From c5bdc7f05b4c945e1423425007d4cd7e11bfabd7 Mon Sep 17 00:00:00 2001
From: Derek Hulley <derek.hulley@alfresco.com>
Date: Wed, 17 Dec 2008 05:53:21 +0000
Subject: [PATCH] Merged V3.0 to HEAD    11403: NTLM authentication filter for
 SURF web-framework apps

git-svn-id: https://svn.alfresco.com/repos/alfresco-enterprise/alfresco/HEAD/root@12426 c4b6b30b-aa2e-2d43-bbcb-ca4b014f7261
---
 .../org/alfresco/repository/touch.get.desc.xml |  8 ++++++++
 .../org/alfresco/repository/touch.get.html.ftl |  0
 .../auth/BaseNTLMAuthenticationFilter.java     |  4 ++--
 .../webdav/auth/NTLMAuthenticationFilter.java  | 18 +++++++++---------
 4 files changed, 19 insertions(+), 11 deletions(-)
 create mode 100644 config/alfresco/templates/webscripts/org/alfresco/repository/touch.get.desc.xml
 create mode 100644 config/alfresco/templates/webscripts/org/alfresco/repository/touch.get.html.ftl

diff --git a/config/alfresco/templates/webscripts/org/alfresco/repository/touch.get.desc.xml b/config/alfresco/templates/webscripts/org/alfresco/repository/touch.get.desc.xml
new file mode 100644
index 0000000000..c07f4b1633
--- /dev/null
+++ b/config/alfresco/templates/webscripts/org/alfresco/repository/touch.get.desc.xml
@@ -0,0 +1,8 @@
+<webscript>
+  <shortname>Touch</shortname>
+  <description>Touch the server - return a simple 200 OK status</description>
+  <url>/touch</url>
+  <format default="html"/>
+  <authentication>none</authentication>
+  <transaction>none</transaction>
+</webscript>
\ No newline at end of file
diff --git a/config/alfresco/templates/webscripts/org/alfresco/repository/touch.get.html.ftl b/config/alfresco/templates/webscripts/org/alfresco/repository/touch.get.html.ftl
new file mode 100644
index 0000000000..e69de29bb2
diff --git a/source/java/org/alfresco/repo/webdav/auth/BaseNTLMAuthenticationFilter.java b/source/java/org/alfresco/repo/webdav/auth/BaseNTLMAuthenticationFilter.java
index 2446a43fa2..3cdfafb822 100644
--- a/source/java/org/alfresco/repo/webdav/auth/BaseNTLMAuthenticationFilter.java
+++ b/source/java/org/alfresco/repo/webdav/auth/BaseNTLMAuthenticationFilter.java
@@ -527,7 +527,7 @@ public abstract class BaseNTLMAuthenticationFilter implements Filter
                 {
                     // Passthru mode, send the hashed password details to the passthru authentication server
                     NTLMPassthruToken authToken = (NTLMPassthruToken) ntlmDetails.getAuthenticationToken();
-                    authToken.setUserAndPassword( type3Msg.getUserName(), type3Msg.getNTLMHash(), PasswordEncryptor.NTLM1);
+                    authToken.setUserAndPassword(type3Msg.getUserName(), type3Msg.getNTLMHash(), PasswordEncryptor.NTLM1);
                     
                     try
                     {
@@ -592,7 +592,7 @@ public abstract class BaseNTLMAuthenticationFilter implements Filter
                 if (ntlmDetails == null)
                 {
                     // No cached NTLM details
-                    ntlmDetails = new NTLMLogonDetails( userName, workstation, domain, false, m_srvName);
+                    ntlmDetails = new NTLMLogonDetails(userName, workstation, domain, false, m_srvName);
                     ntlmDetails.setNTLMHashedPassword(type3Msg.getNTLMHash());
                     session.setAttribute(NTLM_AUTH_DETAILS, ntlmDetails);
                     
diff --git a/source/java/org/alfresco/repo/webdav/auth/NTLMAuthenticationFilter.java b/source/java/org/alfresco/repo/webdav/auth/NTLMAuthenticationFilter.java
index cc5dbf24f7..29cb4284cd 100644
--- a/source/java/org/alfresco/repo/webdav/auth/NTLMAuthenticationFilter.java
+++ b/source/java/org/alfresco/repo/webdav/auth/NTLMAuthenticationFilter.java
@@ -256,8 +256,6 @@ public class NTLMAuthenticationFilter extends BaseNTLMAuthenticationFilter
     protected SessionUser createUserEnvironment(HttpSession session, String userName)
         throws IOException, ServletException
     {
-        Log logger = getLogger();
-        
         SessionUser user = null;
         
         UserTransaction tx = m_transactionService.getUserTransaction();
@@ -266,15 +264,17 @@ public class NTLMAuthenticationFilter extends BaseNTLMAuthenticationFilter
         {
             tx.begin();
             
-            // Get user details for the authenticated user
-            m_authComponent.setCurrentUser(userName.toLowerCase());
-            
-            // The user name used may be a different case to the NTLM supplied user name,
-            // read the current user and use that name
-            userName = m_authComponent.getCurrentUserName();
-            
             // Setup User object and Home space ID etc.
             NodeRef personNodeRef = m_personService.getPerson(userName);
+            
+            // Use the system user context to do the user lookup
+            m_authComponent.setCurrentUser(m_authComponent.getSystemUserName());
+            
+            // User name should match the uid in the person entry found
+            m_authComponent.setSystemUserAsCurrentUser();
+            userName = (String) m_nodeService.getProperty(personNodeRef, ContentModel.PROP_USERNAME);
+            
+            m_authComponent.setCurrentUser(userName);
             String currentTicket = m_authService.getCurrentTicket();
             user = new WebDAVUser(userName, currentTicket, personNodeRef);