mirror of
https://github.com/Alfresco/alfresco-community-repo.git
synced 2025-07-24 17:32:48 +00:00
. Fix for AWC-472
- External access URL bug fix for browsing to spaces when the client is already open (for CIFS usage) . Refactoring of ServletHelper methods into a BaseServlet class git-svn-id: https://svn.alfresco.com/repos/alfresco-enterprise/alfresco/HEAD/root@2302 c4b6b30b-aa2e-2d43-bbcb-ca4b014f7261
This commit is contained in:
Kevin Roast
@@ -77,7 +77,7 @@ public class AuthenticationFilter implements Filter
|
||||
{
|
||||
// authentication failed - so end servlet execution and redirect to login page
|
||||
// also save the requested URL so the login page knows where to redirect too later
|
||||
httpRes.sendRedirect(httpReq.getContextPath() + ServletHelper.FACES_SERVLET + Application.getLoginPage(context));
|
||||
httpRes.sendRedirect(httpReq.getContextPath() + BaseServlet.FACES_SERVLET + Application.getLoginPage(context));
|
||||
httpReq.getSession().setAttribute(LoginBean.LOGIN_REDIRECT_KEY, httpReq.getRequestURI());
|
||||
}
|
||||
}
|
||||
|
||||
@@ -132,7 +132,7 @@ public final class AuthenticationHelper
|
||||
auth.authenticateAsGuest();
|
||||
|
||||
// if we get here then Guest access was allowed and successful
|
||||
ServiceRegistry services = ServletHelper.getServiceRegistry(context);
|
||||
ServiceRegistry services = BaseServlet.getServiceRegistry(context);
|
||||
tx = services.getTransactionService().getUserTransaction();
|
||||
tx.begin();
|
||||
|
||||
|
||||
@@ -25,6 +25,7 @@ import java.util.List;
|
||||
import javax.faces.context.FacesContext;
|
||||
import javax.faces.el.ValueBinding;
|
||||
import javax.servlet.ServletContext;
|
||||
import javax.servlet.http.HttpServlet;
|
||||
import javax.servlet.http.HttpServletRequest;
|
||||
import javax.servlet.http.HttpServletResponse;
|
||||
|
||||
@@ -43,11 +44,11 @@ import org.springframework.web.context.support.WebApplicationContextUtils;
|
||||
import org.springframework.web.jsf.FacesContextUtils;
|
||||
|
||||
/**
|
||||
* Useful constant values and common methods for Alfresco servlets.
|
||||
* Base servlet class containing useful constant values and common methods for Alfresco servlets.
|
||||
*
|
||||
* @author Kevin Roast
|
||||
*/
|
||||
public final class ServletHelper
|
||||
public abstract class BaseServlet extends HttpServlet
|
||||
{
|
||||
public static final String FACES_SERVLET = "/faces";
|
||||
|
||||
@@ -57,16 +58,9 @@ public final class ServletHelper
|
||||
/** forcing guess access is available on most servlets */
|
||||
private static final String ARG_GUEST = "guest";
|
||||
|
||||
private static Log logger = LogFactory.getLog(ServletHelper.class);
|
||||
private static Log logger = LogFactory.getLog(BaseServlet.class);
|
||||
|
||||
|
||||
/**
|
||||
* Private constructor
|
||||
*/
|
||||
private ServletHelper()
|
||||
{
|
||||
}
|
||||
|
||||
/**
|
||||
* Return the ServiceRegistry helper instance
|
||||
*
|
||||
@@ -88,31 +82,31 @@ public final class ServletHelper
|
||||
*
|
||||
* @throws IOException
|
||||
*/
|
||||
public static AuthenticationStatus servletAuthenticate(HttpServletRequest req, HttpServletResponse res, ServletContext sc)
|
||||
public AuthenticationStatus servletAuthenticate(HttpServletRequest req, HttpServletResponse res)
|
||||
throws IOException
|
||||
{
|
||||
AuthenticationStatus status;
|
||||
|
||||
// see if a ticket or a force Guest parameter has been supplied
|
||||
String ticket = req.getParameter(ServletHelper.ARG_TICKET);
|
||||
String ticket = req.getParameter(ARG_TICKET);
|
||||
if (ticket != null && ticket.length() != 0)
|
||||
{
|
||||
status = AuthenticationHelper.authenticate(sc, req, res, ticket);
|
||||
status = AuthenticationHelper.authenticate(getServletContext(), req, res, ticket);
|
||||
}
|
||||
else
|
||||
{
|
||||
boolean forceGuest = false;
|
||||
String guest = req.getParameter(ServletHelper.ARG_GUEST);
|
||||
String guest = req.getParameter(ARG_GUEST);
|
||||
if (guest != null)
|
||||
{
|
||||
forceGuest = Boolean.parseBoolean(guest);
|
||||
}
|
||||
status = AuthenticationHelper.authenticate(sc, req, res, forceGuest);
|
||||
status = AuthenticationHelper.authenticate(getServletContext(), req, res, forceGuest);
|
||||
}
|
||||
if (status == AuthenticationStatus.Failure)
|
||||
{
|
||||
// authentication failed - now need to display the login page to the user
|
||||
redirectToLoginPage(req, res, sc);
|
||||
redirectToLoginPage(req, res);
|
||||
}
|
||||
|
||||
return status;
|
||||
@@ -122,12 +116,12 @@ public final class ServletHelper
|
||||
* Redirect to the Login page - saving the current URL which can be redirected back later
|
||||
* once the user has successfully completed the authentication process.
|
||||
*/
|
||||
public static void redirectToLoginPage(HttpServletRequest req, HttpServletResponse res, ServletContext sc)
|
||||
public void redirectToLoginPage(HttpServletRequest req, HttpServletResponse res)
|
||||
throws IOException
|
||||
{
|
||||
// authentication failed - so end servlet execution and redirect to login page
|
||||
// also save the requested URL so the login page knows where to redirect too later
|
||||
res.sendRedirect(req.getContextPath() + FACES_SERVLET + Application.getLoginPage(sc));
|
||||
res.sendRedirect(req.getContextPath() + FACES_SERVLET + Application.getLoginPage(getServletContext()));
|
||||
req.getSession().setAttribute(LoginBean.LOGIN_REDIRECT_KEY, req.getRequestURI());
|
||||
}
|
||||
|
||||
@@ -73,7 +73,7 @@ import org.apache.commons.logging.LogFactory;
|
||||
*
|
||||
* @author Kevin Roast
|
||||
*/
|
||||
public class DownloadContentServlet extends HttpServlet
|
||||
public class DownloadContentServlet extends BaseServlet
|
||||
{
|
||||
private static final long serialVersionUID = -4558907921887235966L;
|
||||
|
||||
@@ -105,7 +105,7 @@ public class DownloadContentServlet extends HttpServlet
|
||||
if (logger.isDebugEnabled())
|
||||
logger.debug("Processing URL: " + uri + (req.getQueryString() != null ? ("?" + req.getQueryString()) : ""));
|
||||
|
||||
AuthenticationStatus status = ServletHelper.servletAuthenticate(req, res, getServletContext());
|
||||
AuthenticationStatus status = servletAuthenticate(req, res);
|
||||
if (status == AuthenticationStatus.Failure)
|
||||
{
|
||||
return;
|
||||
@@ -154,7 +154,7 @@ public class DownloadContentServlet extends HttpServlet
|
||||
}
|
||||
|
||||
// get the services we need to retrieve the content
|
||||
ServiceRegistry serviceRegistry = ServletHelper.getServiceRegistry(getServletContext());
|
||||
ServiceRegistry serviceRegistry = getServiceRegistry(getServletContext());
|
||||
ContentService contentService = serviceRegistry.getContentService();
|
||||
PermissionService permissionService = serviceRegistry.getPermissionService();
|
||||
|
||||
@@ -163,7 +163,7 @@ public class DownloadContentServlet extends HttpServlet
|
||||
{
|
||||
if (logger.isDebugEnabled())
|
||||
logger.debug("User does not have permissions to read content for NodeRef: " + nodeRef.toString());
|
||||
ServletHelper.redirectToLoginPage(req, res, getServletContext());
|
||||
redirectToLoginPage(req, res);
|
||||
return;
|
||||
}
|
||||
|
||||
|
||||
@@ -23,7 +23,6 @@ import java.util.StringTokenizer;
|
||||
import javax.faces.application.NavigationHandler;
|
||||
import javax.faces.context.FacesContext;
|
||||
import javax.servlet.ServletException;
|
||||
import javax.servlet.http.HttpServlet;
|
||||
import javax.servlet.http.HttpServletRequest;
|
||||
import javax.servlet.http.HttpServletResponse;
|
||||
|
||||
@@ -55,7 +54,7 @@ import org.apache.commons.logging.LogFactory;
|
||||
*
|
||||
* @author Kevin Roast
|
||||
*/
|
||||
public class ExternalAccessServlet extends HttpServlet
|
||||
public class ExternalAccessServlet extends BaseServlet
|
||||
{
|
||||
private static final long serialVersionUID = -4118907921337237802L;
|
||||
|
||||
@@ -78,7 +77,7 @@ public class ExternalAccessServlet extends HttpServlet
|
||||
if (logger.isDebugEnabled())
|
||||
logger.debug("Processing URL: " + uri + (req.getQueryString() != null ? ("?" + req.getQueryString()) : ""));
|
||||
|
||||
AuthenticationStatus status = ServletHelper.servletAuthenticate(req, res, getServletContext());
|
||||
AuthenticationStatus status = servletAuthenticate(req, res);
|
||||
if (status == AuthenticationStatus.Failure)
|
||||
{
|
||||
return;
|
||||
@@ -107,10 +106,10 @@ public class ExternalAccessServlet extends HttpServlet
|
||||
|
||||
// we almost always need this bean reference
|
||||
FacesContext fc = FacesHelper.getFacesContext(req, res, getServletContext());
|
||||
BrowseBean browseBean = (BrowseBean)ServletHelper.getManagedBean(fc, "BrowseBean");
|
||||
BrowseBean browseBean = (BrowseBean)getManagedBean(fc, "BrowseBean");
|
||||
|
||||
// get services we need
|
||||
ServiceRegistry serviceRegistry = ServletHelper.getServiceRegistry(getServletContext());
|
||||
ServiceRegistry serviceRegistry = getServiceRegistry(getServletContext());
|
||||
PermissionService permissionService = serviceRegistry.getPermissionService();
|
||||
|
||||
// setup is required for certain outcome requests
|
||||
@@ -120,7 +119,7 @@ public class ExternalAccessServlet extends HttpServlet
|
||||
|
||||
if (args[0].equals(WebDAVServlet.WEBDAV_PREFIX))
|
||||
{
|
||||
nodeRef = ServletHelper.resolveWebDAVPath(fc, args);
|
||||
nodeRef = resolveWebDAVPath(fc, args);
|
||||
}
|
||||
else if (args.length == 3)
|
||||
{
|
||||
@@ -135,7 +134,7 @@ public class ExternalAccessServlet extends HttpServlet
|
||||
{
|
||||
if (logger.isDebugEnabled())
|
||||
logger.debug("User does not have permissions to READ NodeRef: " + nodeRef.toString());
|
||||
ServletHelper.redirectToLoginPage(req, res, getServletContext());
|
||||
redirectToLoginPage(req, res);
|
||||
return;
|
||||
}
|
||||
|
||||
@@ -153,7 +152,7 @@ public class ExternalAccessServlet extends HttpServlet
|
||||
|
||||
if (args[0].equals(WebDAVServlet.WEBDAV_PREFIX))
|
||||
{
|
||||
nodeRef = ServletHelper.resolveWebDAVPath(fc, args);
|
||||
nodeRef = resolveWebDAVPath(fc, args);
|
||||
}
|
||||
else if (args.length == 3)
|
||||
{
|
||||
@@ -168,7 +167,7 @@ public class ExternalAccessServlet extends HttpServlet
|
||||
{
|
||||
if (logger.isDebugEnabled())
|
||||
logger.debug("User does not have permissions to READ NodeRef: " + nodeRef.toString());
|
||||
ServletHelper.redirectToLoginPage(req, res, getServletContext());
|
||||
redirectToLoginPage(req, res);
|
||||
return;
|
||||
}
|
||||
|
||||
@@ -197,14 +196,16 @@ public class ExternalAccessServlet extends HttpServlet
|
||||
{
|
||||
if (logger.isDebugEnabled())
|
||||
logger.debug("User does not have permissions to READ NodeRef: " + nodeRef.toString());
|
||||
ServletHelper.redirectToLoginPage(req, res, getServletContext());
|
||||
redirectToLoginPage(req, res);
|
||||
return;
|
||||
}
|
||||
|
||||
// this call sets up the current node Id, and updates or initialises the
|
||||
// breadcrumb component with the selected node as appropriate.
|
||||
browseBean.updateUILocation(nodeRef);
|
||||
browseBean.contextUpdated();
|
||||
|
||||
// force a "late" refresh of the BrowseBean to handle external servlet access URL
|
||||
browseBean.externalAccessRefresh();
|
||||
|
||||
// check for view mode first argument
|
||||
if (args[0].equals(ARG_TEMPLATE))
|
||||
@@ -219,7 +220,7 @@ public class ExternalAccessServlet extends HttpServlet
|
||||
|
||||
// perform the forward to the page processed by the Faces servlet
|
||||
String viewId = fc.getViewRoot().getViewId();
|
||||
getServletContext().getRequestDispatcher(ServletHelper.FACES_SERVLET + viewId).forward(req, res);
|
||||
getServletContext().getRequestDispatcher(FACES_SERVLET + viewId).forward(req, res);
|
||||
}
|
||||
|
||||
/**
|
||||
|
||||
@@ -22,6 +22,12 @@ import javax.faces.context.FacesContext;
|
||||
import javax.faces.context.FacesContextFactory;
|
||||
import javax.faces.lifecycle.Lifecycle;
|
||||
import javax.faces.lifecycle.LifecycleFactory;
|
||||
import javax.portlet.PortletContext;
|
||||
import javax.portlet.PortletRequest;
|
||||
import javax.portlet.PortletResponse;
|
||||
import javax.servlet.ServletContext;
|
||||
import javax.servlet.ServletRequest;
|
||||
import javax.servlet.ServletResponse;
|
||||
|
||||
/**
|
||||
* @author Kevin Roast
|
||||
@@ -35,6 +41,36 @@ public final class FacesHelper
|
||||
{
|
||||
}
|
||||
|
||||
/**
|
||||
* Return a valid FacesContext for the specific context, request and response.
|
||||
* The FacesContext can be constructor for Servlet use.
|
||||
*
|
||||
* @param context ServletContext
|
||||
* @param request ServletRequest
|
||||
* @param response ServletReponse
|
||||
*
|
||||
* @return FacesContext
|
||||
*/
|
||||
public static FacesContext getFacesContext(ServletRequest request, ServletResponse response, ServletContext context)
|
||||
{
|
||||
return getFacesContextImpl(request, response, context);
|
||||
}
|
||||
|
||||
/**
|
||||
* Return a valid FacesContext for the specific context, request and response.
|
||||
* The FacesContext can be constructor for Servlet use.
|
||||
*
|
||||
* @param context ServletContext
|
||||
* @param request ServletRequest
|
||||
* @param response ServletReponse
|
||||
*
|
||||
* @return FacesContext
|
||||
*/
|
||||
public static FacesContext getFacesContext(PortletRequest request, PortletResponse response, PortletContext context)
|
||||
{
|
||||
return getFacesContextImpl(request, response, context);
|
||||
}
|
||||
|
||||
/**
|
||||
* Return a valid FacesContext for the specific context, request and response.
|
||||
* The FacesContext can be constructor for Servlet and Portlet use.
|
||||
@@ -45,7 +81,7 @@ public final class FacesHelper
|
||||
*
|
||||
* @return FacesContext
|
||||
*/
|
||||
public static FacesContext getFacesContext(Object request, Object response, Object context)
|
||||
private static FacesContext getFacesContextImpl(Object request, Object response, Object context)
|
||||
{
|
||||
FacesContext facesContext = FacesContext.getCurrentInstance();
|
||||
if (facesContext != null) return facesContext;
|
||||
|
||||
@@ -23,7 +23,6 @@ import java.util.Map;
|
||||
import java.util.StringTokenizer;
|
||||
|
||||
import javax.servlet.ServletException;
|
||||
import javax.servlet.http.HttpServlet;
|
||||
import javax.servlet.http.HttpServletRequest;
|
||||
import javax.servlet.http.HttpServletResponse;
|
||||
import javax.servlet.http.HttpSession;
|
||||
@@ -68,7 +67,7 @@ import org.apache.commons.logging.LogFactory;
|
||||
*
|
||||
* @author Kevin Roast
|
||||
*/
|
||||
public class TemplateContentServlet extends HttpServlet
|
||||
public class TemplateContentServlet extends BaseServlet
|
||||
{
|
||||
private static final String MIMETYPE_HTML = "text/html";
|
||||
|
||||
@@ -94,7 +93,7 @@ public class TemplateContentServlet extends HttpServlet
|
||||
if (logger.isDebugEnabled())
|
||||
logger.debug("Processing URL: " + uri + (req.getQueryString() != null ? ("?" + req.getQueryString()) : ""));
|
||||
|
||||
AuthenticationStatus status = ServletHelper.servletAuthenticate(req, res, getServletContext());
|
||||
AuthenticationStatus status = servletAuthenticate(req, res);
|
||||
if (status == AuthenticationStatus.Failure)
|
||||
{
|
||||
return;
|
||||
@@ -123,7 +122,7 @@ public class TemplateContentServlet extends HttpServlet
|
||||
}
|
||||
|
||||
// get the services we need to retrieve the content
|
||||
ServiceRegistry serviceRegistry = ServletHelper.getServiceRegistry(getServletContext());
|
||||
ServiceRegistry serviceRegistry = getServiceRegistry(getServletContext());
|
||||
NodeService nodeService = serviceRegistry.getNodeService();
|
||||
TemplateService templateService = serviceRegistry.getTemplateService();
|
||||
PermissionService permissionService = serviceRegistry.getPermissionService();
|
||||
@@ -132,7 +131,7 @@ public class TemplateContentServlet extends HttpServlet
|
||||
if (permissionService.hasPermission(nodeRef, PermissionService.READ) == AccessStatus.DENIED ||
|
||||
(templateRef != null && permissionService.hasPermission(templateRef, PermissionService.READ) == AccessStatus.DENIED))
|
||||
{
|
||||
ServletHelper.redirectToLoginPage(req, res, getServletContext());
|
||||
redirectToLoginPage(req, res);
|
||||
return;
|
||||
}
|
||||
|
||||
|
||||
@@ -43,7 +43,7 @@ import org.apache.commons.logging.LogFactory;
|
||||
*
|
||||
* @author gavinc
|
||||
*/
|
||||
public class UploadFileServlet extends HttpServlet
|
||||
public class UploadFileServlet extends BaseServlet
|
||||
{
|
||||
private static final long serialVersionUID = -5482538466491052873L;
|
||||
private static Log logger = LogFactory.getLog(UploadFileServlet.class);
|
||||
@@ -59,7 +59,7 @@ public class UploadFileServlet extends HttpServlet
|
||||
|
||||
try
|
||||
{
|
||||
AuthenticationStatus status = ServletHelper.servletAuthenticate(request, response, getServletContext());
|
||||
AuthenticationStatus status = servletAuthenticate(request, response);
|
||||
if (status == AuthenticationStatus.Failure)
|
||||
{
|
||||
return;
|
||||
|
||||
@@ -256,6 +256,14 @@ public class BrowseBean implements IContextListener
|
||||
this.contentRichList.setInitialSortDescending(
|
||||
this.viewsConfig.hasDescendingSort(PAGE_NAME_BROWSE));
|
||||
}
|
||||
// special case to handle an External Access URL
|
||||
// these URLs restart the JSF lifecycle but an old UIRichList is restored from
|
||||
// the component tree - which needs clearing "late" in the lifecycle process
|
||||
if (externalForceRefresh)
|
||||
{
|
||||
this.contentRichList.setValue(null);
|
||||
externalForceRefresh = false;
|
||||
}
|
||||
}
|
||||
|
||||
/**
|
||||
@@ -280,6 +288,10 @@ public class BrowseBean implements IContextListener
|
||||
this.spacesRichList.setInitialSortDescending(
|
||||
this.viewsConfig.hasDescendingSort(PAGE_NAME_BROWSE));
|
||||
}
|
||||
if (externalForceRefresh)
|
||||
{
|
||||
this.spacesRichList.setValue(null);
|
||||
}
|
||||
}
|
||||
|
||||
/**
|
||||
@@ -1238,6 +1250,16 @@ public class BrowseBean implements IContextListener
|
||||
return outcome;
|
||||
}
|
||||
|
||||
/**
|
||||
* Support for refresh of lists via special case for an External Access URL.
|
||||
* these URLs restart the JSF lifecycle but an old UIRichList is restored from
|
||||
* the component tree - which needs clearing "late" in the lifecycle process.
|
||||
*/
|
||||
public void externalAccessRefresh()
|
||||
{
|
||||
this.externalForceRefresh = true;
|
||||
}
|
||||
|
||||
|
||||
// ------------------------------------------------------------------------------
|
||||
// Private helpers
|
||||
@@ -1501,4 +1523,6 @@ public class BrowseBean implements IContextListener
|
||||
|
||||
/** True if current space has a dashboard (template) view available */
|
||||
private boolean dashboardView;
|
||||
|
||||
private boolean externalForceRefresh = false;
|
||||
}
|
||||
|
||||
Reference in New Issue
Block a user