#5098 : Fix issue with authentication when using search bar

diff --git a/eu.etaxonomy.taxeditor.cdmlib/src/main/java/eu/etaxonomy/cdm/api/application/CdmApplicationState.java b/eu.etaxonomy.taxeditor.cdmlib/src/main/java/eu/etaxonomy/cdm/api/application/CdmApplicationState.java
index 551f5fafeacc229697741a4fc6c8058368b8f89f..41f33d8196fd7a420fb9933f4897179e99a3620d 100644 (file)
--- a/eu.etaxonomy.taxeditor.cdmlib/src/main/java/eu/etaxonomy/cdm/api/application/CdmApplicationState.java
+++ b/eu.etaxonomy.taxeditor.cdmlib/src/main/java/eu/etaxonomy/cdm/api/application/CdmApplicationState.java
@@ -13,6 +13,8 @@ import java.lang.reflect.InvocationTargetException;
 import java.lang.reflect.Method;
 import java.lang.reflect.Type;
 
+import org.springframework.security.core.context.SecurityContext;
+
 import eu.etaxonomy.cdm.api.service.ICommonService;
 import eu.etaxonomy.cdm.api.service.IService;
 import eu.etaxonomy.cdm.api.service.ITestService;
@@ -31,6 +33,9 @@ public class CdmApplicationState {
 
     private ICdmDataChangeService dataChangeService;
 
+    private SecurityContext securityContext;
+
+
     public static CdmApplicationState getInstance() {
         if(cdmApplicationState == null) {
             cdmApplicationState = new CdmApplicationState();
@@ -76,11 +81,43 @@ public class CdmApplicationState {
         getInstance().setDataChangeService(dataChangeService);
     }
 
+
+
+    /**
+     * @return the securityContext
+     */
+    public SecurityContext getSecurityContext() {
+        return securityContext;
+    }
+
+    /**
+     * @param securityContext the securityContext to set
+     */
+    public void setSecurityContext(SecurityContext securityContext) {
+        this.securityContext = securityContext;
+    }
+
+    /**
+     * @return the securityContext
+     */
+    public static SecurityContext getCurrentSecurityContext() {
+        return getInstance().getSecurityContext();
+    }
+
+    /**
+     * @param securityContext the securityContext to set
+     */
+    public static void setCurrentSecurityContext(SecurityContext securityContext) {
+        getInstance().setSecurityContext(securityContext);
+    }
+
     public static void dispose() {
         getInstance().setCurrentDataChangeService(null);
         getInstance().setAppConfig(null);
+        getInstance().setSecurityContext(null);
     }
 
+
     /**
      * Generic method that will scan the getters of {@link ICdmApplicationConfiguration} for the given service
      * interface. If a matching getter is found the according service implementation is returned by
@@ -118,6 +155,7 @@ public class CdmApplicationState {
         return service;
     }
 
+
     /**
      * @see #getService(Class)
      * As ICommonService is not extending IService we need a specific request here

diff --git a/eu.etaxonomy.taxeditor.cdmlib/src/main/java/eu/etaxonomy/taxeditor/service/CdmAuthenticatedHttpInvokerRequestExecutor.java b/eu.etaxonomy.taxeditor.cdmlib/src/main/java/eu/etaxonomy/taxeditor/service/CdmAuthenticatedHttpInvokerRequestExecutor.java
index eae2c2840b32d0bc25892a088b7b0aa5ea4f33ce..692a3bae15d3e80490d891f3748ee1431e713575 100644 (file)
--- a/eu.etaxonomy.taxeditor.cdmlib/src/main/java/eu/etaxonomy/taxeditor/service/CdmAuthenticatedHttpInvokerRequestExecutor.java
+++ b/eu.etaxonomy.taxeditor.cdmlib/src/main/java/eu/etaxonomy/taxeditor/service/CdmAuthenticatedHttpInvokerRequestExecutor.java
@@ -16,7 +16,9 @@ import org.apache.commons.httpclient.methods.PostMethod;
 import org.springframework.remoting.httpinvoker.CommonsHttpInvokerRequestExecutor;
 import org.springframework.remoting.httpinvoker.HttpInvokerClientConfiguration;
 import org.springframework.security.core.Authentication;
-import org.springframework.security.core.context.SecurityContextHolder;
+import org.springframework.security.core.context.SecurityContext;
+
+import eu.etaxonomy.cdm.api.application.CdmApplicationState;
 
 /**
  * @author cmathew
@@ -29,16 +31,16 @@ public class CdmAuthenticatedHttpInvokerRequestExecutor extends CommonsHttpInvok
     protected PostMethod createPostMethod(HttpInvokerClientConfiguration config) throws IOException {
         PostMethod postMethod = super.createPostMethod(config);
 
-        Authentication auth =
-                SecurityContextHolder.getContext().getAuthentication();
-
-        if ((auth != null) && (auth.getName() != null) &&
-                (auth.getCredentials() != null)) {
-            String base64 = auth.getName() + ":" + auth.getCredentials().toString();
-            postMethod.setRequestHeader("Authorization", "Basic " +
-                    new String(Base64.encodeBase64(base64.getBytes())));
+        SecurityContext securityContext = CdmApplicationState.getCurrentSecurityContext();
+        if(securityContext != null) {
+            Authentication auth = securityContext.getAuthentication();
+            if ((auth != null) && (auth.getName() != null) &&
+                    (auth.getCredentials() != null)) {
+                String base64 = auth.getName() + ":" + auth.getCredentials().toString();
+                postMethod.setRequestHeader("Authorization", "Basic " +
+                        new String(Base64.encodeBase64(base64.getBytes())));
+            }
         }
-
         return postMethod;
     }
 }
\ No newline at end of file

diff --git a/eu.etaxonomy.taxeditor.cdmlib/src/main/resources/log4j.xml b/eu.etaxonomy.taxeditor.cdmlib/src/main/resources/log4j.xml
index f5ed4bf5d3cd31ed136088dcbb5fd99683064f37..2c8a9f827c6f10f470e3c8bbb145505bef44b6a9 100644 (file)
--- a/eu.etaxonomy.taxeditor.cdmlib/src/main/resources/log4j.xml
+++ b/eu.etaxonomy.taxeditor.cdmlib/src/main/resources/log4j.xml
@@ -14,7 +14,7 @@
     </filter>
     <filter class="org.apache.log4j.filter.ExpressionFilter">
       <param name="expression"
-        value="msg like  '.*[net.sf.ehcache.pool.sizeof.SizeOf] - The configured limit of.*'" />
+        value="msg like  '.*object references was reached while attempting to calculate the size of the object graph.*'" />
       <param name="acceptOnMatch" value="false" />
     </filter>
   </appender>
@@ -29,8 +29,8 @@
 <!--     name="org.hibernate.collection.internal.AbstractPersistentCollection"> -->
 <!--     <level value="info" /> -->
 <!--   </logger> -->
-  <logger
-    name="eu.etaxonomy.taxeditor.service.CdmServiceRequestExecutor">
-    <level value="info" />
-  </logger>
+<!--   <logger -->
+<!--     name="eu.etaxonomy.taxeditor.service.CdmServiceRequestExecutor"> -->
+<!--     <level value="info" /> -->
+<!--   </logger> -->
 </log4j:configuration>
\ No newline at end of file

diff --git a/eu.etaxonomy.taxeditor.store/src/main/java/eu/etaxonomy/taxeditor/store/LoginManager.java b/eu.etaxonomy.taxeditor.store/src/main/java/eu/etaxonomy/taxeditor/store/LoginManager.java
index a8f02faceea92bc257bcdadbc44ed6e4ef1acbe5..9cdab93fa2576fb2ff01427d7a3f8086bf67f4bc 100644 (file)
--- a/eu.etaxonomy.taxeditor.store/src/main/java/eu/etaxonomy/taxeditor/store/LoginManager.java
+++ b/eu.etaxonomy.taxeditor.store/src/main/java/eu/etaxonomy/taxeditor/store/LoginManager.java
@@ -23,6 +23,7 @@ import org.springframework.security.core.Authentication;
 import org.springframework.security.core.GrantedAuthority;
 import org.springframework.security.core.context.SecurityContextHolder;
 
+import eu.etaxonomy.cdm.api.application.CdmApplicationState;
 import eu.etaxonomy.cdm.api.conversation.ConversationHolder;
 import eu.etaxonomy.cdm.api.conversation.IConversationEnabled;
 import eu.etaxonomy.cdm.model.common.Group;
@@ -65,7 +66,6 @@ public class LoginManager extends Observable implements IConversationEnabled, IC
 
                try{
                        SecurityContextHolder.clearContext();
-
                        Authentication lastAuthentication = CdmStore.getCurrentAuthentiation();
 
                        UsernamePasswordAuthenticationToken token = new UsernamePasswordAuthenticationToken(username, password);
@@ -90,6 +90,7 @@ public class LoginManager extends Observable implements IConversationEnabled, IC
 
                        authentication = new UsernamePasswordAuthenticationToken(user,password, authentication.getAuthorities());
                        SecurityContextHolder.getContext().setAuthentication(authentication);
+                       CdmApplicationState.setCurrentSecurityContext(SecurityContextHolder.getContext());
 
                        if(!authentication.equals(lastAuthentication)){
                                this.setChanged();