details: https://code.openbravo.com/erp/devel/pi/rev/2b882d173e1f
changeset: 17812:2b882d173e1f
user: Antonio Moreno <antonio.moreno <at> openbravo.com>
date: Thu Aug 30 13:39:45 2012 +0200
summary: Fixed issue 21508. Added the capability for components not to need
the user to have logged in
diffstat:
modules/org.openbravo.client.kernel/src/org/openbravo/client/kernel/BaseComponent.java
| 4 +
modules/org.openbravo.client.kernel/src/org/openbravo/client/kernel/KernelServlet.java
| 23 ++++++++-
src/org/openbravo/base/secureApp/HttpSecureAppServlet.java
| 7 +++
3 files changed, 31 insertions(+), 3 deletions(-)
diffs (90 lines):
diff -r 1549d7119a63 -r 2b882d173e1f
modules/org.openbravo.client.kernel/src/org/openbravo/client/kernel/BaseComponent.java
---
a/modules/org.openbravo.client.kernel/src/org/openbravo/client/kernel/BaseComponent.java
Thu Aug 30 10:04:37 2012 +0200
+++
b/modules/org.openbravo.client.kernel/src/org/openbravo/client/kernel/BaseComponent.java
Thu Aug 30 13:39:45 2012 +0200
@@ -312,4 +312,8 @@
protected boolean isClassicMode() {
return getApplicationName().equals(ComponentResource.APP_CLASSIC);
}
+
+ public boolean bypassAuthentication() {
+ return false;
+ }
}
diff -r 1549d7119a63 -r 2b882d173e1f
modules/org.openbravo.client.kernel/src/org/openbravo/client/kernel/KernelServlet.java
---
a/modules/org.openbravo.client.kernel/src/org/openbravo/client/kernel/KernelServlet.java
Thu Aug 30 10:04:37 2012 +0200
+++
b/modules/org.openbravo.client.kernel/src/org/openbravo/client/kernel/KernelServlet.java
Thu Aug 30 13:39:45 2012 +0200
@@ -91,6 +91,19 @@
servletContext = config.getServletContext();
}
+ public void service(final HttpServletRequest request, HttpServletResponse
response)
+ throws ServletException, IOException {
+
+ final String action =
request.getParameter(KernelConstants.ACTION_PARAMETER);
+ if (action == null) {
+ Component component = getComponent(request);
+ if (component instanceof BaseComponent && ((BaseComponent)
component).bypassAuthentication()) {
+ request.getSession().setAttribute("forceLogin", "Y");
+ }
+ }
+ super.service(request, response);
+ }
+
@Override
public void doGet(HttpServletRequest request, HttpServletResponse response)
throws IOException,
ServletException {
@@ -107,8 +120,7 @@
}
}
- protected void processComponentRequest(HttpServletRequest request,
HttpServletResponse response)
- throws IOException, ServletException {
+ private Component getComponent(HttpServletRequest request) {
final int nameIndex = request.getRequestURI().indexOf(servletPathPart);
final String servicePart = request.getRequestURI().substring(nameIndex);
@@ -117,7 +129,6 @@
throw new UnsupportedOperationException("No service name present in url "
+ request.getRequestURI());
}
-
final String componentProviderName = pathParts[1];
final ComponentProvider componentProvider = componentProviders.select(
@@ -132,6 +143,12 @@
final Map<String, Object> parameters = getParameterMap(request);
final Component component = componentProvider.getComponent(componentId,
parameters);
+ return component;
+ }
+
+ protected void processComponentRequest(HttpServletRequest request,
HttpServletResponse response)
+ throws IOException, ServletException {
+ Component component = getComponent(request);
OBContext.setAdminMode();
String eTag;
try {
diff -r 1549d7119a63 -r 2b882d173e1f
src/org/openbravo/base/secureApp/HttpSecureAppServlet.java
--- a/src/org/openbravo/base/secureApp/HttpSecureAppServlet.java Thu Aug
30 10:04:37 2012 +0200
+++ b/src/org/openbravo/base/secureApp/HttpSecureAppServlet.java Thu Aug
30 13:39:45 2012 +0200
@@ -207,6 +207,10 @@
OBContext.setAdminMode();
strUserAuth = m_AuthManager.authenticate(request, response);
+ if (strUserAuth == null &&
"Y".equals(request.getSession().getAttribute("forceLogin"))) {
+ strUserAuth = "0";
+ variables.loggingIn = "Y";
+ }
if (strUserAuth == null) {
// auth-manager return null after redirecting to the login page ->
stop request-processing
@@ -217,6 +221,9 @@
boolean loggedOK = false;
+ if ("Y".equals(request.getSession().getAttribute("forceLogin"))) {
+ variables.loggingIn = "Y";
+ }
// NOTE !isLoggingIn assumes that the value of LoggingIn is N, this
// is done by the fillSessionArguments below
if (!variables.isLoggingIn()) {
------------------------------------------------------------------------------
Live Security Virtual Conference
Exclusive live event will cover all the ways today's security and
threat landscape has changed and how IT managers can respond. Discussions
will include endpoint security, mobile security and the latest in malware
threats. http://www.accelacomm.com/jaw/sfrnl04242012/114/50122263/
_______________________________________________
Openbravo-commits mailing list
[email protected]
https://lists.sourceforge.net/lists/listinfo/openbravo-commits
