
if ((context == null) || !(context instanceof SecureContext))
|
||||
{
|
||||
sc = new SecureContextImpl();
|
||||
ContextHolder.setContext(sc);
|
||||
}
|
||||
else
|
||||
{
|
||||
sc = (SecureContext) context;
|
||||
}
|
||||
authentication.setAuthenticated(true);
|
||||
sc.setAuthentication(authentication);
|
||||
return authentication;
|
||||
}
|
||||
return AuthenticationUtil.setCurrentAuthentication(authentication);
|
||||
}
|
||||
|
||||
/**
|
||||
@@ -165,12 +159,7 @@ public abstract class AbstractAuthenticationComponent implements AuthenticationC
|
||||
*/
|
||||
public Authentication getCurrentAuthentication() throws AuthenticationException
|
||||
{
|
||||
Context context = ContextHolder.getContext();
|
||||
if ((context == null) || !(context instanceof SecureContext))
|
||||
{
|
||||
return null;
|
||||
}
|
||||
return ((SecureContext) context).getAuthentication();
|
||||
return AuthenticationUtil.getCurrentAuthentication();
|
||||
}
|
||||
|
||||
/**
|
||||
@@ -181,12 +170,7 @@ public abstract class AbstractAuthenticationComponent implements AuthenticationC
|
||||
*/
|
||||
public String getCurrentUserName() throws AuthenticationException
|
||||
{
|
||||
Context context = ContextHolder.getContext();
|
||||
if ((context == null) || !(context instanceof SecureContext))
|
||||
{
|
||||
return null;
|
||||
}
|
||||
return getUserName(((SecureContext) context).getAuthentication());
|
||||
return AuthenticationUtil.getCurrentUserName();
|
||||
}
|
||||
|
||||
/**
|
||||
@@ -201,7 +185,7 @@ public abstract class AbstractAuthenticationComponent implements AuthenticationC
|
||||
String username;
|
||||
if (authentication.getPrincipal() instanceof UserDetails)
|
||||
{
|
||||
username = ((UserDetails)authentication.getPrincipal()).getUsername();
|
||||
username = ((UserDetails) authentication.getPrincipal()).getUsername();
|
||||
}
|
||||
else
|
||||
{
|
||||
@@ -246,31 +230,31 @@ public abstract class AbstractAuthenticationComponent implements AuthenticationC
|
||||
{
|
||||
if (allowGuestLogin == null)
|
||||
{
|
||||
if(implementationAllowsGuestLogin())
|
||||
if (implementationAllowsGuestLogin())
|
||||
{
|
||||
return setCurrentUser(PermissionService.GUEST_AUTHORITY);
|
||||
}
|
||||
else
|
||||
{
|
||||
throw new AuthenticationException("Guest authentication is not allowed");
|
||||
throw new AuthenticationException("Guest authentication is not allowed");
|
||||
}
|
||||
}
|
||||
else
|
||||
{
|
||||
if(allowGuestLogin.booleanValue())
|
||||
if (allowGuestLogin.booleanValue())
|
||||
{
|
||||
return setCurrentUser(PermissionService.GUEST_AUTHORITY);
|
||||
}
|
||||
else
|
||||
{
|
||||
throw new AuthenticationException("Guest authentication is not allowed");
|
||||
throw new AuthenticationException("Guest authentication is not allowed");
|
||||
}
|
||||
|
||||
|
||||
}
|
||||
}
|
||||
|
||||
protected abstract boolean implementationAllowsGuestLogin();
|
||||
|
||||
|
||||
/**
|
||||
* @return true if Guest user authentication is allowed, false otherwise
|
||||
*/
|
||||
@@ -291,7 +275,7 @@ public abstract class AbstractAuthenticationComponent implements AuthenticationC
|
||||
*/
|
||||
public void clearCurrentSecurityContext()
|
||||
{
|
||||
ContextHolder.setContext(null);
|
||||
AuthenticationUtil.clearCurrentSecurityContext();
|
||||
}
|
||||
|
||||
/**
|
||||
|
||||
@@ -65,7 +65,7 @@ public class AuthenticationComponentImpl extends AbstractAuthenticationComponent
|
||||
/**
|
||||
* Authenticate
|
||||
*/
|
||||
public void authenticate(String userName, char[] password) throws AuthenticationException
|
||||
protected void authenticateImpl(String userName, char[] password) throws AuthenticationException
|
||||
{
|
||||
try
|
||||
{
|
||||
|
||||
@@ -234,6 +234,11 @@ public class AuthenticationTest extends TestCase
|
||||
}
|
||||
}
|
||||
|
||||
public void testGuest()
|
||||
{
|
||||
authenticationService.authenticate("GUEST", "".toCharArray());
|
||||
}
|
||||
|
||||
public void testCreateUsers()
|
||||
{
|
||||
authenticationService.createAuthentication("GUEST", "".toCharArray());
|
||||
|
||||
@@ -140,30 +140,38 @@ public abstract class AuthenticationUtil
|
||||
*/
|
||||
public static Authentication setCurrentAuthentication(Authentication authentication)
|
||||
{
|
||||
Context context = ContextHolder.getContext();
|
||||
SecureContext sc = null;
|
||||
if ((context == null) || !(context instanceof SecureContext))
|
||||
if (authentication == null)
|
||||
{
|
||||
sc = new SecureContextImpl();
|
||||
ContextHolder.setContext(sc);
|
||||
clearCurrentSecurityContext();
|
||||
return null;
|
||||
}
|
||||
else
|
||||
{
|
||||
sc = (SecureContext) context;
|
||||
}
|
||||
authentication.setAuthenticated(true);
|
||||
sc.setAuthentication(authentication);
|
||||
Context context = ContextHolder.getContext();
|
||||
SecureContext sc = null;
|
||||
if ((context == null) || !(context instanceof SecureContext))
|
||||
{
|
||||
sc = new SecureContextImpl();
|
||||
ContextHolder.setContext(sc);
|
||||
}
|
||||
else
|
||||
{
|
||||
sc = (SecureContext) context;
|
||||
}
|
||||
authentication.setAuthenticated(true);
|
||||
sc.setAuthentication(authentication);
|
||||
|
||||
// Support for logging tenant domain / username (via log4j NDC)
|
||||
String userName = SYSTEM_USER_NAME;
|
||||
if (authentication.getPrincipal() instanceof UserDetails)
|
||||
{
|
||||
userName = ((UserDetails) authentication.getPrincipal()).getUsername();
|
||||
// Support for logging tenant domain / username (via log4j NDC)
|
||||
String userName = SYSTEM_USER_NAME;
|
||||
if (authentication.getPrincipal() instanceof UserDetails)
|
||||
{
|
||||
userName = ((UserDetails) authentication.getPrincipal()).getUsername();
|
||||
}
|
||||
|
||||
logNDC(userName);
|
||||
|
||||
return authentication;
|
||||
}
|
||||
|
||||
logNDC(userName);
|
||||
|
||||
return authentication;
|
||||
}
|
||||
|
||||
public static void logNDC(String userName)
|
||||
|
||||
@@ -34,8 +34,7 @@ import net.sf.acegisecurity.providers.encoding.BaseDigestPasswordEncoder;
|
||||
import org.apache.commons.codec.DecoderException;
|
||||
import org.apache.commons.codec.binary.Base64;
|
||||
import org.apache.commons.codec.binary.Hex;
|
||||
|
||||
import cryptix.jce.provider.CryptixCrypto;
|
||||
import org.bouncycastle.jce.provider.BouncyCastleProvider;
|
||||
|
||||
/**
|
||||
* <p>
|
||||
@@ -62,7 +61,7 @@ public class MD4PasswordEncoderImpl extends BaseDigestPasswordEncoder implements
|
||||
}
|
||||
catch (NoSuchAlgorithmException e)
|
||||
{
|
||||
Security.addProvider(new CryptixCrypto());
|
||||
Security.addProvider(new BouncyCastleProvider());
|
||||
}
|
||||
}
|
||||
|
||||
|
||||
@@ -51,7 +51,7 @@ public class SimpleAcceptOrRejectAllAuthenticationComponentImpl extends Abstract
|
||||
this.accept = accept;
|
||||
}
|
||||
|
||||
public void authenticate(String userName, char[] password) throws AuthenticationException
|
||||
public void authenticateImpl(String userName, char[] password) throws AuthenticationException
|
||||
{
|
||||
if(accept)
|
||||
{
|
||||
|
||||
@@ -126,7 +126,7 @@ public class JAASAuthenticationComponent extends AbstractAuthenticationComponent
|
||||
/**
|
||||
* Implement Authentication
|
||||
*/
|
||||
public void authenticate(String userName, char[] password) throws AuthenticationException
|
||||
protected void authenticateImpl(String userName, char[] password) throws AuthenticationException
|
||||
{
|
||||
|
||||
LoginContext lc;
|
||||
|
||||
@@ -62,7 +62,7 @@ public class LDAPAuthenticationComponentImpl extends AbstractAuthenticationCompo
|
||||
/**
|
||||
* Implement the authentication method
|
||||
*/
|
||||
public void authenticate(String userName, char[] password) throws AuthenticationException
|
||||
protected void authenticateImpl(String userName, char[] password) throws AuthenticationException
|
||||
{
|
||||
InitialDirContext ctx = null;
|
||||
try
|
||||
|
||||
@@ -507,7 +507,7 @@ public class NTLMAuthenticationComponentImpl extends AbstractAuthenticationCompo
|
||||
* @param password char[]
|
||||
* @throws AuthenticationException
|
||||
*/
|
||||
public void authenticate(String userName, char[] password) throws AuthenticationException
|
||||
protected void authenticateImpl(String userName, char[] password) throws AuthenticationException
|
||||
{
|
||||
// Debug
|
||||
|
||||
|
||||
Reference in New Issue
Block a user