You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@sling.apache.org by fm...@apache.org on 2011/11/23 22:22:23 UTC
svn commit: r1205605 - in
/sling/trunk/bundles/auth/core/src/main/java/org/apache/sling/auth/core:
AuthConstants.java impl/SlingAuthenticator.java
Author: fmeschbe
Date: Wed Nov 23 21:22:22 2011
New Revision: 1205605
URL: http://svn.apache.org/viewvc?rev=1205605&view=rev
Log:
SLING-2300 Fixing support for AuthenticationInfo post processing: For anonymous requests, the AuthenticationInfo instance should always be prepared (even if it is just an empty map). This instance is then passed to the post processors and later used to access the anonymous resource resolver. In addition the J_WORKSPACE constant is removed from the AuthConstants class again because Auth Core has nothing to do with workspaces.
Modified:
sling/trunk/bundles/auth/core/src/main/java/org/apache/sling/auth/core/AuthConstants.java
sling/trunk/bundles/auth/core/src/main/java/org/apache/sling/auth/core/impl/SlingAuthenticator.java
Modified: sling/trunk/bundles/auth/core/src/main/java/org/apache/sling/auth/core/AuthConstants.java
URL: http://svn.apache.org/viewvc/sling/trunk/bundles/auth/core/src/main/java/org/apache/sling/auth/core/AuthConstants.java?rev=1205605&r1=1205604&r2=1205605&view=diff
==============================================================================
--- sling/trunk/bundles/auth/core/src/main/java/org/apache/sling/auth/core/AuthConstants.java (original)
+++ sling/trunk/bundles/auth/core/src/main/java/org/apache/sling/auth/core/AuthConstants.java Wed Nov 23 21:22:22 2011
@@ -77,21 +77,6 @@ public final class AuthConstants {
*/
public static final String AUTH_HANDLER_BROWSER_ONLY = "sling.auth.browser-only";
- /**
- * The name of the request parameter (or request attribute) indicating the
- * workspace to use.
- * <p>
- * The {@link AuthenticationSupport} service implemented by this bundle will
- * respect this parameter and attribute and ensure the
- * <code>jcr.user.workspace</code> attribute of the
- * {@link org.apache.sling.auth.core.spi.AuthenticationInfo} used for
- * accessing the resource resolver is set to this value (unless the property
- * has already been set by the
- * {@link org.apache.sling.auth.core.spi.AuthenticationHandler} providing
- * the {@link org.apache.sling.auth.core.spi.AuthenticationInfo} instance).
- */
- public static final String J_WORKSPACE = "j_workspace";
-
private AuthConstants() {
}
Modified: sling/trunk/bundles/auth/core/src/main/java/org/apache/sling/auth/core/impl/SlingAuthenticator.java
URL: http://svn.apache.org/viewvc/sling/trunk/bundles/auth/core/src/main/java/org/apache/sling/auth/core/impl/SlingAuthenticator.java?rev=1205605&r1=1205604&r2=1205605&view=diff
==============================================================================
--- sling/trunk/bundles/auth/core/src/main/java/org/apache/sling/auth/core/impl/SlingAuthenticator.java (original)
+++ sling/trunk/bundles/auth/core/src/main/java/org/apache/sling/auth/core/impl/SlingAuthenticator.java Wed Nov 23 21:22:22 2011
@@ -438,13 +438,10 @@ public class SlingAuthenticator implemen
final AuthenticationInfo authInfo = getAuthenticationInfo(request, response);
// 2. PostProcess credentials
- final AuthenticationInfo aiPostProc = (authInfo == null)
- ? new AuthenticationInfo("anonymous", "[null]")
- : authInfo;
try {
- postProcess(aiPostProc, request, response);
+ postProcess(authInfo, request, response);
} catch (LoginException e) {
- handleLoginFailure(request, response, aiPostProc.getUser(), e);
+ handleLoginFailure(request, response, authInfo.getUser(), e);
return false;
}
@@ -461,10 +458,10 @@ public class SlingAuthenticator implemen
doLogin(request, response);
return false;
- } else if (authInfo == null) {
+ } else if (authInfo.getAuthType() == null) {
log.debug("doHandleSecurity: No credentials in the request, anonymous");
- return getAnonymousResolver(request, response);
+ return getAnonymousResolver(request, response, authInfo);
} else {
@@ -695,8 +692,8 @@ public class SlingAuthenticator implemen
}
// no handler found for the request ....
- log.debug("getAuthenticationInfo: no handler could extract credentials");
- return null;
+ log.debug("getAuthenticationInfo: no handler could extract credentials; assuming anonymous");
+ return getAnonymousCredentials();
}
/**
@@ -818,16 +815,14 @@ public class SlingAuthenticator implemen
/** Try to acquire an anonymous ResourceResolver */
private boolean getAnonymousResolver(final HttpServletRequest request,
- final HttpServletResponse response) {
+ final HttpServletResponse response, final AuthenticationInfo authInfo) {
// Get an anonymous session if allowed, or if we are handling
// a request for the login servlet
if (isAnonAllowed(request)) {
try {
-
- Map<String, Object> credentials = getAnonymousCredentials();
- ResourceResolver resolver = resourceResolverFactory.getResourceResolver(credentials);
+ ResourceResolver resolver = resourceResolverFactory.getResourceResolver(authInfo);
// check whether the client asked for redirect after
// authentication and/or impersonation
@@ -898,17 +893,15 @@ public class SlingAuthenticator implemen
* whose authentication type is <code>null</code> and the user name and
* password are set according to the {@link #PAR_ANONYMOUS_USER} and
* {@link #PAR_ANONYMOUS_PASSWORD} configurations. Otherwise
- * <code>null</code> is returned.
+ * the user name and password fields are just <code>null</code>.
*/
- private Map<String, Object> getAnonymousCredentials() {
+ private AuthenticationInfo getAnonymousCredentials() {
+ AuthenticationInfo info = new AuthenticationInfo(null);
if (this.anonUser != null) {
- AuthenticationInfo info = new AuthenticationInfo(null);
info.setUser(this.anonUser);
info.setPassword(this.anonPassword);
- return info;
}
-
- return null;
+ return info;
}
private void handleLoginFailure(final HttpServletRequest request,