In the jspui environment, when a user does not have say READ permission to
access a bitstream he is asked to authenticate. The code that sends the page
to the user to authenticate is in DSpaceServlet.java in the method
processRequest. Where is this sort of decision making done in the jspui
environment?
Thank you! Jose
Here it is in DSpaceServlet.java:
catch (AuthorizeException ae)
{
/*
* If no user is logged in, we will start authentication, since if
* they authenticate, they might be allowed to do what they tried to
* do. If someone IS logged in, and we got this exception, we know
* they tried to do something they aren't allowed to, so we display
* an error in that case.
*/
if (context.getCurrentUser() != null ||
Authenticate.startAuthentication(context, request, response))
{
// FIXME: Log the right info?
// Log the error
log.info(LogManager.getHeader(context, "authorize_error", ae
.toString()));
JSPManager.showAuthorizeError(request, response, ae);
}
}
------------------------------------------------------------------------------
Better than sec? Nothing is better than sec when it comes to
monitoring Big Data applications. Try Boundary one-second
resolution app monitoring today. Free.
http://p.sf.net/sfu/Boundary-dev2dev
_______________________________________________
DSpace-tech mailing list
DSpace-tech@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/dspace-tech
