AnsweredAssumed Answered

Wierd lost login probem

Question asked by hsjawanda on Dec 16, 2005
Latest reply on Dec 19, 2005 by rwetherall
Hi all,

I am facing a wierd problem: everytime I add or delete a node from the repository, my application loses the login / SecureContext.  For all of the following I am using v1.0.

Before I call Alfresco code in an upload content servlet, everything is fine: the username is "admin" and I can see a session ID.

After calling alfresco code to add content, the session has lost the SecureContext I had earlier; the user now shows up as "System" with the granted authority "ROLE_SYSTEM" – there is no session ID in the SecureContext either (WebAuthenticationDetails (which, among other things, contains the session ID) has been replaced by a net.sf.acegisecurity.providers.dao.User).

Some investigation showed that there is private variable SYSTEM_USER_NAME (value "System") in AuthenticationComponentImpl.java and that if the setSystemUserAsCurrentUser() method is called, the current user is set to "System" with granted authority "ROLE_SYSTEM".

I am almost certain that this is the culprit :-).  However, the only invocation I can find for setSystemUserAsCurrentUser() is in RuleTriggerAbstractBase.java on line #107 in method

protected void triggerRules(NodeRef nodeRef, NodeRef actionedUponNodeRef)

At that point I decided to stop and ask for help :-)…

As I've mentioned before in another thread, I have my own users and a CMSUser class, and am doing all my own authentication and not tying into, using or creating Alfresco users.

How can I keep calls to Alfresco from losing my SecureContext and replacing it with a default?

Help urgently needed – this is proving to be a big pain.

Thanks.

Outcomes