inteligr8/alfresco-community-repo
1
0
Fork 0
mirror of https://github.com/Alfresco/alfresco-community-repo.git synced 2025-08-07 17:49:17 +00:00
Code Issues Packages Projects Releases Wiki Activity

Merged V3.3-BUG-FIX to HEAD

Browse Source 
22588: Merged V3.3 to V3.3-BUG-FIX
      22535: ALF-4472: Possible fix for Sharepoint Basic Authentication Issues
         - Forgot to make basic authentication handler force a login when necessary
         - Also use cached session information when present
         - Aligns with NTLM and Kerberos handlers


git-svn-id: https://svn.alfresco.com/repos/alfresco-enterprise/alfresco/HEAD/root@22589 c4b6b30b-aa2e-2d43-bbcb-ca4b014f7261
This commit is contained in:
Dave Ward
2010-09-16 12:45:46 +00:00
parent 7a012c7d1b
commit ae9f23673b
1 changed files with 83 additions and 55 deletions
Download Patch File Download Diff File Expand all files Collapse all files

66
source/java/org/alfresco/web/sharepoint/auth/BasicAuthenticationHandler.java
View File

@@ -33,10 +33,11 @@ import org.alfresco.web.bean.repository.User;
import org.apache.commons.codec.binary.Base64; import org.apache.commons.codec.binary.Base64;
/** /**
* <p>BASIC web authentication implementation.</p> * <p>
* BASIC web authentication implementation.
* </p>
* *
* @author PavelYur * @author PavelYur
*
*/ */
public class BasicAuthenticationHandler extends AbstractAuthenticationHandler implements SharepointConstants public class BasicAuthenticationHandler extends AbstractAuthenticationHandler implements SharepointConstants
{ {
@@ -44,14 +45,49 @@ public class BasicAuthenticationHandler extends AbstractAuthenticationHandler im
private final static String BASIC_START = "BASIC"; private final static String BASIC_START = "BASIC";
/*
/* (non-Javadoc) * (non-Javadoc)
* @see org.alfresco.repo.webdav.auth.SharepointAuthenticationHandler#authenticateRequest(javax.servlet.ServletContext, javax.servlet.http.HttpServletRequest, javax.servlet.http.HttpServletResponse) * @see
* org.alfresco.repo.webdav.auth.SharepointAuthenticationHandler#authenticateRequest(javax.servlet.ServletContext,
* javax.servlet.http.HttpServletRequest, javax.servlet.http.HttpServletResponse)
*/ */
public boolean authenticateRequest(ServletContext context, HttpServletRequest request, HttpServletResponse response) public boolean authenticateRequest(ServletContext context, HttpServletRequest request, HttpServletResponse response)
throws IOException, ServletException throws IOException, ServletException
{
if (isUserAuthenticated(context, request))
{
return true;
}
else
{
// Unlike multi-stage authentication protocols like Kerberos / NTLM we have only one possible response to an
// unauthenticated user
restartLoginChallenge(context, request, response);
return false;
}
}
/**
* Returns <code>true</code> if the user is authenticated and their details are cached in the session
*
* @param context
* the servlet context
* @param request
* the servlet request
* @return <code>true</code>, if the user is authenticated
* @throws IOException
* Signals that an I/O exception has occurred.
* @throws ServletException
* On other errors.
*/
public boolean isUserAuthenticated(ServletContext context, HttpServletRequest request) throws IOException,
ServletException
{ {
String authHdr = request.getHeader(HEADER_AUTHORIZATION); String authHdr = request.getHeader(HEADER_AUTHORIZATION);
HttpSession session = request.getSession(false);
SessionUser user = session == null ? null : (SessionUser) session.getAttribute(USER_SESSION_ATTRIBUTE);
if (user == null)
{
if (authHdr != null && authHdr.length() > 5 && authHdr.substring(0, 5).equalsIgnoreCase(BASIC_START)) if (authHdr != null && authHdr.length() > 5 && authHdr.substring(0, 5).equalsIgnoreCase(BASIC_START))
{ {
String basicAuth = new String(Base64.decodeBase64(authHdr.substring(5).getBytes())); String basicAuth = new String(Base64.decodeBase64(authHdr.substring(5).getBytes()));
@@ -83,7 +119,11 @@ public class BasicAuthenticationHandler extends AbstractAuthenticationHandler im
if (logger.isDebugEnabled()) if (logger.isDebugEnabled())
logger.debug("Authenticated user '" + username + "'"); logger.debug("Authenticated user '" + username + "'");
request.getSession().setAttribute(USER_SESSION_ATTRIBUTE, new User(username, authenticationService.getCurrentTicket(), personService.getPerson(username))); request.getSession()
.setAttribute(
USER_SESSION_ATTRIBUTE,
new User(username, authenticationService.getCurrentTicket(), personService
.getPerson(username)));
return true; return true;
} }
@@ -92,20 +132,9 @@ public class BasicAuthenticationHandler extends AbstractAuthenticationHandler im
// Do nothing, user object will be null // Do nothing, user object will be null
} }
} }
}
else else
{ {
HttpSession session = request.getSession(false);
if (session == null)
{
return false;
}
SessionUser user = (SessionUser) session
.getAttribute(USER_SESSION_ATTRIBUTE);
if (user == null)
{
return false;
}
try try
{ {
authenticationService.validate(user.getTicket()); authenticationService.validate(user.getTicket());
@@ -120,7 +149,6 @@ public class BasicAuthenticationHandler extends AbstractAuthenticationHandler im
return false; return false;
} }
@Override @Override
public String getWWWAuthenticate() public String getWWWAuthenticate()
{ {