Example 1 with NoSuchPersonException
use of org.alfresco.service.cmr.security.NoSuchPersonException in project alfresco-remote-api by Alfresco.
the class AuthenticationFilter method doFilter.
// Various services required by NTLM authenticator
/**
* Run the authentication filter
*
* @param context ServletContext
* @param req ServletRequest
* @param resp ServletResponse
* @param chain FilterChain
* @exception ServletException
* @exception IOException
*/
@Override
public void doFilter(ServletContext context, ServletRequest req, ServletResponse resp, FilterChain chain) throws IOException, ServletException {
if (logger.isDebugEnabled())
logger.debug("Entering AuthenticationFilter.");
// Assume it's an HTTP request
HttpServletRequest httpReq = (HttpServletRequest) req;
HttpServletResponse httpResp = (HttpServletResponse) resp;
// Get the user details object from the session
SessionUser user = getSessionUser(context, httpReq, httpResp, false);
if (user == null) {
if (logger.isDebugEnabled())
logger.debug("There is no user in the session.");
// Get the authorization header
String authHdr = httpReq.getHeader("Authorization");
if (authHdr != null && authHdr.length() > 5 && authHdr.substring(0, 5).equalsIgnoreCase("BASIC")) {
if (logger.isDebugEnabled())
logger.debug("Basic authentication details present in the header.");
byte[] encodedString = Base64.decodeBase64(authHdr.substring(5).getBytes());
// ALF-13621: Due to browser inconsistencies we have to try a fallback path of encodings
Set<String> attemptedAuths = new HashSet<String>(ENCODINGS.length * 2);
for (String encoding : ENCODINGS) {
CharsetDecoder decoder = Charset.forName(encoding).newDecoder().onMalformedInput(CodingErrorAction.REPORT);
try {
// Attempt to decode using this charset
String basicAuth = decoder.decode(ByteBuffer.wrap(encodedString)).toString();
// It decoded OK but we may already have tried this string.
if (!attemptedAuths.add(basicAuth)) {
// Already tried - no need to try again
continue;
}
String username = null;
String password = null;
// Split the username and password
int pos = basicAuth.indexOf(":");
if (pos != -1) {
username = basicAuth.substring(0, pos);
password = basicAuth.substring(pos + 1);
} else {
username = basicAuth;
password = "";
}
// Go to the repo and authenticate
Authorization auth = new Authorization(username, password);
if (auth.isTicket()) {
authenticationService.validate(auth.getTicket());
} else {
authenticationService.authenticate(username, password.toCharArray());
if (authenticationListener != null) {
authenticationListener.userAuthenticated(new BasicAuthCredentials(username, password));
}
}
user = createUserEnvironment(httpReq.getSession(), authenticationService.getCurrentUserName(), authenticationService.getCurrentTicket(), false);
// Success so break out
break;
} catch (CharacterCodingException e) {
if (logger.isDebugEnabled())
logger.debug("Didn't decode using " + decoder.getClass().getName(), e);
} catch (AuthenticationException ex) {
if (logger.isDebugEnabled())
logger.debug("Authentication error ", ex);
} catch (NoSuchPersonException e) {
if (logger.isDebugEnabled())
logger.debug("There is no such person error ", e);
}
}
} else {
// Check if the request includes an authentication ticket
String ticket = req.getParameter(ARG_TICKET);
if (ticket != null && ticket.length() > 0) {
// PowerPoint bug fix
if (ticket.endsWith(PPT_EXTN)) {
ticket = ticket.substring(0, ticket.length() - PPT_EXTN.length());
}
if (logger.isDebugEnabled())
logger.debug("Logon via ticket from " + req.getRemoteHost() + " (" + req.getRemoteAddr() + ":" + req.getRemotePort() + ")" + " ticket=" + ticket);
// Validate the ticket
authenticationService.validate(ticket);
if (authenticationListener != null) {
authenticationListener.userAuthenticated(new TicketCredentials(ticket));
}
// Need to create the User instance if not already available
String currentUsername = authenticationService.getCurrentUserName();
user = createUserEnvironment(httpReq.getSession(), currentUsername, ticket, false);
}
}
if (user == null) {
if (logger.isDebugEnabled())
logger.debug("No user/ticket, force the client to prompt for logon details.");
httpResp.setHeader("WWW-Authenticate", "BASIC realm=\"Alfresco DAV Server\"");
httpResp.setStatus(HttpServletResponse.SC_UNAUTHORIZED);
httpResp.flushBuffer();
return;
}
} else {
if (authenticationListener != null) {
authenticationListener.userAuthenticated(new TicketCredentials(user.getTicket()));
}
}
// Chain other filters
chain.doFilter(req, resp);
}
Also used :
TicketCredentials(org.alfresco.repo.web.auth.TicketCredentials)
CharsetDecoder(java.nio.charset.CharsetDecoder)
BasicAuthCredentials(org.alfresco.repo.web.auth.BasicAuthCredentials)
AuthenticationException(org.alfresco.repo.security.authentication.AuthenticationException)
NoSuchPersonException(org.alfresco.service.cmr.security.NoSuchPersonException)
HttpServletResponse(javax.servlet.http.HttpServletResponse)
CharacterCodingException(java.nio.charset.CharacterCodingException)
HttpServletRequest(javax.servlet.http.HttpServletRequest)
Authorization(org.alfresco.repo.security.authentication.Authorization)
SessionUser(org.alfresco.repo.SessionUser)
HashSet(java.util.HashSet)
LinkedHashSet(java.util.LinkedHashSet)
Example 2 with NoSuchPersonException
use of org.alfresco.service.cmr.security.NoSuchPersonException in project alfresco-remote-api by Alfresco.
the class Node method lookupUserInfo.
public static UserInfo lookupUserInfo(String userName, Map<String, UserInfo> mapUserInfo, PersonService personService, boolean displayNameOnly) {
UserInfo userInfo = mapUserInfo.get(userName);
if ((userInfo == null) && (userName != null)) {
String sysUserName = AuthenticationUtil.getSystemUserName();
if (userName.equals(sysUserName) || (AuthenticationUtil.isMtEnabled() && userName.startsWith(sysUserName + "@"))) {
userInfo = new UserInfo((displayNameOnly ? null : userName), userName, "");
} else {
PersonService.PersonInfo pInfo = null;
try {
NodeRef pNodeRef = personService.getPerson(userName, false);
if (pNodeRef != null) {
pInfo = personService.getPerson(pNodeRef);
}
} catch (NoSuchPersonException nspe) {
// drop-through
} catch (AccessDeniedException ade) {
// SFS-610
// drop-through
}
if (pInfo != null) {
userInfo = new UserInfo((displayNameOnly ? null : userName), pInfo.getFirstName(), pInfo.getLastName());
} else {
logger.warn("Unknown person: " + userName);
userInfo = new UserInfo((displayNameOnly ? null : userName), userName, "");
}
}
mapUserInfo.put(userName, userInfo);
}
return userInfo;
}
Also used :
NodeRef(org.alfresco.service.cmr.repository.NodeRef)
AccessDeniedException(org.alfresco.repo.security.permissions.AccessDeniedException)
PersonService(org.alfresco.service.cmr.security.PersonService)
NoSuchPersonException(org.alfresco.service.cmr.security.NoSuchPersonException)
Example 3 with NoSuchPersonException
use of org.alfresco.service.cmr.security.NoSuchPersonException in project alfresco-remote-api by Alfresco.
the class AbstractSubscriptionServiceWebScript method execute.
public void execute(WebScriptRequest req, WebScriptResponse res) throws IOException {
if (!subscriptionService.isActive()) {
res.setStatus(404);
return;
}
try {
String userId = req.getServiceMatch().getTemplateVars().get("userid");
Object obj = executeImpl(userId, req, res);
if (obj instanceof JSONObject || obj instanceof JSONArray) {
res.setContentEncoding(Charset.defaultCharset().displayName());
res.setContentType(Format.JSON.mimetype() + ";charset=UTF-8");
Writer writer = res.getWriter();
if (obj instanceof JSONObject) {
((JSONObject) obj).writeJSONString(writer);
} else {
((JSONArray) obj).writeJSONString(writer);
}
writer.flush();
} else {
res.setStatus(204);
}
} catch (SubscriptionsDisabledException sde) {
throw new WebScriptException(404, "Subscription service is disabled!", sde);
} catch (NoSuchPersonException nspe) {
throw new WebScriptException(404, "Unknown user '" + nspe.getUserName() + "'!", nspe);
} catch (PrivateSubscriptionListException psle) {
throw new WebScriptException(403, "Subscription list is private!", psle);
} catch (ParseException pe) {
throw new WebScriptException(400, "Unable to parse JSON!", pe);
} catch (ClassCastException cce) {
throw new WebScriptException(400, "Unable to parse JSON!", cce);
} catch (IOException ioe) {
throw new WebScriptException(500, "Unable to serialize JSON!", ioe);
}
}
Also used :
PrivateSubscriptionListException(org.alfresco.service.cmr.subscriptions.PrivateSubscriptionListException)
JSONObject(org.json.simple.JSONObject)
WebScriptException(org.springframework.extensions.webscripts.WebScriptException)
NoSuchPersonException(org.alfresco.service.cmr.security.NoSuchPersonException)
JSONArray(org.json.simple.JSONArray)
JSONObject(org.json.simple.JSONObject)
SubscriptionsDisabledException(org.alfresco.service.cmr.subscriptions.SubscriptionsDisabledException)
ParseException(org.json.simple.parser.ParseException)
IOException(java.io.IOException)
Writer(java.io.Writer)
Aggregations
NoSuchPersonException (org.alfresco.service.cmr.security.NoSuchPersonException)3
IOException (java.io.IOException)1
Writer (java.io.Writer)1
CharacterCodingException (java.nio.charset.CharacterCodingException)1
CharsetDecoder (java.nio.charset.CharsetDecoder)1
HashSet (java.util.HashSet)1
LinkedHashSet (java.util.LinkedHashSet)1
HttpServletRequest (javax.servlet.http.HttpServletRequest)1
HttpServletResponse (javax.servlet.http.HttpServletResponse)1
SessionUser (org.alfresco.repo.SessionUser)1
AuthenticationException (org.alfresco.repo.security.authentication.AuthenticationException)1
Authorization (org.alfresco.repo.security.authentication.Authorization)1
AccessDeniedException (org.alfresco.repo.security.permissions.AccessDeniedException)1
BasicAuthCredentials (org.alfresco.repo.web.auth.BasicAuthCredentials)1
TicketCredentials (org.alfresco.repo.web.auth.TicketCredentials)1
NodeRef (org.alfresco.service.cmr.repository.NodeRef)1
PersonService (org.alfresco.service.cmr.security.PersonService)1
PrivateSubscriptionListException (org.alfresco.service.cmr.subscriptions.PrivateSubscriptionListException)1
SubscriptionsDisabledException (org.alfresco.service.cmr.subscriptions.SubscriptionsDisabledException)1
JSONArray (org.json.simple.JSONArray)1
