org.alfresco.web.app.servlet
Class DefaultRemoteUserMapper

java.lang.Object
  extended by org.alfresco.web.app.servlet.DefaultRemoteUserMapper
All Implemented Interfaces:
org.alfresco.repo.management.subsystems.ActivateableBean, org.alfresco.repo.webdav.auth.RemoteUserMapper

public class DefaultRemoteUserMapper
extends java.lang.Object
implements org.alfresco.repo.webdav.auth.RemoteUserMapper, org.alfresco.repo.management.subsystems.ActivateableBean

A default RemoteUserMapper implementation. Extracts a user ID using HttpServletRequest.getRemoteUser() and optionally from a configured request header. If there is no configured proxy user name, it returns the request header user name if there is one, or the remote user name otherwise. If there is a configured proxy user, then it returns the request header user name if the remote user matches the proxy user, or the remote user otherwise. An optional regular expression defining how to convert the header to a user ID can be configured using DefaultRemoteUserMapper.setUserIdPattern(String). This allows for the secure proxying of requests from a Surf client such as Alfresco Share using SSL client certificates.


Constructor Summary
DefaultRemoteUserMapper()
           
 
Method Summary
 java.lang.String getRemoteUser(javax.servlet.http.HttpServletRequest request)
           
 boolean isActive()
           
 void setActive(boolean isEnabled)
          Controls whether the mapper is enabled.
 void setPersonService(org.alfresco.service.cmr.security.PersonService personService)
          Sets the person service.
 void setProxyHeader(java.lang.String proxyHeader)
          Sets the name of the header containing the ID of a proxied user.
 void setProxyUserName(java.lang.String proxyUserName)
          Sets the name of the remote user used to 'proxy' requests securely in the name of another user.
 void setUserIdPattern(java.lang.String userIdPattern)
          Sets a regular expression for extracting a user ID from the header.
 
Methods inherited from class java.lang.Object
clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait
 

Constructor Detail

DefaultRemoteUserMapper

public DefaultRemoteUserMapper()
Method Detail

setProxyUserName

public void setProxyUserName(java.lang.String proxyUserName)
Sets the name of the remote user used to 'proxy' requests securely in the name of another user. Typically this remote identity will be protected by an SSL client certificate.

Parameters:
proxyUserName - the proxy user name. If null or empty, then the header will be checked regardless of remote user identity.

setProxyHeader

public void setProxyHeader(java.lang.String proxyHeader)
Sets the name of the header containing the ID of a proxied user.

Parameters:
proxyHeader - the proxy header name

setActive

public void setActive(boolean isEnabled)
Controls whether the mapper is enabled. When disabled DefaultRemoteUserMapper.getRemoteUser(HttpServletRequest) will always return null

Parameters:
isEnabled - Is this mapper enabled?

setUserIdPattern

public void setUserIdPattern(java.lang.String userIdPattern)
Sets a regular expression for extracting a user ID from the header. If this is not set, then the entire contents of the header will be used as the user ID.

Parameters:
userIdPattern - the regular expression

setPersonService

public void setPersonService(org.alfresco.service.cmr.security.PersonService personService)
Sets the person service.

Parameters:
personService - the person service

getRemoteUser

public java.lang.String getRemoteUser(javax.servlet.http.HttpServletRequest request)
Specified by:
getRemoteUser in interface org.alfresco.repo.webdav.auth.RemoteUserMapper

isActive

public boolean isActive()
Specified by:
isActive in interface org.alfresco.repo.management.subsystems.ActivateableBean


Copyright © 2005 - 2010 Alfresco Software, Inc. All Rights Reserved.