From f0e8b61c26f8c7387ab1715faeb84d4d5a839490 Mon Sep 17 00:00:00 2001
From: Alan Davis <alan.davis@alfresco.com>
Date: Sat, 31 Jan 2015 15:32:31 +0000
Subject: [PATCH] Merged HEAD-BUG-FIX (5.1/Cloud) to HEAD (5.1/Cloud)    94143:
 Merged 5.0.N (5.0.1) to HEAD-BUG-FIX (5.1/Cloud)       94081: Merged
 V4.2-BUG-FIX (4.2.5) to 5.0.N (5.0.1)          93932: Merged DEV to
 V4.2-BUG-FIX           93931 : MNT-13191 : Opening /alfresco/webdav from a
 Kerberos-authenticated IE11 browser causes HTTP error 500            If user
 exists in "_alfAuthTicket" session attribute - make full authentication for
 user.

git-svn-id: https://svn.alfresco.com/repos/alfresco-enterprise/alfresco/HEAD/root@95044 c4b6b30b-aa2e-2d43-bbcb-ca4b014f7261
---
 .../repo/webdav/auth/BaseKerberosAuthenticationFilter.java | 7 +++++++
 1 file changed, 7 insertions(+)

diff --git a/source/java/org/alfresco/repo/webdav/auth/BaseKerberosAuthenticationFilter.java b/source/java/org/alfresco/repo/webdav/auth/BaseKerberosAuthenticationFilter.java
index db132aa21d..beba070cd1 100644
--- a/source/java/org/alfresco/repo/webdav/auth/BaseKerberosAuthenticationFilter.java
+++ b/source/java/org/alfresco/repo/webdav/auth/BaseKerberosAuthenticationFilter.java
@@ -48,6 +48,7 @@ import org.alfresco.jlan.server.auth.spnego.OID;
 import org.alfresco.jlan.server.auth.spnego.SPNEGO;
 import org.alfresco.repo.SessionUser;
 import org.alfresco.repo.security.authentication.AuthenticationException;
+import org.alfresco.repo.security.authentication.AuthenticationUtil;
 import org.alfresco.repo.web.auth.KerberosCredentials;
 import org.alfresco.repo.web.auth.TicketCredentials;
 import org.apache.commons.codec.binary.Base64;
@@ -286,6 +287,12 @@ public abstract class BaseKerberosAuthenticationFilter extends BaseSSOAuthentica
         if (user == null)
         {
             user = (SessionUser) httpSess.getAttribute("_alfAuthTicket");
+            // MNT-13191 Opening /alfresco/webdav from a Kerberos-authenticated IE11 browser causes HTTP error 500
+            if (user != null)
+            {
+                String userName = user.getUserName();
+                AuthenticationUtil.setFullyAuthenticatedUser(userName);
+            }
         }
         
         // If the user has been validated and we do not require re-authentication then continue to