diff --git a/source/java/org/alfresco/web/app/servlet/AuthenticationHelper.java b/source/java/org/alfresco/web/app/servlet/AuthenticationHelper.java index 0f51878b33..97094ae45d 100644 --- a/source/java/org/alfresco/web/app/servlet/AuthenticationHelper.java +++ b/source/java/org/alfresco/web/app/servlet/AuthenticationHelper.java @@ -38,6 +38,7 @@ import org.alfresco.repo.security.authentication.AuthenticationUtil; import org.alfresco.repo.security.authentication.external.RemoteUserMapper; import org.alfresco.repo.security.permissions.AccessDeniedException; import org.alfresco.repo.transaction.RetryingTransactionHelper; +import org.alfresco.repo.webdav.auth.AuthenticationDriver; import org.alfresco.service.ServiceRegistry; import org.alfresco.service.cmr.repository.NodeRef; import org.alfresco.service.cmr.repository.NodeService; @@ -72,7 +73,7 @@ import org.springframework.web.context.support.WebApplicationContextUtils; public final class AuthenticationHelper { /** session variables */ - public static final String AUTHENTICATION_USER = "_alfAuthTicket"; + public static final String AUTHENTICATION_USER = AuthenticationDriver.AUTHENTICATION_USER; public static final String SESSION_USERNAME = "_alfLastUser"; public static final String SESSION_INVALIDATED = "_alfSessionInvalid"; diff --git a/source/java/org/alfresco/web/app/servlet/WebscriptCookieAuthenticationFilter.java b/source/java/org/alfresco/web/app/servlet/WebscriptCookieAuthenticationFilter.java index 257c0f8a45..e68ee73c05 100644 --- a/source/java/org/alfresco/web/app/servlet/WebscriptCookieAuthenticationFilter.java +++ b/source/java/org/alfresco/web/app/servlet/WebscriptCookieAuthenticationFilter.java @@ -22,14 +22,13 @@ import org.apache.commons.logging.LogFactory; /** * WebScript aware Authentication Filter. Directly handles login script calls, allowing Surf to establish a cookie * for a manual login, rather than the usual stateless ticket based logins. - * + *

* This functionality has been extracted from the WebScriptSSOAuthenticationFilter so that they can work independently. * * @author Gethin James */ public class WebscriptCookieAuthenticationFilter extends BaseAuthenticationFilter implements DependencyInjectedFilter { - private static final Log logger = LogFactory.getLog(WebscriptCookieAuthenticationFilter.class); private static final String API_LOGIN = "/api/login"; @@ -42,7 +41,6 @@ public class WebscriptCookieAuthenticationFilter extends BaseAuthenticationFilte @Override public void doFilter(ServletContext context, ServletRequest sreq, ServletResponse sresp, FilterChain chain) throws IOException, ServletException { - // Get the HTTP request/response HttpServletRequest req = (HttpServletRequest)sreq; HttpServletResponse res = (HttpServletResponse)sresp; diff --git a/source/web/WEB-INF/web.xml b/source/web/WEB-INF/web.xml index b601d1751f..b4f59c3781 100644 --- a/source/web/WEB-INF/web.xml +++ b/source/web/WEB-INF/web.xml @@ -193,6 +193,11 @@ Global Authentication Filter /wcs/* + + + Global Authentication Filter + /api/* + WebDAV Authentication Filter