- Timestamp:
- 2023-10-11T17:55:40+13:00 (8 months ago)
- Location:
- main/trunk
- Files:
-
- 2 edited
Legend:
- Unmodified
- Added
- Removed
-
main/trunk/gli/src/org/greenstone/gatherer/Gatherer.java
r38259 r38302 2147 2147 return username; 2148 2148 } 2149 2150 2151 public boolean authenticate(String library_url_string) { 2149 2150 public String doRequest(String new_url, boolean forSession) { 2152 2151 String result; 2153 if(username == null) {2154 PasswordAuthentication pa = getPasswordAuthentication();2155 if (pa == null) {2156 // user cancelled2157 System.err.println("Authentication cancelled.");2158 displayError(Dictionary.get("WebswingAuthenticationError.Cancelled"));2159 return false;2160 2161 }2162 username = pa.getUserName();2163 2164 String password = new String(pa.getPassword());2165 2166 2152 try { 2167 String new_url = library_url_string+"?a=s&sa=authenticated-ping&excerptid=gs_content&un="+username+"&pw="+password;2168 2153 URL authenticationURL = new URL(new_url); 2169 HttpURLConnection conn = (HttpURLConnection)authenticationURL.openConnection(); 2154 HttpURLConnection conn = (HttpURLConnection)authenticationURL.openConnection(); 2155 if(forSession) { 2156 conn.setRequestProperty("Cookie", "JSESSIONID="+this.userJSessionID); 2157 } 2158 2170 2159 BufferedReader reader = new BufferedReader(new InputStreamReader(conn.getInputStream())); 2171 2160 result = ""; … … 2178 2167 System.err.println("There was an exception "+e.getMessage()); 2179 2168 displayError("There was an exception "+e.getMessage()); 2180 return false;2169 return null; 2181 2170 } 2182 2171 // Parse out the content nested inside <div ... id="gs_content"> </div> … … 2191 2180 System.err.println("Authentication Error: "+result); 2192 2181 displayError(result.replaceAll("'", "'")); 2182 return null; 2183 } 2184 2185 return result; 2186 } 2187 2188 2189 public boolean authenticate(String library_url_string) { 2190 String result = null; 2191 boolean authenticated = false; 2192 if(username != null) { 2193 String new_url = library_url_string+"?a=s&sa=get-groups-from-session&excerptid=gs_content&un="+username; 2194 2195 result = doRequest(new_url, true); 2196 if(result != null) { 2197 authenticated = true; 2198 } 2199 2200 } 2201 if(!authenticated) { 2202 PasswordAuthentication pa = getPasswordAuthentication(); 2203 if (pa == null) { 2204 // user cancelled 2205 System.err.println("Authentication cancelled."); 2206 displayError(Dictionary.get("WebswingAuthenticationError.Cancelled")); 2193 2207 return false; 2194 } 2195 } else { 2196 result = rawgroups; 2197 } 2208 2209 } 2210 username = pa.getUserName(); 2211 2212 String password = new String(pa.getPassword()); 2213 String new_url = library_url_string+"?a=s&sa=authenticated-ping&excerptid=gs_content&un="+username+"&pw="+password; 2214 result = doRequest(new_url, false); 2215 2216 if(result == null) { 2217 return false; 2218 } 2219 } 2220 2198 2221 groups = new HashSet<String>(); 2199 2222 String[] contents = result.split(","); -
main/trunk/greenstone3/src/java/org/greenstone/gsdl3/action/SystemAction.java
r34018 r38302 25 25 26 26 String tempVal = ""; 27 27 protected static final String SYSTEM_ACTION = "SystemAction"; 28 28 29 /** process a request */ 29 30 public Node process(Node message_node) … … 52 53 else if(subaction.equals("authenticated-ping")) { 53 54 to = "RemoteAuthentication"; // not "Authentication/RemoteAuthentication": MessageRouter knows to map the RemoteAuthentication service to the Authentication module 55 } else if(subaction.equals("get-groups-from-session")) { 56 String msg = ""; 57 58 String suppliedUsername = (String) params.get(GSParams.UN); 59 if(!suppliedUsername.equals(userContext.getUsername())) { 60 msg = "Authentication failed: incorrect username for current session."; 61 } else { 62 String groups = userContext.getGroupsString(); 63 String suppliedCollection = params.containsKey("col") ? suppliedCollection = (String) params.get("col") : ""; 64 65 if(suppliedCollection.equals("")) { 66 msg = groups; 67 } else { 68 69 if(groups.indexOf("all-collections-editor") != -1) { // Does this user have access to all collections? 70 msg = groups; 71 } else if(groups.indexOf("personal-collections-editor") != -1 && suppliedCollection.startsWith(suppliedUsername+"-")) { // Does this user have access to personal collections, and is this one? 72 msg = groups; 73 } else if(groups.indexOf(suppliedCollection+"-collection-editor") != -1) { // Does this user have access to this collection? 74 msg = groups; 75 } 76 else { 77 msg = "Authentication failed: user is not in the required group."; 78 //logger.error("*** Remote login failed. Groups did not match for the collection specified"); 79 } 80 } 81 } 82 83 Element response = doc.createElement(GSXML.RESPONSE_ELEM); 84 response.setAttribute(GSXML.FROM_ATT, SYSTEM_ACTION); 85 response.setAttribute(GSXML.TYPE_ATT, GSXML.REQUEST_TYPE_PROCESS); 86 Element s = GSXML.createTextElement(doc, GSXML.STATUS_ELEM, msg); 87 response.appendChild(s); 88 89 addSiteMetadata(response, userContext); 90 addInterfaceOptions(response); 91 92 result.appendChild(response); 93 return result; // done, no need to call a service 54 94 } 55 95 56 96 Element mr_request_message = doc.createElement(GSXML.MESSAGE_ELEM); 57 97 Element mr_request = GSXML.createBasicRequest(doc, GSXML.REQUEST_TYPE_SYSTEM, to, userContext);
Note:
See TracChangeset
for help on using the changeset viewer.