AnsweredAssumed Answered

authenticatinDAO configuration

Question asked by vycitalr on Jun 2, 2008
Latest reply on Aug 8, 2008 by andy
Hello,

I use either LDAP or NTLM authentication. For these, by using their default configuration, the authenticationDao bean implementation is redefined by either DefaultMutableAuthenticationDao or NullMutableAuthenticationDao. These implementations are however mostly empty. While I understand why methods like createUser are not implemented, why is loadUserByUsername()? Because of this I sometimes run into error thrown from acegi:


     <tr><td><b>500 Description:</b><td> An error inside the HTTP server which prevented it from fulfilling the request.
     <tr><td> 
     <tr><td><b>Message:</b><td>Not implemented
       <tr><td>     
   <tr><td><b>Exception:</b><td>org.alfresco.error.AlfrescoRuntimeException - Not implemented
   <tr><td><td> 
         <tr><td><td>org.alfresco.repo.security.authentication.DefaultMutableAuthenticationDao.loadUserByUsername(DefaultMutableAuthenticationDao.java:410)
         <tr><td><td>net.sf.acegisecurity.providers.dao.DaoAuthenticationProvider.getUserFromBackend(DaoAuthenticationProvider.java:390)
         <tr><td><td>net.sf.acegisecurity.providers.dao.DaoAuthenticationProvider.authenticate(DaoAuthenticationProvider.java:225)
         <tr><td><td>net.sf.acegisecurity.providers.ProviderManager.doAuthentication(ProviderManager.java:159)
         <tr><td><td>net.sf.acegisecurity.AbstractAuthenticationManager.authenticate(AbstractAuthenticationManager.java:49)
         <tr><td><td>net.sf.acegisecurity.intercept.AbstractSecurityInterceptor.beforeInvocation(AbstractSecurityInterceptor.java:372)
         <tr><td><td>net.sf.acegisecurity.intercept.method.aopalliance.MethodSecurityInterceptor.invoke(MethodSecurityInterceptor.java:77)
         <tr><td><td>org.springframework.aop.framework.ReflectiveMethodInvocation.proceed(ReflectiveMethodInvocation.java:176)
         <tr><td><td>org.alfresco.repo.security.permissions.impl.ExceptionTranslatorMethodInterceptor.invoke(ExceptionTranslatorMethodInterceptor.java:49)
         <tr><td><td>org.springframework.aop.framework.ReflectiveMethodInvocation.proceed(ReflectiveMethodInvocation.java:176)
         <tr><td><td>org.alfresco.repo.audit.AuditComponentImpl.audit(AuditComponentImpl.java:241)
         <tr><td><td>org.alfresco.repo.audit.AuditMethodInterceptor.invoke(AuditMethodInterceptor.java:69)
         <tr><td><td>org.springframework.aop.framework.ReflectiveMethodInvocation.proceed(ReflectiveMethodInvocation.java:176)
         <tr><td><td>org.springframework.transaction.interceptor.TransactionInterceptor.invoke(TransactionInterceptor.java:107)
         <tr><td><td>org.springframework.aop.framework.ReflectiveMethodInvocation.proceed(ReflectiveMethodInvocation.java:176)
         <tr><td><td>org.springframework.aop.framework.JdkDynamicAopProxy.invoke(JdkDynamicAopProxy.java:210)
         <tr><td><td>$Proxy71.query(Unknown Source)
         <tr><td><td>com.cleverbee.bean.webscript.WorkflowWebScript.fillProcessACLFilter(WorkflowWebScript.java:1755)
         <tr><td><td>com.cleverbee.bean.webscript.WorkflowWebScript.getProcessACLFilter(WorkflowWebScript.java:1737)
         <tr><td><td>com.cleverbee.bean.webscript.WorkflowWebScript.hasRightOnProcessRoot(WorkflowWebScript.java:1191)


This happens eg. when one user is logged twice through webscript. This seems to me a common case. What is the recommended way to handle this? Is it safe to have the basic RepositoryAuthenticationDao under different bean name and inject into daoAuthenticationProvider, while the keeping the authenticationDao implemented by the DefaultMutableAuthenticationDao ?

Thanks Robert

Outcomes