AnsweredAssumed Answered

How to authenticate user during login?

Question asked by nancyaggarwal on Jun 11, 2015

I have made custom web application using CMIS for getting list of documents and uploading new documents in repository, but i am facing a small issue here. When i tried to login with the random username and password, it allows the access rather than throwing an error. I want only the site members who have access to that site can logs into it. How to achieve this?

I ma using below code:

public class Base implements EcmSession {

    * Declaration of variables, repository and cmis url

   static String doc_name = null;
   static String doc_id = null;
   static ContentStream contentstream;
   Session session = null;

   Map<String, String> parameter = new HashMap<String, String>();

    * Method to create session returns object of SessionEnter USER and PASSWORD
    * of repositoryPass the ATOMPUB_URL and ID of repository
* (non-Javadoc)
* @see
   public Session getSession() {

      Properties prop = new Properties();

      try {



         ALFRSCO_ATOMPUB_URL = "http://" + prop.getProperty("url") + ":"
               + prop.getProperty("port") + "/alfresco/service/cmis";
         parameter.put(SessionParameter.USER, prop.getProperty("USER"));


         // Specify the connection settings

         parameter.put(SessionParameter.ATOMPUB_URL, ALFRSCO_ATOMPUB_URL);



         SessionFactory factory = SessionFactoryImpl.newInstance();

         session = factory.getRepositories(parameter).get(0).createSession();

         return session;
      } catch (CmisUnauthorizedException ex) {

         System.out.println("you are unauthorized ");
      } catch (IOException ex) {
      } catch (Exception ex) {
      return session;
* authenticate user
* (non-Javadoc)
* @see
   public boolean validateUser() {
      Session session = getSession();
      System.out.println("session " + session);
      if (session != null) {
         FolderBean.cmisSession = session;
         return true;
      return false;

Thanks in advance!