inteligr8/alfresco-community-repo
1
0
Fork 0
mirror of https://github.com/Alfresco/alfresco-community-repo.git synced 2025-08-07 17:49:17 +00:00
Code Issues Packages Projects Releases Wiki Activity

Merged HEAD-BUG-FIX (4.3/Cloud) to HEAD (4.3/Cloud)

Browse Source 
57700: Merged V4.2-BUG-FIX (4.2.1) to HEAD-BUG-FIX (Cloud/4.3)
      57647: Merged V4.1-BUG-FIX (4.1.8) to V4.2-BUG-FIX (4.2.1)
         57582: Merged DEV to V4.1-BUG-FIX (4.1.8) with corrections
            56334: MNT-9712: VTI doesn't allow external authentication.
             - Modify org.alfresco.web.sharepoint.auth.BasicAuthenticationHandler to check Remote User 
             - Add unit test.


git-svn-id: https://svn.alfresco.com/repos/alfresco-enterprise/alfresco/HEAD/root@61868 c4b6b30b-aa2e-2d43-bbcb-ca4b014f7261
This commit is contained in:
Alan Davis
2014-02-11 21:24:20 +00:00
parent 64b99bc21d
commit afc224f2b6
2 changed files with 42 additions and 6 deletions
Download Patch File Download Diff File Expand all files Collapse all files

6
config/alfresco/web-client-application-context.xml
View File

@@ -324,6 +324,12 @@
<property name="personService"> <property name="personService">
<ref bean="PersonService" /> <ref bean="PersonService" />
</property> </property>
<property name="remoteUserMapper">
<ref bean="RemoteUserMapper" />
</property>
<property name="authenticationComponent">
<ref bean="AuthenticationComponent" />
</property>
</bean> </bean>
</property> </property>
</bean> </bean>

42
source/java/org/alfresco/web/sharepoint/auth/BasicAuthenticationHandler.java
View File

@@ -27,10 +27,11 @@ import javax.servlet.http.HttpServletResponse;
import javax.servlet.http.HttpSession; import javax.servlet.http.HttpSession;
import org.alfresco.repo.SessionUser; import org.alfresco.repo.SessionUser;
import org.alfresco.repo.management.subsystems.ActivateableBean;
import org.alfresco.repo.security.authentication.AuthenticationComponent;
import org.alfresco.repo.security.authentication.AuthenticationException; import org.alfresco.repo.security.authentication.AuthenticationException;
import org.alfresco.repo.web.auth.AuthenticationListener; import org.alfresco.repo.web.auth.AuthenticationListener;
import org.alfresco.repo.web.auth.BasicAuthCredentials; import org.alfresco.repo.web.auth.BasicAuthCredentials;
import org.alfresco.repo.web.auth.TicketCredentials;
import org.alfresco.repo.webdav.auth.SharepointConstants; import org.alfresco.repo.webdav.auth.SharepointConstants;
import org.alfresco.web.bean.repository.User; import org.alfresco.web.bean.repository.User;
import org.apache.commons.codec.binary.Base64; import org.apache.commons.codec.binary.Base64;
@@ -49,6 +50,8 @@ public class BasicAuthenticationHandler extends AbstractAuthenticationHandler im
private final static String BASIC_START = "Basic"; private final static String BASIC_START = "Basic";
private AuthenticationListener authenticationListener; private AuthenticationListener authenticationListener;
protected RemoteUserMapper remoteUserMapper;
protected AuthenticationComponent authenticationComponent;
/** /**
* Set the authentication listener * Set the authentication listener
@@ -98,8 +101,8 @@ public class BasicAuthenticationHandler extends AbstractAuthenticationHandler im
{ {
String authHdr = request.getHeader(HEADER_AUTHORIZATION); String authHdr = request.getHeader(HEADER_AUTHORIZATION);
HttpSession session = request.getSession(false); HttpSession session = request.getSession(false);
SessionUser user = session == null ? null : (SessionUser) session.getAttribute(USER_SESSION_ATTRIBUTE); SessionUser sessionUser = session == null ? null : (SessionUser) session.getAttribute(USER_SESSION_ATTRIBUTE);
if (user == null) if (sessionUser == null)
{ {
if (authHdr != null && authHdr.length() > 5 && authHdr.substring(0, 5).equalsIgnoreCase(BASIC_START)) if (authHdr != null && authHdr.length() > 5 && authHdr.substring(0, 5).equalsIgnoreCase(BASIC_START))
{ {
@@ -147,18 +150,33 @@ public class BasicAuthenticationHandler extends AbstractAuthenticationHandler im
authenticationListener.authenticationFailed(new BasicAuthCredentials(username, password), ex); authenticationListener.authenticationFailed(new BasicAuthCredentials(username, password), ex);
} }
} }
else
{
if (remoteUserMapper != null && (!(remoteUserMapper instanceof ActivateableBean) || ((ActivateableBean) remoteUserMapper).isActive()))
{
String userId = remoteUserMapper.getRemoteUser(request);
if (userId != null)
{
// authenticated by other
authenticationComponent.setCurrentUser(userId);
request.getSession().setAttribute(USER_SESSION_ATTRIBUTE, new User(userId, authenticationService.getCurrentTicket(), personService.getPerson(userId)));
return true;
}
}
}
} }
else else
{ {
try try
{ {
authenticationService.validate(user.getTicket()); authenticationService.validate(sessionUser.getTicket());
authenticationListener.userAuthenticated(new TicketCredentials(user.getTicket())); authenticationListener.userAuthenticated(new TicketCredentials(sessionUser.getTicket()));
return true; return true;
} }
catch (AuthenticationException ex) catch (AuthenticationException ex)
{ {
authenticationListener.authenticationFailed(new TicketCredentials(user.getTicket()), ex); authenticationListener.authenticationFailed(new TicketCredentials(sessionUser.getTicket()), ex);
session.invalidate(); session.invalidate();
} }
} }
@@ -171,4 +189,16 @@ public class BasicAuthenticationHandler extends AbstractAuthenticationHandler im
{ {
return "Basic realm=\"Alfresco Server\""; return "Basic realm=\"Alfresco Server\"";
} }
public void setRemoteUserMapper(RemoteUserMapper remoteUserMapper)
{
this.remoteUserMapper = remoteUserMapper;
}
public void setAuthenticationComponent(AuthenticationComponent authenticationComponent)
{
this.authenticationComponent = authenticationComponent;
}
} }