use of org.alfresco.repo.security.authentication.AuthenticationComponent in project alfresco-remote-api by Alfresco.
the class WebDAVMethodTest method setUpApplicationContext.
protected void setUpApplicationContext() {
ApplicationContext appContext = ApplicationContextHelper.getApplicationContext(new String[] { "classpath:alfresco/application-context.xml", "classpath:alfresco/web-scripts-application-context.xml", "classpath:alfresco/remote-api-context.xml" });
this.nodeService = (NodeService) appContext.getBean("NodeService");
this.searchService = (SearchService) appContext.getBean("SearchService");
this.namespaceService = (NamespaceService) appContext.getBean("NamespaceService");
this.tenantService = (TenantService) appContext.getBean("tenantService");
this.transactionService = (TransactionService) appContext.getBean("transactionService");
this.webDAVHelper = (WebDAVHelper) appContext.getBean("webDAVHelper");
this.tenantAdminService = (TenantAdminService) appContext.getBean("tenantAdminService");
// Authenticate as system to create initial test data set
AuthenticationComponent authenticationComponent = (AuthenticationComponent) appContext.getBean("authenticationComponent");
authenticationComponent.setSystemUserAsCurrentUser();
}
use of org.alfresco.repo.security.authentication.AuthenticationComponent in project acs-community-packaging by Alfresco.
the class AuthenticationHelper method getUser.
/**
* Attempts to retrieve the User object stored in the current session.
*
* @param sc
* the servlet context
* @param httpRequest
* The HTTP request
* @param httpResponse
* The HTTP response
* @return The User object representing the current user or null if it could not be found
*/
public static User getUser(final ServletContext sc, final HttpServletRequest httpRequest, HttpServletResponse httpResponse) {
// If the remote user mapper is configured, we may be able to map in an externally authenticated user
String userId = getRemoteUser(sc, httpRequest);
final WebApplicationContext wc = WebApplicationContextUtils.getRequiredWebApplicationContext(sc);
HttpSession session = httpRequest.getSession();
User user = null;
// examine the appropriate session to try and find the User object
SessionUser sessionUser = Application.getCurrentUser(session);
// been known to leak in but shouldn't now)
if (sessionUser != null) {
if (logger.isDebugEnabled())
logger.debug("SessionUser is: " + sessionUser.getUserName());
AuthenticationService auth = (AuthenticationService) wc.getBean(AUTHENTICATION_SERVICE);
try {
auth.validate(sessionUser.getTicket());
if (sessionUser instanceof User) {
user = (User) sessionUser;
setExternalAuth(session, userId != null);
} else {
user = setUser(sc, httpRequest, sessionUser.getUserName(), sessionUser.getTicket(), userId != null);
}
} catch (AuthenticationException authErr) {
if (logger.isDebugEnabled())
logger.debug("An authentication error occured while setting the session user", authErr);
session.removeAttribute(AUTHENTICATION_USER);
if (!Application.inPortalServer()) {
if (logger.isDebugEnabled())
logger.debug("Invalidating the session.");
session.invalidate();
}
}
}
// If the remote user mapper is configured, we may be able to map in an externally authenticated user
if (userId != null) {
AuthorityService authorityService = (AuthorityService) wc.getBean(AUTHORITY_SERVICE);
// We have a previously-cached user with the wrong identity - replace them
if (user != null && !authorityService.isGuestAuthority(user.getUserName()) && !user.getUserName().equals(userId)) {
if (logger.isDebugEnabled())
logger.debug("We have a previously-cached user with the wrong identity - replace them");
session.removeAttribute(AUTHENTICATION_USER);
if (!Application.inPortalServer()) {
if (logger.isDebugEnabled())
logger.debug("Invalidating session.");
session.invalidate();
}
user = null;
}
if (user == null) {
if (logger.isDebugEnabled())
logger.debug("There are no previously-cached users.");
// If we have been authenticated by other means, just propagate through the user identity
AuthenticationComponent authenticationComponent = (AuthenticationComponent) wc.getBean(AUTHENTICATION_COMPONENT);
try {
if (logger.isDebugEnabled())
logger.debug("We have been authenticated by other means, authenticating the user: " + userId);
authenticationComponent.setCurrentUser(userId);
AuthenticationService authenticationService = (AuthenticationService) wc.getBean(AUTHENTICATION_SERVICE);
user = setUser(sc, httpRequest, userId, authenticationService.getCurrentTicket(), true);
} catch (AuthenticationException authErr) {
if (logger.isDebugEnabled())
logger.debug("An authentication error occured while setting the session user", authErr);
// Allow for an invalid external user ID to be indicated
session.removeAttribute(AUTHENTICATION_USER);
if (!Application.inPortalServer()) {
if (logger.isDebugEnabled())
logger.debug("Invalidating the session.");
session.invalidate();
}
}
}
}
return user;
}
use of org.alfresco.repo.security.authentication.AuthenticationComponent in project alfresco-remote-api by Alfresco.
the class DownloadRestApiTest method setUp.
public void setUp() {
// Resolve required services
authenticationService = getServer().getApplicationContext().getBean("AuthenticationService", MutableAuthenticationService.class);
authenticationComponent = getServer().getApplicationContext().getBean("authenticationComponent", AuthenticationComponent.class);
contentService = getServer().getApplicationContext().getBean("ContentService", ContentService.class);
nodeService = getServer().getApplicationContext().getBean("NodeService", NodeService.class);
personService = getServer().getApplicationContext().getBean("PersonService", PersonService.class);
// Authenticate as user
this.authenticationComponent.setCurrentUser(AuthenticationUtil.getAdminUserName());
// if user with given user name doesn't already exist then create user
if (this.authenticationService.authenticationExists(TEST_USERNAME) == false) {
// create user
this.authenticationService.createAuthentication(TEST_USERNAME, "password".toCharArray());
// create person properties
PropertyMap personProps = new PropertyMap();
personProps.put(ContentModel.PROP_USERNAME, TEST_USERNAME);
personProps.put(ContentModel.PROP_FIRSTNAME, "FirstName123");
personProps.put(ContentModel.PROP_LASTNAME, "LastName123");
personProps.put(ContentModel.PROP_EMAIL, "FirstName123.LastName123@email.com");
personProps.put(ContentModel.PROP_JOBTITLE, "JobTitle123");
personProps.put(ContentModel.PROP_JOBTITLE, "Organisation123");
// create person node for user
this.personService.createPerson(personProps);
}
Repository repositoryHelper = (Repository) getServer().getApplicationContext().getBean("repositoryHelper");
NodeRef companyHome = repositoryHelper.getCompanyHome();
// Create some static test content
rootFolder = createNode(companyHome, "rootFolder", ContentModel.TYPE_FOLDER, AuthenticationUtil.getAdminUserName());
rootFile = createNodeWithTextContent(companyHome, "rootFile", ContentModel.TYPE_CONTENT, AuthenticationUtil.getAdminUserName(), "Root file content");
level1File = createNodeWithTextContent(rootFolder, "level1File", ContentModel.TYPE_CONTENT, AuthenticationUtil.getAdminUserName(), "Level 1 file content");
level1Folder = createNode(rootFolder, "level1Folder", ContentModel.TYPE_FOLDER, AuthenticationUtil.getAdminUserName());
level2File = createNodeWithTextContent(level1Folder, "level2File", ContentModel.TYPE_CONTENT, AuthenticationUtil.getAdminUserName(), "Level 2 file content");
}
Aggregations