Package org.alfresco.repo.security.authentication

Class AuthenticationUtil

  • All Implemented Interfaces:
    org.springframework.beans.factory.InitializingBean
    @AlfrescoPublicApi
public class AuthenticationUtil
extends Object
implements org.springframework.beans.factory.InitializingBean
    Utility helper methods to change the authenticated context for threads.

    • Constructor Detail

      • AuthenticationUtil

        public AuthenticationUtil()

    • Method Detail

      • afterPropertiesSet

        public void afterPropertiesSet()
                        throws Exception
        Specified by:
        afterPropertiesSet in interface org.springframework.beans.factory.InitializingBean
        Throws:
        Exception

      • setDefaultAdminUserName

        public void setDefaultAdminUserName​(String defaultAdminUserName)

      • setDefaultGuestUserName

        public void setDefaultGuestUserName​(String defaultGuestUserName)

      • setMtEnabled

        public static void setMtEnabled​(boolean mtEnabled)

      • isMtEnabled

        public static boolean isMtEnabled()

      • maskUsername

        public static String maskUsername​(String userName)

      • getMaskedUsername

        public static String getMaskedUsername​(net.sf.acegisecurity.Authentication authentication)

      • setAdminUserAsFullyAuthenticatedUser

        public static net.sf.acegisecurity.Authentication setAdminUserAsFullyAuthenticatedUser()
        Authenticate as the Admin user. The Admin user will be authenticated and all operations with be run in the context of this Admin user.
        Returns:
        the authentication token

      • setFullyAuthenticatedUser

        public static net.sf.acegisecurity.Authentication setFullyAuthenticatedUser​(String userName)
        Authenticate as the given user. The user will be authenticated and all operations with be run in the context of this user.
        Parameters:
        userName - the user name
        Returns:
        the authentication token

      • setFullAuthentication

        public static net.sf.acegisecurity.Authentication setFullAuthentication​(net.sf.acegisecurity.Authentication authentication)
        Re-authenticate using a previously-created authentication.

      • setRunAsUserSystem

        public static net.sf.acegisecurity.Authentication setRunAsUserSystem()
        WARN: Advanced usage only.
        Set the system user as the currently running user for authentication purposes.
        Returns:
        Authentication
        See Also:
        setRunAsUser(String)

      • setRunAsUser

        public static net.sf.acegisecurity.Authentication setRunAsUser​(String userName)
        WARN: Advanced usage only.
        Switch to the given user for all authenticated operations. The original, authenticated user can still be found using getFullyAuthenticatedUser().
        Parameters:
        userName - the user to run as
        Returns:
        the new authentication

      • getRunAsAuthentication

        public static net.sf.acegisecurity.Authentication getRunAsAuthentication()
                                                                  throws AuthenticationException
        Get the current authentication for application of permissions. This includes the any overlay details set by setRunAsUser(String).
        Returns:
        Authentication Returns the running authentication
        Throws:
        AuthenticationException

      • getFullAuthentication

        public static net.sf.acegisecurity.Authentication getFullAuthentication()
                                                                 throws AuthenticationException
        WARN: Advanced usage only.
        Get the authentication for that was set by an real authentication.
        Returns:
        Authentication Returns the real authentication
        Throws:
        AuthenticationException

      • isRunAsUserTheSystemUser

        public static boolean isRunAsUserTheSystemUser()

      • getFullyAuthenticatedUser

        public static String getFullyAuthenticatedUser()
                                        throws AuthenticationException
        Get the fully authenticated user. It returns the name of the user that last authenticated and excludes any overlay authentication set by runAs.
        Returns:
        Returns the name of the authenticated user
        Throws:
        AuthenticationException

      • getSystemUserName

        public static String getSystemUserName()
        Get the name of the system user
        Returns:
        system user name

      • getAdminUserName

        public static String getAdminUserName()
        Get the name of the default admin user (the admin user created during bootstrap)
        Returns:
        admin user name

      • getAdminRoleName

        public static String getAdminRoleName()

      • getGuestUserName

        public static String getGuestUserName()
        Get the name of the Guest User

      • getGuestRoleName

        public static String getGuestRoleName()
        Get the name of the guest role

      • clearCurrentSecurityContext

        public static void clearCurrentSecurityContext()
        Remove the current security information

      • runAs

        public static <R> R runAs​(AuthenticationUtil.RunAsWork<R> runAsWork,
                          String uid)
        Execute a unit of work as a given user. The thread's authenticated user will be returned to its normal state after the call.
        Parameters:
        runAsWork - the unit of work to do
        uid - the user ID
        Returns:
        Returns the work's return value

      • pushAuthentication

        public static void pushAuthentication()
        Push the current authentication context onto a threadlocal stack.

      • popAuthentication

        public static void popAuthentication()
        Pop the authentication context from a threadlocal stack.

      • logAuthenticatedUsers

        public static void logAuthenticatedUsers()
        Logs the current authenticated users

      • logNDC

        public static void logNDC​(String userNameIn)