Use anonymous user

git-svn-id: https://svn.argeo.org/commons/trunk@3117 4cfe0d0a-d680-48aa-b62c-e0a02a3f76cc

diff --git a/security/modules/org.argeo.security.webapp/WEB-INF/security.xml b/security/modules/org.argeo.security.webapp/WEB-INF/security.xml
index 3ae36186f57c26e4f64d63fd00ce5b08804cc2ae..b423327ff500eb92e69301cc61efba8ea3718cad 100644 (file)
--- a/security/modules/org.argeo.security.webapp/WEB-INF/security.xml
+++ b/security/modules/org.argeo.security.webapp/WEB-INF/security.xml
@@ -8,22 +8,27 @@
 
        <bean id="authenticationProcessingFilterEntryPoint"
                class="org.springframework.security.ui.webapp.AuthenticationProcessingFilterEntryPoint">
-               <property name="loginFormUrl" value="/getCredentials.security" />
+               <property name="loginFormUrl" value="/getCredentials.ria" />
                <property name="forceHttps" value="false" />
        </bean>
 
        <security:http entry-point-ref="authenticationProcessingFilterEntryPoint">
-               <security:intercept-url pattern="/**"
+               <security:intercept-url pattern="/*.security"
                        access="ROLE_USER,ROLE_ADMIN" />
-               <security:logout logout-url="/logout.ria" />
+               <security:intercept-url pattern="/*.ria"
+                       access="ROLE_ANONYMOUS,ROLE_USER" />
+               <security:logout logout-url="/logout.ria"
+                       logout-success-url="/getCredentials.ria" />
+               <security:anonymous username="anonymous"
+                       granted-authority="ROLE_ANONYMOUS" />
        </security:http>
 
        <bean id="authenticationProcessingFilter"
                class="org.springframework.security.ui.webapp.AuthenticationProcessingFilter">
                <security:custom-filter position="AUTHENTICATION_PROCESSING_FILTER" />
                <property name="authenticationManager" ref="_authenticationManager" />
-               <property name="authenticationFailureUrl" value="/getCredentials.security" />
-               <property name="defaultTargetUrl" value="/getCredentials.security" />
+               <property name="authenticationFailureUrl" value="/getCredentials.ria" />
+               <property name="defaultTargetUrl" value="/getCredentials.ria" />
                <property name="filterProcessesUrl" value="/login.ria" />
                <property name="usernameParameter" value="username" />
                <property name="passwordParameter" value="password" />

diff --git a/security/modules/org.argeo.security.webapp/WEB-INF/web.xml b/security/modules/org.argeo.security.webapp/WEB-INF/web.xml
index 1ea484fc84e6aae2a4546a76d56a9568c54ea49e..668da78992ccc1cefd4684c0741d6d863a509a16 100644 (file)
--- a/security/modules/org.argeo.security.webapp/WEB-INF/web.xml
+++ b/security/modules/org.argeo.security.webapp/WEB-INF/web.xml
@@ -19,6 +19,10 @@
                <servlet-name>security</servlet-name>
                <url-pattern>*.security</url-pattern>
        </servlet-mapping>
+       <servlet-mapping>
+               <servlet-name>security</servlet-name>
+               <url-pattern>*.ria</url-pattern>
+       </servlet-mapping>
 
        <!-- General -->
        <context-param>

diff --git a/security/runtime/org.argeo.security.core/src/main/java/org/argeo/security/core/ArgeoUserDetails.java b/security/runtime/org.argeo.security.core/src/main/java/org/argeo/security/core/ArgeoUserDetails.java
index a05dd1245399e931567cc56a9c0dc19a54c6c762..6793f3c1fa1a911e3f054b5550a964e8edeb280e 100644 (file)
--- a/security/runtime/org.argeo.security.core/src/main/java/org/argeo/security/core/ArgeoUserDetails.java
+++ b/security/runtime/org.argeo.security.core/src/main/java/org/argeo/security/core/ArgeoUserDetails.java
@@ -80,6 +80,9 @@ public class ArgeoUserDetails extends User implements ArgeoUser {
        }
 
        public static ArgeoUser asArgeoUser(Authentication authentication) {
+               if (authentication == null)
+                       return null;
+
                if (authentication.getPrincipal() instanceof ArgeoUser) {
                        return new SimpleArgeoUser((ArgeoUser) authentication
                                        .getPrincipal());

diff --git a/security/runtime/org.argeo.security.core/src/main/java/org/argeo/security/ldap/ArgeoSecurityDaoLdap.java b/security/runtime/org.argeo.security.core/src/main/java/org/argeo/security/ldap/ArgeoSecurityDaoLdap.java
index c5cda2ed4a15b81c38f52575fd277b232565e4ca..2fa2ce8b964fe8f1e091a384a621e8a6b888a624 100644 (file)
--- a/security/runtime/org.argeo.security.core/src/main/java/org/argeo/security/ldap/ArgeoSecurityDaoLdap.java
+++ b/security/runtime/org.argeo.security.core/src/main/java/org/argeo/security/ldap/ArgeoSecurityDaoLdap.java
@@ -105,6 +105,8 @@ public class ArgeoSecurityDaoLdap implements ArgeoSecurityDao, InitializingBean
                Authentication authentication = SecurityContextHolder.getContext()
                                .getAuthentication();
                ArgeoUser argeoUser = ArgeoUserDetails.asArgeoUser(authentication);
+               if (argeoUser == null)
+                       return null;
                if (argeoUser.getRoles().contains(defaultRole))
                        argeoUser.getRoles().remove(defaultRole);
                return argeoUser;

diff --git a/security/runtime/org.argeo.security.mvc/src/main/java/org/argeo/security/mvc/UsersRolesController.java b/security/runtime/org.argeo.security.mvc/src/main/java/org/argeo/security/mvc/UsersRolesController.java
index 8f096937f1fad65f16da22d44eabdd1dfaa04c30..31d2d0581797c1377edd3361a34e34dbec7f1f1d 100644 (file)
--- a/security/runtime/org.argeo.security.mvc/src/main/java/org/argeo/security/mvc/UsersRolesController.java
+++ b/security/runtime/org.argeo.security.mvc/src/main/java/org/argeo/security/mvc/UsersRolesController.java
@@ -5,6 +5,7 @@ import java.util.List;
 
 import org.argeo.security.ArgeoSecurityService;
 import org.argeo.security.ArgeoUser;
+import org.argeo.security.SimpleArgeoUser;
 import org.argeo.server.BooleanAnswer;
 import org.argeo.server.ServerAnswer;
 import org.argeo.server.ServerDeserializer;
@@ -26,25 +27,29 @@ public class UsersRolesController implements MvcConstants {
 
        /* USER */
 
-       @RequestMapping("/getCredentials.security")
+       @RequestMapping("/getCredentials.ria")
        @ModelAttribute(ANSWER_MODEL_KEY)
        public ArgeoUser getCredentials() {
-               return securityService.getSecurityDao().getCurrentUser();
+               ArgeoUser argeoUser = securityService.getSecurityDao().getCurrentUser();
+               if (argeoUser == null)
+                       return new SimpleArgeoUser();
+               else
+                       return argeoUser;
        }
 
-//     @RequestMapping("/login.security")
-//     @ModelAttribute(ANSWER_MODEL_KEY)
-//     public ArgeoUser login(@RequestParam("username") String username,
-//                     @RequestParam("password") String password) {
-//             //SecurityContextHolder.getContext().getAuthentication().
-//             return securityService.getSecurityDao().getCurrentUser();
-//     }
-//
-//     @RequestMapping("/logout.security")
-//     @ModelAttribute(ANSWER_MODEL_KEY)
-//     public ServerAnswer logout() {
-//             return ServerAnswer.ok("Logged out");
-//     }
+       // @RequestMapping("/login.security")
+       // @ModelAttribute(ANSWER_MODEL_KEY)
+       // public ArgeoUser login(@RequestParam("username") String username,
+       // @RequestParam("password") String password) {
+       // //SecurityContextHolder.getContext().getAuthentication().
+       // return securityService.getSecurityDao().getCurrentUser();
+       // }
+       //
+       // @RequestMapping("/logout.security")
+       // @ModelAttribute(ANSWER_MODEL_KEY)
+       // public ServerAnswer logout() {
+       // return ServerAnswer.ok("Logged out");
+       // }
 
        @RequestMapping("/getUsersList.security")
        @ModelAttribute(ANSWER_MODEL_KEY)