Revision: 29348
Author: aschrijvers
Date: 2011-08-05 11:18:43 +0200 (Fri, 05 Aug 2011)
Log Message:
-----------
HSTTWO-1701 change the logic for composer pipeline: The composer pipeline
always falls through the initial check in the cms security valve now
Modified Paths:
--------------
hippo-cms7/site-toolkit/trunk/client-modules/page-composer/src/main/resources/org/hippoecm/hst/pagecomposer/SpringComponentManager-pagecomposer.xml
hippo-cms7/site-toolkit/trunk/components/core/src/main/java/org/hippoecm/hst/core/container/CmsSecurityValve.java
Modified:
hippo-cms7/site-toolkit/trunk/client-modules/page-composer/src/main/resources/org/hippoecm/hst/pagecomposer/SpringComponentManager-pagecomposer.xml
===================================================================
---
hippo-cms7/site-toolkit/trunk/client-modules/page-composer/src/main/resources/org/hippoecm/hst/pagecomposer/SpringComponentManager-pagecomposer.xml
2011-08-05 08:56:24 UTC (rev 29347)
+++
hippo-cms7/site-toolkit/trunk/client-modules/page-composer/src/main/resources/org/hippoecm/hst/pagecomposer/SpringComponentManager-pagecomposer.xml
2011-08-05 09:18:43 UTC (rev 29348)
@@ -78,6 +78,13 @@
<constructor-arg ref="jaxrsHstConfigService"/>
</bean>
+
+ <bean id="composerCmsSecurityValve" parent="abstractValve"
class="org.hippoecm.hst.core.container.CmsSecurityValve">
+ <property name="repository" ref="javax.jcr.Repository.cms"/>
+ <property name="renderHostCheck" value="false"/>
+ </bean>
+
+
<bean
class="org.springframework.beans.factory.config.MethodInvokingFactoryBean">
<property name="targetObject">
<bean
class="org.springframework.beans.factory.config.PropertyPathFactoryBean">
@@ -93,7 +100,7 @@
<property name="preInvokingValves">
<list>
<ref bean="initializationValve"/>
- <ref bean="cmsSecurityValve"/>
+ <ref bean="composerCmsSecurityValve"/>
</list>
</property>
<property name="invokingValves">
Modified:
hippo-cms7/site-toolkit/trunk/components/core/src/main/java/org/hippoecm/hst/core/container/CmsSecurityValve.java
===================================================================
---
hippo-cms7/site-toolkit/trunk/components/core/src/main/java/org/hippoecm/hst/core/container/CmsSecurityValve.java
2011-08-05 08:56:24 UTC (rev 29347)
+++
hippo-cms7/site-toolkit/trunk/components/core/src/main/java/org/hippoecm/hst/core/container/CmsSecurityValve.java
2011-08-05 09:18:43 UTC (rev 29348)
@@ -39,17 +39,27 @@
public class CmsSecurityValve extends AbstractValve {
private static final String SSO_BASED_SESSION_ATTR_NAME =
CmsSecurityValve.class.getName() + ".jcrSession";
+ private boolean renderHostCheck = true;
+
private Repository repository;
public void setRepository(Repository repository) {
this.repository = repository;
}
+ public void setRenderHostCheck(boolean renderHostCheck) {
+ this.renderHostCheck = renderHostCheck;
+ }
+
@Override
public void invoke(ValveContext context) throws ContainerException {
HttpServletRequest servletRequest = context.getServletRequest();
HttpServletResponse servletResponse = context.getServletResponse();
HstRequestContext requestContext = context.getRequestContext();
+ if(renderHostCheck && requestContext.getRenderHost() == null) {
+ context.invokeNext();
+ return;
+ }
log.debug("Request '{}' is invoked from CMS context. Check whether the
sso handshake is done.", servletRequest.getRequestURL());
ResolvedMount resolvedMount = requestContext.getResolvedMount();
HttpSession session = servletRequest.getSession(true);
_______________________________________________
Hippocms-svn mailing list
Hippocms-svn@lists.hippocms.org
http://lists.hippo.nl/mailman/listinfo/hippocms-svn
