Refactoring webscript authentication to deal with redirecting etc. when no valid authentication for the script is available

git-svn-id: https://svn.alfresco.com/repos/alfresco-enterprise/alfresco/HEAD/root@5718 c4b6b30b-aa2e-2d43-bbcb-ca4b014f7261
This commit is contained in:
Kevin Roast
2007-05-18 09:25:38 +00:00
parent 23d297ac26
commit b56f065c94
9 changed files with 47 additions and 46 deletions

View File

@@ -202,7 +202,6 @@ public abstract class WebScriptRuntime
//
// Determine if user already authenticated
//
currentUser = AuthenticationUtil.getCurrentUserName();
if (logger.isDebugEnabled())
{
@@ -214,19 +213,18 @@ public abstract class WebScriptRuntime
//
// Apply appropriate authentication to Web Script invocation
//
authenticate(required, isGuest);
//
// Execute Web Script
wrappedExecute(scriptReq, scriptRes);
if (authenticate(required, isGuest))
{
//
// Execute Web Script
wrappedExecute(scriptReq, scriptRes);
}
}
finally
{
//
// Reset authentication for current thread
//
AuthenticationUtil.clearCurrentSecurityContext();
if (currentUser != null)
{
@@ -293,8 +291,10 @@ public abstract class WebScriptRuntime
*
* @param required required level of authentication
* @param isGuest is the request accessed as Guest
*
* @return true if authorised, false otherwise
*/
protected abstract void authenticate(RequiredAuthentication required, boolean isGuest);
protected abstract boolean authenticate(RequiredAuthentication required, boolean isGuest);
/**
* Pre-execution hook