From 51cdd7c0883f0ccd756f0f5d0dc2ac97b327d25d Mon Sep 17 00:00:00 2001
From: Mathieu Baudier <mbaudier@argeo.org>
Date: Thu, 19 Nov 2009 18:18:38 +0000
Subject: [PATCH] Use anonymous user

git-svn-id: https://svn.argeo.org/commons/trunk@3117 4cfe0d0a-d680-48aa-b62c-e0a02a3f76cc
---
 .../WEB-INF/security.xml                      | 15 +++++---
 .../org.argeo.security.webapp/WEB-INF/web.xml |  4 +++
 .../argeo/security/core/ArgeoUserDetails.java |  3 ++
 .../security/ldap/ArgeoSecurityDaoLdap.java   |  2 ++
 .../security/mvc/UsersRolesController.java    | 35 +++++++++++--------
 5 files changed, 39 insertions(+), 20 deletions(-)

diff --git a/security/modules/org.argeo.security.webapp/WEB-INF/security.xml b/security/modules/org.argeo.security.webapp/WEB-INF/security.xml
index 3ae36186f..b423327ff 100644
--- a/security/modules/org.argeo.security.webapp/WEB-INF/security.xml
+++ b/security/modules/org.argeo.security.webapp/WEB-INF/security.xml
@@ -8,22 +8,27 @@
 
 	<bean id="authenticationProcessingFilterEntryPoint"
 		class="org.springframework.security.ui.webapp.AuthenticationProcessingFilterEntryPoint">
-		<property name="loginFormUrl" value="/getCredentials.security" />
+		<property name="loginFormUrl" value="/getCredentials.ria" />
 		<property name="forceHttps" value="false" />
 	</bean>
 
 	<security:http entry-point-ref="authenticationProcessingFilterEntryPoint">
-		<security:intercept-url pattern="/**"
+		<security:intercept-url pattern="/*.security"
 			access="ROLE_USER,ROLE_ADMIN" />
-		<security:logout logout-url="/logout.ria" />
+		<security:intercept-url pattern="/*.ria"
+			access="ROLE_ANONYMOUS,ROLE_USER" />
+		<security:logout logout-url="/logout.ria"
+			logout-success-url="/getCredentials.ria" />
+		<security:anonymous username="anonymous"
+			granted-authority="ROLE_ANONYMOUS" />
 	</security:http>
 
 	<bean id="authenticationProcessingFilter"
 		class="org.springframework.security.ui.webapp.AuthenticationProcessingFilter">
 		<security:custom-filter position="AUTHENTICATION_PROCESSING_FILTER" />
 		<property name="authenticationManager" ref="_authenticationManager" />
-		<property name="authenticationFailureUrl" value="/getCredentials.security" />
-		<property name="defaultTargetUrl" value="/getCredentials.security" />
+		<property name="authenticationFailureUrl" value="/getCredentials.ria" />
+		<property name="defaultTargetUrl" value="/getCredentials.ria" />
 		<property name="filterProcessesUrl" value="/login.ria" />
 		<property name="usernameParameter" value="username" />
 		<property name="passwordParameter" value="password" />
diff --git a/security/modules/org.argeo.security.webapp/WEB-INF/web.xml b/security/modules/org.argeo.security.webapp/WEB-INF/web.xml
index 1ea484fc8..668da7899 100644
--- a/security/modules/org.argeo.security.webapp/WEB-INF/web.xml
+++ b/security/modules/org.argeo.security.webapp/WEB-INF/web.xml
@@ -19,6 +19,10 @@
 		<servlet-name>security</servlet-name>
 		<url-pattern>*.security</url-pattern>
 	</servlet-mapping>
+	<servlet-mapping>
+		<servlet-name>security</servlet-name>
+		<url-pattern>*.ria</url-pattern>
+	</servlet-mapping>
 
 	<!-- General -->
 	<context-param>
diff --git a/security/runtime/org.argeo.security.core/src/main/java/org/argeo/security/core/ArgeoUserDetails.java b/security/runtime/org.argeo.security.core/src/main/java/org/argeo/security/core/ArgeoUserDetails.java
index a05dd1245..6793f3c1f 100644
--- a/security/runtime/org.argeo.security.core/src/main/java/org/argeo/security/core/ArgeoUserDetails.java
+++ b/security/runtime/org.argeo.security.core/src/main/java/org/argeo/security/core/ArgeoUserDetails.java
@@ -80,6 +80,9 @@ public class ArgeoUserDetails extends User implements ArgeoUser {
 	}
 
 	public static ArgeoUser asArgeoUser(Authentication authentication) {
+		if (authentication == null)
+			return null;
+
 		if (authentication.getPrincipal() instanceof ArgeoUser) {
 			return new SimpleArgeoUser((ArgeoUser) authentication
 					.getPrincipal());
diff --git a/security/runtime/org.argeo.security.core/src/main/java/org/argeo/security/ldap/ArgeoSecurityDaoLdap.java b/security/runtime/org.argeo.security.core/src/main/java/org/argeo/security/ldap/ArgeoSecurityDaoLdap.java
index c5cda2ed4..2fa2ce8b9 100644
--- a/security/runtime/org.argeo.security.core/src/main/java/org/argeo/security/ldap/ArgeoSecurityDaoLdap.java
+++ b/security/runtime/org.argeo.security.core/src/main/java/org/argeo/security/ldap/ArgeoSecurityDaoLdap.java
@@ -105,6 +105,8 @@ public class ArgeoSecurityDaoLdap implements ArgeoSecurityDao, InitializingBean
 		Authentication authentication = SecurityContextHolder.getContext()
 				.getAuthentication();
 		ArgeoUser argeoUser = ArgeoUserDetails.asArgeoUser(authentication);
+		if (argeoUser == null)
+			return null;
 		if (argeoUser.getRoles().contains(defaultRole))
 			argeoUser.getRoles().remove(defaultRole);
 		return argeoUser;
diff --git a/security/runtime/org.argeo.security.mvc/src/main/java/org/argeo/security/mvc/UsersRolesController.java b/security/runtime/org.argeo.security.mvc/src/main/java/org/argeo/security/mvc/UsersRolesController.java
index 8f096937f..31d2d0581 100644
--- a/security/runtime/org.argeo.security.mvc/src/main/java/org/argeo/security/mvc/UsersRolesController.java
+++ b/security/runtime/org.argeo.security.mvc/src/main/java/org/argeo/security/mvc/UsersRolesController.java
@@ -5,6 +5,7 @@ import java.util.List;
 
 import org.argeo.security.ArgeoSecurityService;
 import org.argeo.security.ArgeoUser;
+import org.argeo.security.SimpleArgeoUser;
 import org.argeo.server.BooleanAnswer;
 import org.argeo.server.ServerAnswer;
 import org.argeo.server.ServerDeserializer;
@@ -26,25 +27,29 @@ public class UsersRolesController implements MvcConstants {
 
 	/* USER */
 
-	@RequestMapping("/getCredentials.security")
+	@RequestMapping("/getCredentials.ria")
 	@ModelAttribute(ANSWER_MODEL_KEY)
 	public ArgeoUser getCredentials() {
-		return securityService.getSecurityDao().getCurrentUser();
+		ArgeoUser argeoUser = securityService.getSecurityDao().getCurrentUser();
+		if (argeoUser == null)
+			return new SimpleArgeoUser();
+		else
+			return argeoUser;
 	}
 
-//	@RequestMapping("/login.security")
-//	@ModelAttribute(ANSWER_MODEL_KEY)
-//	public ArgeoUser login(@RequestParam("username") String username,
-//			@RequestParam("password") String password) {
-//		//SecurityContextHolder.getContext().getAuthentication().
-//		return securityService.getSecurityDao().getCurrentUser();
-//	}
-//
-//	@RequestMapping("/logout.security")
-//	@ModelAttribute(ANSWER_MODEL_KEY)
-//	public ServerAnswer logout() {
-//		return ServerAnswer.ok("Logged out");
-//	}
+	// @RequestMapping("/login.security")
+	// @ModelAttribute(ANSWER_MODEL_KEY)
+	// public ArgeoUser login(@RequestParam("username") String username,
+	// @RequestParam("password") String password) {
+	// //SecurityContextHolder.getContext().getAuthentication().
+	// return securityService.getSecurityDao().getCurrentUser();
+	// }
+	//
+	// @RequestMapping("/logout.security")
+	// @ModelAttribute(ANSWER_MODEL_KEY)
+	// public ServerAnswer logout() {
+	// return ServerAnswer.ok("Logged out");
+	// }
 
 	@RequestMapping("/getUsersList.security")
 	@ModelAttribute(ANSWER_MODEL_KEY)
-- 
2.30.2