Example 1 with AuthenticationComponent
use of org.alfresco.repo.security.authentication.AuthenticationComponent in project alfresco-remote-api by Alfresco.
the class WebDAVMethodTest method setUpApplicationContext.
protected void setUpApplicationContext() {
ApplicationContext appContext = ApplicationContextHelper.getApplicationContext(new String[] { "classpath:alfresco/application-context.xml", "classpath:alfresco/web-scripts-application-context.xml", "classpath:alfresco/remote-api-context.xml" });
this.nodeService = (NodeService) appContext.getBean("NodeService");
this.searchService = (SearchService) appContext.getBean("SearchService");
this.namespaceService = (NamespaceService) appContext.getBean("NamespaceService");
this.tenantService = (TenantService) appContext.getBean("tenantService");
this.transactionService = (TransactionService) appContext.getBean("transactionService");
this.webDAVHelper = (WebDAVHelper) appContext.getBean("webDAVHelper");
this.tenantAdminService = (TenantAdminService) appContext.getBean("tenantAdminService");
// Authenticate as system to create initial test data set
AuthenticationComponent authenticationComponent = (AuthenticationComponent) appContext.getBean("authenticationComponent");
authenticationComponent.setSystemUserAsCurrentUser();
}
Also used :
ApplicationContext(org.springframework.context.ApplicationContext)
AuthenticationComponent(org.alfresco.repo.security.authentication.AuthenticationComponent)
Example 2 with AuthenticationComponent
use of org.alfresco.repo.security.authentication.AuthenticationComponent in project acs-community-packaging by Alfresco.
the class AuthenticationHelper method getUser.
/**
* Attempts to retrieve the User object stored in the current session.
*
* @param sc
* the servlet context
* @param httpRequest
* The HTTP request
* @param httpResponse
* The HTTP response
* @return The User object representing the current user or null if it could not be found
*/
public static User getUser(final ServletContext sc, final HttpServletRequest httpRequest, HttpServletResponse httpResponse) {
// If the remote user mapper is configured, we may be able to map in an externally authenticated user
String userId = getRemoteUser(sc, httpRequest);
final WebApplicationContext wc = WebApplicationContextUtils.getRequiredWebApplicationContext(sc);
HttpSession session = httpRequest.getSession();
User user = null;
// examine the appropriate session to try and find the User object
SessionUser sessionUser = Application.getCurrentUser(session);
// been known to leak in but shouldn't now)
if (sessionUser != null) {
if (logger.isDebugEnabled())
logger.debug("SessionUser is: " + sessionUser.getUserName());
AuthenticationService auth = (AuthenticationService) wc.getBean(AUTHENTICATION_SERVICE);
try {
auth.validate(sessionUser.getTicket());
if (sessionUser instanceof User) {
user = (User) sessionUser;
setExternalAuth(session, userId != null);
} else {
user = setUser(sc, httpRequest, sessionUser.getUserName(), sessionUser.getTicket(), userId != null);
}
} catch (AuthenticationException authErr) {
if (logger.isDebugEnabled())
logger.debug("An authentication error occured while setting the session user", authErr);
session.removeAttribute(AUTHENTICATION_USER);
if (!Application.inPortalServer()) {
if (logger.isDebugEnabled())
logger.debug("Invalidating the session.");
session.invalidate();
}
}
}
// If the remote user mapper is configured, we may be able to map in an externally authenticated user
if (userId != null) {
AuthorityService authorityService = (AuthorityService) wc.getBean(AUTHORITY_SERVICE);
// We have a previously-cached user with the wrong identity - replace them
if (user != null && !authorityService.isGuestAuthority(user.getUserName()) && !user.getUserName().equals(userId)) {
if (logger.isDebugEnabled())
logger.debug("We have a previously-cached user with the wrong identity - replace them");
session.removeAttribute(AUTHENTICATION_USER);
if (!Application.inPortalServer()) {
if (logger.isDebugEnabled())
logger.debug("Invalidating session.");
session.invalidate();
}
user = null;
}
if (user == null) {
if (logger.isDebugEnabled())
logger.debug("There are no previously-cached users.");
// If we have been authenticated by other means, just propagate through the user identity
AuthenticationComponent authenticationComponent = (AuthenticationComponent) wc.getBean(AUTHENTICATION_COMPONENT);
try {
if (logger.isDebugEnabled())
logger.debug("We have been authenticated by other means, authenticating the user: " + userId);
authenticationComponent.setCurrentUser(userId);
AuthenticationService authenticationService = (AuthenticationService) wc.getBean(AUTHENTICATION_SERVICE);
user = setUser(sc, httpRequest, userId, authenticationService.getCurrentTicket(), true);
} catch (AuthenticationException authErr) {
if (logger.isDebugEnabled())
logger.debug("An authentication error occured while setting the session user", authErr);
// Allow for an invalid external user ID to be indicated
session.removeAttribute(AUTHENTICATION_USER);
if (!Application.inPortalServer()) {
if (logger.isDebugEnabled())
logger.debug("Invalidating the session.");
session.invalidate();
}
}
}
}
return user;
}
Also used :
SessionUser(org.alfresco.repo.SessionUser)
SessionUser(org.alfresco.repo.SessionUser)
User(org.alfresco.web.bean.repository.User)
AuthenticationComponent(org.alfresco.repo.security.authentication.AuthenticationComponent)
AuthenticationException(org.alfresco.repo.security.authentication.AuthenticationException)
HttpSession(javax.servlet.http.HttpSession)
AuthorityService(org.alfresco.service.cmr.security.AuthorityService)
AuthenticationService(org.alfresco.service.cmr.security.AuthenticationService)
WebApplicationContext(org.springframework.web.context.WebApplicationContext)
Example 3 with AuthenticationComponent
use of org.alfresco.repo.security.authentication.AuthenticationComponent in project alfresco-remote-api by Alfresco.
the class DownloadRestApiTest method setUp.
public void setUp() {
// Resolve required services
authenticationService = getServer().getApplicationContext().getBean("AuthenticationService", MutableAuthenticationService.class);
authenticationComponent = getServer().getApplicationContext().getBean("authenticationComponent", AuthenticationComponent.class);
contentService = getServer().getApplicationContext().getBean("ContentService", ContentService.class);
nodeService = getServer().getApplicationContext().getBean("NodeService", NodeService.class);
personService = getServer().getApplicationContext().getBean("PersonService", PersonService.class);
// Authenticate as user
this.authenticationComponent.setCurrentUser(AuthenticationUtil.getAdminUserName());
// if user with given user name doesn't already exist then create user
if (this.authenticationService.authenticationExists(TEST_USERNAME) == false) {
// create user
this.authenticationService.createAuthentication(TEST_USERNAME, "password".toCharArray());
// create person properties
PropertyMap personProps = new PropertyMap();
personProps.put(ContentModel.PROP_USERNAME, TEST_USERNAME);
personProps.put(ContentModel.PROP_FIRSTNAME, "FirstName123");
personProps.put(ContentModel.PROP_LASTNAME, "LastName123");
personProps.put(ContentModel.PROP_EMAIL, "FirstName123.LastName123@email.com");
personProps.put(ContentModel.PROP_JOBTITLE, "JobTitle123");
personProps.put(ContentModel.PROP_JOBTITLE, "Organisation123");
// create person node for user
this.personService.createPerson(personProps);
}
Repository repositoryHelper = (Repository) getServer().getApplicationContext().getBean("repositoryHelper");
NodeRef companyHome = repositoryHelper.getCompanyHome();
// Create some static test content
rootFolder = createNode(companyHome, "rootFolder", ContentModel.TYPE_FOLDER, AuthenticationUtil.getAdminUserName());
rootFile = createNodeWithTextContent(companyHome, "rootFile", ContentModel.TYPE_CONTENT, AuthenticationUtil.getAdminUserName(), "Root file content");
level1File = createNodeWithTextContent(rootFolder, "level1File", ContentModel.TYPE_CONTENT, AuthenticationUtil.getAdminUserName(), "Level 1 file content");
level1Folder = createNode(rootFolder, "level1Folder", ContentModel.TYPE_FOLDER, AuthenticationUtil.getAdminUserName());
level2File = createNodeWithTextContent(level1Folder, "level2File", ContentModel.TYPE_CONTENT, AuthenticationUtil.getAdminUserName(), "Level 2 file content");
}
Also used :
NodeRef(org.alfresco.service.cmr.repository.NodeRef)
Repository(org.alfresco.repo.model.Repository)
PropertyMap(org.alfresco.util.PropertyMap)
AuthenticationComponent(org.alfresco.repo.security.authentication.AuthenticationComponent)
NodeService(org.alfresco.service.cmr.repository.NodeService)
PersonService(org.alfresco.service.cmr.security.PersonService)
ContentService(org.alfresco.service.cmr.repository.ContentService)
MutableAuthenticationService(org.alfresco.service.cmr.security.MutableAuthenticationService)
Aggregations
AuthenticationComponent (org.alfresco.repo.security.authentication.AuthenticationComponent)3
HttpSession (javax.servlet.http.HttpSession)1
SessionUser (org.alfresco.repo.SessionUser)1
Repository (org.alfresco.repo.model.Repository)1
AuthenticationException (org.alfresco.repo.security.authentication.AuthenticationException)1
ContentService (org.alfresco.service.cmr.repository.ContentService)1
NodeRef (org.alfresco.service.cmr.repository.NodeRef)1
NodeService (org.alfresco.service.cmr.repository.NodeService)1
AuthenticationService (org.alfresco.service.cmr.security.AuthenticationService)1
AuthorityService (org.alfresco.service.cmr.security.AuthorityService)1
MutableAuthenticationService (org.alfresco.service.cmr.security.MutableAuthenticationService)1
PersonService (org.alfresco.service.cmr.security.PersonService)1
PropertyMap (org.alfresco.util.PropertyMap)1
User (org.alfresco.web.bean.repository.User)1
ApplicationContext (org.springframework.context.ApplicationContext)1
WebApplicationContext (org.springframework.web.context.WebApplicationContext)1
