Class DefaultRemoteUserMapper
- java.lang.Object
-
- org.alfresco.repo.security.authentication.external.DefaultRemoteUserMapper
-
- All Implemented Interfaces:
ActivateableBean,RemoteUserMapper
public class DefaultRemoteUserMapper extends java.lang.Object implements RemoteUserMapper, ActivateableBean
A defaultRemoteUserMapperimplementation. Extracts a user ID usingHttpServletRequest.getRemoteUser()and optionally from a configured request header. If there is no configured proxy user name, it returns the request header user name if there is one, or the remote user name otherwise. If there is a configured proxy user, then it returns the request header user name if the remote user matches the proxy user, or the remote user otherwise. An optional regular expression defining how to convert the header to a user ID can be configured usingsetUserIdPattern(String). This allows for the secure proxying of requests from a Surf client such as Alfresco Share using SSL client certificates.- Author:
- dward
-
-
Constructor Summary
Constructors Constructor Description DefaultRemoteUserMapper()
-
Method Summary
All Methods Instance Methods Concrete Methods Modifier and Type Method Description java.lang.StringgetRemoteUser(javax.servlet.http.HttpServletRequest request)Gets an externally authenticated user ID from an HTTP request.booleanisActive()Determines whether this bean is active.voidsetActive(boolean isEnabled)Controls whether the mapper is enabled.voidsetPersonService(PersonService personService)Sets the person service.voidsetProxyHeader(java.lang.String proxyHeader)Sets the name of the header containing the ID of a proxied user.voidsetProxyUserName(java.lang.String proxyUserName)Sets the name of the remote user used to 'proxy' requests securely in the name of another user.voidsetUserIdPattern(java.lang.String userIdPattern)Sets a regular expression for extracting a user ID from the header.
-
-
-
Method Detail
-
setProxyUserName
public void setProxyUserName(java.lang.String proxyUserName)
Sets the name of the remote user used to 'proxy' requests securely in the name of another user. Typically this remote identity will be protected by an SSL client certificate.- Parameters:
proxyUserName- the proxy user name. Ifnullor empty, then the header will be checked regardless of remote user identity.
-
setProxyHeader
public void setProxyHeader(java.lang.String proxyHeader)
Sets the name of the header containing the ID of a proxied user.- Parameters:
proxyHeader- the proxy header name
-
setActive
public void setActive(boolean isEnabled)
Controls whether the mapper is enabled. When disabledgetRemoteUser(HttpServletRequest)will always returnnull- Parameters:
isEnabled- Is this mapper enabled?
-
setUserIdPattern
public void setUserIdPattern(java.lang.String userIdPattern)
Sets a regular expression for extracting a user ID from the header. If this is not set, then the entire contents of the header will be used as the user ID.- Parameters:
userIdPattern- the regular expression
-
setPersonService
public void setPersonService(PersonService personService)
Sets the person service.- Parameters:
personService- the person service
-
getRemoteUser
public java.lang.String getRemoteUser(javax.servlet.http.HttpServletRequest request)
Description copied from interface:RemoteUserMapperGets an externally authenticated user ID from an HTTP request.- Specified by:
getRemoteUserin interfaceRemoteUserMapper- Parameters:
request- the request- Returns:
- the user ID or
nullif the user is unauthenticated
-
isActive
public boolean isActive()
Description copied from interface:ActivateableBeanDetermines whether this bean is active.- Specified by:
isActivein interfaceActivateableBean- Returns:
trueif this bean is active
-
-