Examples with ActivateableBean org.alfresco.repo.management.subsystems.ActivateableBean used on opensource projects

Example 1 with ActivateableBean

use of org.alfresco.repo.management.subsystems.ActivateableBean in project alfresco-remote-api by Alfresco.

the class BaseAuthenticationFilter method getSessionUser.

/**
 * Callback to get the specific impl of the Session User for a filter.
 *
 * @param servletContext
 *            the servlet context
 * @param httpServletRequest
 *            the http servlet request
 * @param httpServletResponse
 *            the http servlet response
 * @param externalAuth
 *            has the user been authenticated by SSO?
 * @return User from the session
 */
protected SessionUser getSessionUser(ServletContext servletContext, final HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse, final boolean externalAuth) {
    String userId = null;
    // If the remote user mapper is configured, we may be able to map in an externally authenticated user
    if (remoteUserMapper != null && (!(remoteUserMapper instanceof ActivateableBean) || ((ActivateableBean) remoteUserMapper).isActive())) {
        userId = remoteUserMapper.getRemoteUser(httpServletRequest);
        if (getLogger().isDebugEnabled())
            getLogger().debug("Found a remote user: " + userId);
    }
    String sessionAttrib = getUserAttributeName();
    HttpSession session = httpServletRequest.getSession();
    SessionUser sessionUser = (SessionUser) session.getAttribute(sessionAttrib);
    if (sessionUser != null) {
        try {
            if (getLogger().isDebugEnabled())
                getLogger().debug("Found a session user: " + sessionUser.getUserName());
            authenticationService.validate(sessionUser.getTicket());
            setExternalAuth(session, externalAuth);
        } catch (AuthenticationException e) {
            if (getLogger().isDebugEnabled())
                getLogger().debug("The ticket may have expired or the person could have been removed, invalidating session.", e);
            invalidateSession(httpServletRequest);
            sessionUser = null;
        }
    }
    if (userId != null) {
        if (getLogger().isDebugEnabled())
            getLogger().debug("We have a previously-cached user with the wrong identity - replace them.");
        if (sessionUser != null && !sessionUser.getUserName().equals(userId)) {
            if (getLogger().isDebugEnabled())
                getLogger().debug("Removing the session user, invalidating session.");
            session.removeAttribute(sessionAttrib);
            session.invalidate();
            sessionUser = null;
        }
        if (sessionUser == null) {
            // If we have been authenticated by other means, just propagate through the user identity
            if (getLogger().isDebugEnabled())
                getLogger().debug("Propagating through the user identity: " + userId);
            authenticationComponent.setCurrentUser(userId);
            session = httpServletRequest.getSession();
            try {
                sessionUser = createUserEnvironment(session, authenticationService.getCurrentUserName(), authenticationService.getCurrentTicket(), true);
            } catch (Throwable e) {
                if (getLogger().isDebugEnabled())
                    getLogger().debug("Error during ticket validation and user creation: " + e.getMessage(), e);
            }
        }
    }
    return sessionUser;
}

Example 2 with ActivateableBean

use of org.alfresco.repo.management.subsystems.ActivateableBean in project acs-community-packaging by Alfresco.

the class BasicAuthenticationHandler method isUserAuthenticated.

/**
 * Returns <code>true</code> if the user is authenticated and their details are cached in the session
 *
 * @param context
 *            the servlet context
 * @param request
 *            the servlet request
 * @return <code>true</code>, if the user is authenticated
 * @throws IOException
 *             Signals that an I/O exception has occurred.
 * @throws ServletException
 *             On other errors.
 */
public boolean isUserAuthenticated(ServletContext context, HttpServletRequest request) throws IOException, ServletException {
    String authHdr = request.getHeader(HEADER_AUTHORIZATION);
    HttpSession session = request.getSession(false);
    SessionUser sessionUser = session == null ? null : (SessionUser) session.getAttribute(USER_SESSION_ATTRIBUTE);
    if (sessionUser == null) {
        if (remoteUserMapper != null && (!(remoteUserMapper instanceof ActivateableBean) || ((ActivateableBean) remoteUserMapper).isActive())) {
            String userId = remoteUserMapper.getRemoteUser(request);
            if (userId != null) {
                // authenticated by other
                authenticationComponent.setCurrentUser(userId);
                request.getSession().setAttribute(USER_SESSION_ATTRIBUTE, new User(userId, authenticationService.getCurrentTicket(), personService.getPerson(userId)));
                return true;
            }
        }
        if (authHdr != null && authHdr.length() > 5 && authHdr.substring(0, 5).equalsIgnoreCase(BASIC_START)) {
            String basicAuth = new String(Base64.decodeBase64(authHdr.substring(5).getBytes()));
            String username = null;
            String password = null;
            int pos = basicAuth.indexOf(":");
            if (pos != -1) {
                username = basicAuth.substring(0, pos);
                password = basicAuth.substring(pos + 1);
            } else {
                username = basicAuth;
                password = "";
            }
            try {
                if (logger.isDebugEnabled())
                    logger.debug("Authenticating user '" + username + "'");
                authenticationService.authenticate(username, password.toCharArray());
                // Normalize the user ID taking into account case sensitivity settings
                username = authenticationService.getCurrentUserName();
                if (logger.isDebugEnabled())
                    logger.debug("Authenticated user '" + username + "'");
                authenticationListener.userAuthenticated(new BasicAuthCredentials(username, password));
                request.getSession().setAttribute(USER_SESSION_ATTRIBUTE, new User(username, authenticationService.getCurrentTicket(), personService.getPerson(username)));
                return true;
            } catch (AuthenticationException ex) {
                authenticationListener.authenticationFailed(new BasicAuthCredentials(username, password), ex);
            }
        }
    } else {
        try {
            authenticationService.validate(sessionUser.getTicket());
            authenticationListener.userAuthenticated(new TicketCredentials(sessionUser.getTicket()));
            return true;
        } catch (AuthenticationException ex) {
            authenticationListener.authenticationFailed(new TicketCredentials(sessionUser.getTicket()), ex);
            session.invalidate();
        }
    }
    return false;
}

Example 3 with ActivateableBean

use of org.alfresco.repo.management.subsystems.ActivateableBean in project acs-community-packaging by Alfresco.

the class AuthenticationHelper method getRemoteUserMapper.

/**
 * Gets the remote user mapper if one is configured and active (i.e. external authentication is in use).
 * @param sc
 *           the servlet context
 * @return the remote user mapper if one is configured and active; otherwise <code>null</code>
 */
public static RemoteUserMapper getRemoteUserMapper(final ServletContext sc) {
    final WebApplicationContext wc = WebApplicationContextUtils.getRequiredWebApplicationContext(sc);
    RemoteUserMapper remoteUserMapper = (RemoteUserMapper) wc.getBean(REMOTE_USER_MAPPER);
    if (remoteUserMapper != null && !(remoteUserMapper instanceof ActivateableBean) || ((ActivateableBean) remoteUserMapper).isActive()) {
        if (logger.isDebugEnabled()) {
            logger.debug("Remote user mapper configured and active.");
        }
        return remoteUserMapper;
    }
    if (logger.isDebugEnabled()) {
        logger.debug("No active remote user mapper.");
    }
    return null;
}