diff --git a/remote-api/src/main/java/org/alfresco/repo/web/scripts/servlet/RemoteUserAuthenticatorFactory.java b/remote-api/src/main/java/org/alfresco/repo/web/scripts/servlet/RemoteUserAuthenticatorFactory.java index adbcb62775..ec76fef54f 100644 --- a/remote-api/src/main/java/org/alfresco/repo/web/scripts/servlet/RemoteUserAuthenticatorFactory.java +++ b/remote-api/src/main/java/org/alfresco/repo/web/scripts/servlet/RemoteUserAuthenticatorFactory.java @@ -349,14 +349,14 @@ public class RemoteUserAuthenticatorFactory extends BasicHttpAuthenticatorFactor private boolean shouldUseTimeoutForAdminAccessingAdminConsole(RequiredAuthentication required, boolean isGuest) { - boolean useTimeoutForAdminAccessingAdminConsole = RequiredAuthentication.admin.equals(required) && !isGuest && + boolean adminConsoleTimeout = RequiredAuthentication.admin.equals(required) && !isGuest && servletReq.getServiceMatch() != null && isAdminConsoleWebScript(servletReq.getServiceMatch().getWebScript()); if (LOGGER.isTraceEnabled()) { - LOGGER.trace("Should ensure that the admins can login with basic auth: " + useTimeoutForAdminAccessingAdminConsole); + LOGGER.trace("Should ensure that the admins can login with basic auth: " + adminConsoleTimeout); } - return useTimeoutForAdminAccessingAdminConsole; + return adminConsoleTimeout; } private boolean shouldUseTimeoutForAdminAccessingWebScriptHome(RequiredAuthentication required, boolean isGuest) diff --git a/repository/src/main/java/org/alfresco/repo/security/authentication/identityservice/webscript/AbstractIdentityServiceAuthenticator.java b/repository/src/main/java/org/alfresco/repo/security/authentication/identityservice/webscript/AbstractIdentityServiceAuthenticator.java index c85e6886d1..e3492baee0 100644 --- a/repository/src/main/java/org/alfresco/repo/security/authentication/identityservice/webscript/AbstractIdentityServiceAuthenticator.java +++ b/repository/src/main/java/org/alfresco/repo/security/authentication/identityservice/webscript/AbstractIdentityServiceAuthenticator.java @@ -63,8 +63,6 @@ public abstract class AbstractIdentityServiceAuthenticator private static final Logger LOGGER = LoggerFactory.getLogger(AbstractIdentityServiceAuthenticator.class); - protected abstract boolean isWebScriptHome(); - protected IdentityServiceConfig identityServiceConfig; protected IdentityServiceFacade identityServiceFacade; protected AdminAuthenticationCookiesService cookiesService; @@ -74,6 +72,8 @@ public abstract class AbstractIdentityServiceAuthenticator public static final String ALFRESCO_REFRESH_TOKEN = "ALFRESCO_REFRESH_TOKEN"; public static final String ALFRESCO_TOKEN_EXPIRATION = "ALFRESCO_TOKEN_EXPIRATION"; + protected abstract boolean isWebScriptHome(); + public String resolveUser(HttpServletRequest request, HttpServletResponse response) { String username = remoteUserMapper.getRemoteUser(request); @@ -225,7 +225,10 @@ public abstract class AbstractIdentityServiceAuthenticator } catch (Exception e) { - LOGGER.debug("Token refresh failed: {}", e.getMessage()); + if (LOGGER.isDebugEnabled()) + { + LOGGER.debug("Token refresh failed: {}", e.getMessage()); + } bearerToken = null; resetCookies(response); } diff --git a/repository/src/main/java/org/alfresco/repo/security/authentication/identityservice/webscript/IdentityServiceWebScriptHomeAuthenticator.java b/repository/src/main/java/org/alfresco/repo/security/authentication/identityservice/webscript/IdentityServiceWebScriptHomeAuthenticator.java index eca3b8c40f..874182f550 100644 --- a/repository/src/main/java/org/alfresco/repo/security/authentication/identityservice/webscript/IdentityServiceWebScriptHomeAuthenticator.java +++ b/repository/src/main/java/org/alfresco/repo/security/authentication/identityservice/webscript/IdentityServiceWebScriptHomeAuthenticator.java @@ -102,6 +102,7 @@ public class IdentityServiceWebScriptHomeAuthenticator extends AbstractIdentityS return false; } + @Override protected String getRedirectUri(String requestURL) { return getWebScriptHomeRedirectUri(requestURL);