inteligr8/alfresco-community-repo
1
0
Fork 0
mirror of https://github.com/Alfresco/alfresco-community-repo.git synced 2025-08-07 17:49:17 +00:00
Code Issues Packages Projects Releases Wiki Activity

Refactoring webscript authentication to deal with redirecting etc. when no valid authentication for the script is available

Browse Source 
git-svn-id: https://svn.alfresco.com/repos/alfresco-enterprise/alfresco/HEAD/root@5718 c4b6b30b-aa2e-2d43-bbcb-ca4b014f7261
This commit is contained in:
Kevin Roast
2007-05-18 09:25:38 +00:00
parent 23d297ac26
commit b56f065c94
9 changed files with 47 additions and 46 deletions
Download Patch File Download Diff File Expand all files Collapse all files

3
source/java/org/alfresco/web/scripts/BasicHttpAuthenticator.java
View File

@@ -60,7 +60,7 @@ public class BasicHttpAuthenticator implements WebScriptServletAuthenticator
/* (non-Javadoc)
* @see org.aopalliance.intercept.MethodInterceptor#invoke(org.aopalliance.intercept.MethodInvocation)
*/
public void authenticate(RequiredAuthentication required, boolean isGuest, HttpServletRequest req, HttpServletResponse res)
public boolean authenticate(RequiredAuthentication required, boolean isGuest, HttpServletRequest req, HttpServletResponse res)
{
boolean authorized = false;
@@ -146,6 +146,7 @@ public class BasicHttpAuthenticator implements WebScriptServletAuthenticator
res.setStatus(401);
res.setHeader("WWW-Authenticate", "Basic realm=\"Alfresco\"");
}
return authorized;
}
}

9
source/java/org/alfresco/web/scripts/WebClientAuthenticator.java
View File

@@ -38,7 +38,6 @@ import org.apache.commons.logging.Log;
import org.apache.commons.logging.LogFactory;
import org.springframework.web.context.ServletContextAware;
/**
* Alfresco Web Client Authentication Interceptor
*
@@ -64,17 +63,15 @@ public class WebClientAuthenticator implements WebScriptServletAuthenticator, Se
/* (non-Javadoc)
* @see org.alfresco.web.scripts.WebScriptServletAuthenticator#authenticate(org.alfresco.web.scripts.WebScriptDescription.RequiredAuthentication, boolean, javax.servlet.http.HttpServletRequest, javax.servlet.http.HttpServletResponse)
*/
public void authenticate(RequiredAuthentication required, boolean isGuest, HttpServletRequest req, HttpServletResponse res)
public boolean authenticate(RequiredAuthentication required, boolean isGuest, HttpServletRequest req, HttpServletResponse res)
{
AuthenticationStatus status = null;
try
{
//
// validate credentials
//
String ticket = req.getParameter("ticket");
if (logger.isDebugEnabled())
@@ -110,7 +107,6 @@ public class WebClientAuthenticator implements WebScriptServletAuthenticator, Se
//
// if not authorized, redirect to login page
//
if (status == null || status == AuthenticationStatus.Failure)
{
// authentication failed - now need to display the login page to the user, if asked to
@@ -124,6 +120,7 @@ public class WebClientAuthenticator implements WebScriptServletAuthenticator, Se
{
throw new WebScriptException("Failed to authenticate", e);
}
}
return !(status == null || status == AuthenticationStatus.Failure);
}
}

18
source/java/org/alfresco/web/scripts/WebScriptRuntime.java
View File

@@ -202,7 +202,6 @@ public abstract class WebScriptRuntime
//
// Determine if user already authenticated
//
currentUser = AuthenticationUtil.getCurrentUserName();
if (logger.isDebugEnabled())
{
@@ -214,19 +213,18 @@ public abstract class WebScriptRuntime
//
// Apply appropriate authentication to Web Script invocation
//
authenticate(required, isGuest);
//
// Execute Web Script
wrappedExecute(scriptReq, scriptRes);
if (authenticate(required, isGuest))
{
//
// Execute Web Script
wrappedExecute(scriptReq, scriptRes);
}
}
finally
{
//
// Reset authentication for current thread
//
AuthenticationUtil.clearCurrentSecurityContext();
if (currentUser != null)
{
@@ -293,8 +291,10 @@ public abstract class WebScriptRuntime
*
* @param required required level of authentication
* @param isGuest is the request accessed as Guest
*
* @return true if authorised, false otherwise
*/
protected abstract void authenticate(RequiredAuthentication required, boolean isGuest);
protected abstract boolean authenticate(RequiredAuthentication required, boolean isGuest);
/**
* Pre-execution hook

23
source/java/org/alfresco/web/scripts/WebScriptServletAuthenticator.java
View File

@@ -29,7 +29,6 @@ import javax.servlet.http.HttpServletResponse;
import org.alfresco.web.scripts.WebScriptDescription.RequiredAuthentication;
/**
* Web Script Authenticator for the HTTP Servlet environment
*
@@ -37,15 +36,15 @@ import org.alfresco.web.scripts.WebScriptDescription.RequiredAuthentication;
*/
public interface WebScriptServletAuthenticator
{
/**
* Authenticate Web Script execution
*
* @param required required level of authentication
* @param isGuest is Guest accessing the web script
* @param req http servlet request
* @param res http servlet response
*/
public void authenticate(RequiredAuthentication required, boolean isGuest, HttpServletRequest req, HttpServletResponse res);
/**
* Authenticate Web Script execution
*
* @param required required level of authentication
* @param isGuest is Guest accessing the web script
* @param req http servlet request
* @param res http servlet response
*
* @return true if authorised to execute the script, false otherwise
*/
public boolean authenticate(RequiredAuthentication required, boolean isGuest, HttpServletRequest req, HttpServletResponse res);
}

6
source/java/org/alfresco/web/scripts/WebScriptServletRuntime.java
View File

@@ -100,11 +100,13 @@ public class WebScriptServletRuntime extends WebScriptRuntime
* @see org.alfresco.web.scripts.WebScriptRuntime#authenticate(org.alfresco.web.scripts.WebScriptDescription.RequiredAuthentication, boolean)
*/
@Override
protected void authenticate(RequiredAuthentication required, boolean isGuest)
protected boolean authenticate(RequiredAuthentication required, boolean isGuest)
{
boolean authorised = true;
if (authenticator != null)
{
authenticator.authenticate(required, isGuest, req, res);
authorised = authenticator.authenticate(required, isGuest, req, res);
}
return authorised;
}
}

3
source/java/org/alfresco/web/scripts/jsf/UIWebScript.java
View File

@@ -235,10 +235,11 @@ public class UIWebScript extends SelfRenderingComponent
* @see org.alfresco.web.scripts.WebScriptRuntime#authenticate(org.alfresco.web.scripts.WebScriptDescription.RequiredAuthentication, boolean)
*/
@Override
protected void authenticate(RequiredAuthentication required, boolean isGuest)
protected boolean authenticate(RequiredAuthentication required, boolean isGuest)
{
// JSF component already in an authenticated environment as the
// /faces servlet filter (or JSF portlet wrapper) is called first
return true;
}
/**

4
source/java/org/alfresco/web/scripts/portlet/WebClientPortletAuthenticator.java
View File

@@ -73,7 +73,7 @@ public class WebClientPortletAuthenticator implements WebScriptPortletAuthentica
/* (non-Javadoc)
* @see org.alfresco.web.scripts.portlet.WebScriptPortletAuthenticator#authenticate(org.alfresco.web.scripts.WebScriptDescription.RequiredAuthentication, boolean, javax.portlet.RenderRequest, javax.portlet.RenderResponse)
*/
public void authenticate(RequiredAuthentication required, boolean isGuest, RenderRequest req, RenderResponse res)
public boolean authenticate(RequiredAuthentication required, boolean isGuest, RenderRequest req, RenderResponse res)
{
PortletSession session = req.getPortletSession();
String portalUser = req.getRemoteUser();
@@ -115,6 +115,8 @@ public class WebClientPortletAuthenticator implements WebScriptPortletAuthentica
removeSessionInvalidated(session);
}
}
return true;
}
/**

4
source/java/org/alfresco/web/scripts/portlet/WebScriptPortlet.java
View File

@@ -254,9 +254,9 @@ public class WebScriptPortlet implements Portlet
* @see org.alfresco.web.scripts.WebScriptRuntime#authenticate(org.alfresco.web.scripts.WebScriptDescription.RequiredAuthentication, boolean)
*/
@Override
protected void authenticate(RequiredAuthentication required, boolean isGuest)
protected boolean authenticate(RequiredAuthentication required, boolean isGuest)
{
authenticator.authenticate(required, isGuest, req, res);
return authenticator.authenticate(required, isGuest, req, res);
}
/* (non-Javadoc)

23
source/java/org/alfresco/web/scripts/portlet/WebScriptPortletAuthenticator.java
View File

@@ -29,7 +29,6 @@ import javax.portlet.RenderResponse;
import org.alfresco.web.scripts.WebScriptDescription.RequiredAuthentication;
/**
* Web Script Authenticator for the JSR-168 environment
*
@@ -37,15 +36,15 @@ import org.alfresco.web.scripts.WebScriptDescription.RequiredAuthentication;
*/
public interface WebScriptPortletAuthenticator
{
/**
* Authenticate Web Script execution
*
* @param required required level of authentication
* @param isGuest is Guest accessing the web script
* @param req portlet render request
* @param res portlet render response
*/
public void authenticate(RequiredAuthentication required, boolean isGuest, RenderRequest req, RenderResponse res);
/**
* Authenticate Web Script execution
*
* @param required required level of authentication
* @param isGuest is Guest accessing the web script
* @param req portlet render request
* @param res portlet render response
*
* @return true if authorised, false otherwise
*/
public boolean authenticate(RequiredAuthentication required, boolean isGuest, RenderRequest req, RenderResponse res);
}