Merged V3.0 to HEAD

11403: NTLM authentication filter for SURF web-framework apps git-svn-id: https://svn.alfresco.com/repos/alfresco-enterprise/alfresco/HEAD/root@12426 c4b6b30b-aa2e-2d43-bbcb-ca4b014f7261
2025-08-07 17:49:17 +00:00 · 2008-12-17 05:53:21 +00:00
parent 9bce6404be
commit c5bdc7f05b
4 changed files with 19 additions and 11 deletions
--- a/source/java/org/alfresco/repo/webdav/auth/BaseNTLMAuthenticationFilter.java
+++ b/source/java/org/alfresco/repo/webdav/auth/BaseNTLMAuthenticationFilter.java
@@ -527,7 +527,7 @@ public abstract class BaseNTLMAuthenticationFilter implements Filter
                {
                    // Passthru mode, send the hashed password details to the passthru authentication server
                    NTLMPassthruToken authToken = (NTLMPassthruToken) ntlmDetails.getAuthenticationToken();
-                    authToken.setUserAndPassword( type3Msg.getUserName(), type3Msg.getNTLMHash(), PasswordEncryptor.NTLM1);
+                    authToken.setUserAndPassword(type3Msg.getUserName(), type3Msg.getNTLMHash(), PasswordEncryptor.NTLM1);
                    
                    try
                    {
@@ -592,7 +592,7 @@ public abstract class BaseNTLMAuthenticationFilter implements Filter
                if (ntlmDetails == null)
                {
                    // No cached NTLM details
-                    ntlmDetails = new NTLMLogonDetails( userName, workstation, domain, false, m_srvName);
+                    ntlmDetails = new NTLMLogonDetails(userName, workstation, domain, false, m_srvName);
                    ntlmDetails.setNTLMHashedPassword(type3Msg.getNTLMHash());
                    session.setAttribute(NTLM_AUTH_DETAILS, ntlmDetails);
                    
--- a/source/java/org/alfresco/repo/webdav/auth/NTLMAuthenticationFilter.java
+++ b/source/java/org/alfresco/repo/webdav/auth/NTLMAuthenticationFilter.java
@@ -256,8 +256,6 @@ public class NTLMAuthenticationFilter extends BaseNTLMAuthenticationFilter
    protected SessionUser createUserEnvironment(HttpSession session, String userName)
        throws IOException, ServletException
    {
-        Log logger = getLogger();
-        
        SessionUser user = null;
        
        UserTransaction tx = m_transactionService.getUserTransaction();
@@ -266,15 +264,17 @@ public class NTLMAuthenticationFilter extends BaseNTLMAuthenticationFilter
        {
            tx.begin();
            
-            // Get user details for the authenticated user
-            m_authComponent.setCurrentUser(userName.toLowerCase());
-            
-            // The user name used may be a different case to the NTLM supplied user name,
-            // read the current user and use that name
-            userName = m_authComponent.getCurrentUserName();
-            
            // Setup User object and Home space ID etc.
            NodeRef personNodeRef = m_personService.getPerson(userName);
+            
+            // Use the system user context to do the user lookup
+            m_authComponent.setCurrentUser(m_authComponent.getSystemUserName());
+            
+            // User name should match the uid in the person entry found
+            m_authComponent.setSystemUserAsCurrentUser();
+            userName = (String) m_nodeService.getProperty(personNodeRef, ContentModel.PROP_USERNAME);
+            
+            m_authComponent.setCurrentUser(userName);
            String currentTicket = m_authService.getCurrentTicket();
            user = new WebDAVUser(userName, currentTicket, personNodeRef);