Merged V3.0 to HEAD

11849: Code/doc clean-up 11850: Show Folders and Simple View buttons not showing correct caption for overridden default 11851: DocLib "move" action needs delete permission 11852: ETHREEOH-662 Incorrect display of 'Invite', 'Edit Site Details', 'Customize Site', 'Customize Dashboard' buttons group in several cases 11855: Removal of obsolete PageRenderer source and config 11856: Log4j added to classpath for Eclipse project build (for recent NTLM filter logging changes) 11857: Added logging settings for various useful connector/ntlm classes 11858: Fixed the passthru authentication logic when a domain name is not specified by the client. The first passthru server that does not have a domain name set will be used. 11868: Output errors message(s) when the Share URL is configured incorrectly 11871: Removed file checked in accidentally, this is generated by continuous build 11872: Changed the WebDAV user object session attribute so that it does not clash with the web-client user attribute. The WebDAV user object is not derived from the User object that the web-client uses. 11874: Fixed ETHREEOH-732: Enabling benchmark-override-context.xml leads to ClassNotFoundException 11875: Fixed ETHREEOH-733: Spring jar missing benchmark remote client git-svn-id: https://svn.alfresco.com/repos/alfresco-enterprise/alfresco/HEAD/root@12484 c4b6b30b-aa2e-2d43-bbcb-ca4b014f7261
2025-08-07 17:49:17 +00:00 · 2008-12-18 12:06:12 +00:00
parent cde0028643
commit c0f04f50b4
2 changed files with 94 additions and 14 deletions
--- a/config/alfresco/extension/benchmark-override-context.xml.sample
+++ b/config/alfresco/extension/benchmark-override-context.xml.sample
@@ -1,4 +1,4 @@
-<?xml version='1.0' encoding='UTF-8'?>
+<?xml version='1.0' encoding='UTF-8'?>
 <!DOCTYPE beans PUBLIC '-//SPRING//DTD BEAN//EN' 'http://www.springframework.org/dtd/spring-beans.dtd'>

 <beans>
@@ -8,18 +8,6 @@
    <bean id="nodeIndexer" class="java.util.ArrayList" />
    -->
   
-    <bean id="auditableAspect" class="org.alfresco.repo.audit.AuditableAspect">
-        <property name="nodeService">
-            <ref bean="nodeService" />
-        </property>
-        <property name="policyComponent">
-            <ref bean="policyComponent" />
-        </property>
-        <property name="authenticationService">
-            <ref bean="authenticationService" />
-        </property>
-    </bean>
-
   <bean id="integrityChecker" class="org.alfresco.repo.node.integrity.IntegrityChecker">
      <property name="policyComponent">
         <ref bean="policyComponent"/>
--- a/source/java/org/alfresco/repo/security/authentication/ntlm/NTLMAuthenticationComponentImpl.java
+++ b/source/java/org/alfresco/repo/security/authentication/ntlm/NTLMAuthenticationComponentImpl.java
@@ -33,6 +33,7 @@ import java.security.Provider;
 import java.security.Security;
 import java.util.Enumeration;
 import java.util.Hashtable;
+import java.util.StringTokenizer;

 import javax.transaction.UserTransaction;

@@ -45,8 +46,10 @@ import net.sf.acegisecurity.GrantedAuthorityImpl;

 import org.alfresco.error.AlfrescoRuntimeException;
 import org.alfresco.jlan.server.auth.PasswordEncryptor;
+import org.alfresco.jlan.server.auth.passthru.AuthSessionFactory;
 import org.alfresco.jlan.server.auth.passthru.AuthenticateSession;
 import org.alfresco.jlan.server.auth.passthru.PassthruServers;
+import org.alfresco.jlan.smb.Protocol;
 import org.alfresco.jlan.smb.SMBException;
 import org.alfresco.jlan.smb.SMBStatus;
 import org.alfresco.model.ContentModel;
@@ -118,6 +121,10 @@ public class NTLMAuthenticationComponentImpl extends AbstractAuthenticationCompo
    
    private PassthruReaperThread m_reaperThread;
    
+    // Null domain uses any available server option
+    
+    private boolean m_nullDomainUseAnyServer;
+    
    /**
     * Passthru Session Reaper Thread
     */
@@ -247,6 +254,8 @@ public class NTLMAuthenticationComponentImpl extends AbstractAuthenticationCompo
        
        m_passthruServers = new PassthruServers();
        
+        m_passthruServers.setDebug( logger.isDebugEnabled());
+        
        // Create the password encryptor for local password hashing
        
        m_encryptor = new PasswordEncryptor();
@@ -381,6 +390,20 @@ public class NTLMAuthenticationComponentImpl extends AbstractAuthenticationCompo
    {
        m_allowAuthUserAsGuest = Boolean.parseBoolean(auth);
    }
+
+    /**
+     * Allow null domain passthru logons to use the first available passthru server
+     * 
+     * @param nullDomain String
+     */
+    public void setNullDomainUseAnyServer(String nullDomain)
+    {
+        m_nullDomainUseAnyServer = Boolean.parseBoolean(nullDomain);
+        
+        // Push the setting to the passthru server component
+        
+        m_passthruServers.setNullDomainUseAnyServer( m_nullDomainUseAnyServer);
+    }
    
    /**
     * Set the JCE provider
@@ -460,7 +483,67 @@ public class NTLMAuthenticationComponentImpl extends AbstractAuthenticationCompo
            throw new AlfrescoRuntimeException("Invalid authenication session timeout value");
        }
    }
-    
+
+    /**
+     * Set the protocol order for passthru connections
+     * 
+     * @param protoOrder String
+     */
+    public void setProtocolOrder(String protoOrder)
+    {
+    	// Parse the protocol order list
+    	
+    	StringTokenizer tokens = new StringTokenizer( protoOrder, ",");
+    	int primaryProto = Protocol.None;
+    	int secondaryProto = Protocol.None;
+
+    	// There should only be one or two tokens
+    	
+    	if ( tokens.countTokens() > 2)
+    		throw new AlfrescoRuntimeException("Invalid protocol order list, " + protoOrder);
+    	
+    	// Get the primary protocol
+    	
+    	if ( tokens.hasMoreTokens())
+    	{
+    		// Parse the primary protocol
+    		
+    		String primaryStr = tokens.nextToken();
+    		
+    		if ( primaryStr.equalsIgnoreCase( "TCPIP"))
+    			primaryProto = Protocol.NativeSMB;
+    		else if ( primaryStr.equalsIgnoreCase( "NetBIOS"))
+    			primaryProto = Protocol.TCPNetBIOS;
+    		else
+    			throw new AlfrescoRuntimeException("Invalid protocol type, " + primaryStr);
+    		
+    		// Check if there is a secondary protocol, and validate
+    		
+    		if ( tokens.hasMoreTokens())
+    		{
+    			// Parse the secondary protocol
+    			
+    			String secondaryStr = tokens.nextToken();
+    			
+    			if ( secondaryStr.equalsIgnoreCase( "TCPIP") && primaryProto != Protocol.NativeSMB)
+    				secondaryProto = Protocol.NativeSMB;
+    			else if ( secondaryStr.equalsIgnoreCase( "NetBIOS") && primaryProto != Protocol.TCPNetBIOS)
+    				secondaryProto = Protocol.TCPNetBIOS;
+    			else
+    				throw new AlfrescoRuntimeException("Invalid secondary protocol, " + secondaryStr);
+    		}
+    	}
+    	
+    	// Set the protocol order used for passthru authentication sessions
+    	
+    	AuthSessionFactory.setProtocolOrder( primaryProto, secondaryProto);
+    	
+    	// DEBUG
+    	
+    	if (logger.isDebugEnabled())
+    		logger.debug("Protocol order primary=" + Protocol.asString(primaryProto) + ", secondary=" + Protocol.asString(secondaryProto));
+    }
+
    /**
     * Return the authentication session timeout, in milliseconds
     * 
@@ -538,8 +621,17 @@ public class NTLMAuthenticationComponentImpl extends AbstractAuthenticationCompo
                
                authSess = m_passthruServers.openSession();
                
+                // Check fi the passthru session is valid
+                	
                if ( authSess == null)
+                {
+                    // DEBUG
+                    
+                    if ( logger.isDebugEnabled())
+                    	logger.debug( "Failed to open passthru session, or no valid passthru server available for " + ntlmToken);
+                    	
                	throw new AuthenticationException("Failed to open session to passthru server");
+                }
                
                // Authenticate using the credentials supplied