On 21 Apr 2008, at 16:53, Michael White wrote: > Hi, > > Unfortunately I've been sidetracked with other tasks, so only just > coming back to look at my implicit authentication problems first > raised > a couple of weeks ago . . . > > Using DSpace v1.4.2. This DSpace is being used as a Learning Object > repository and all the items in the repository are protected (only > accessible to Stirling staff and students). > > Summary of main problem, when accessing a protected bitstream with the > token required for implicit authentication in place (a cookie from our > portal in this case), instead of being authenticated/authorised and > routed to the requested bitstream, the user is authenticated but then > routed to "Authorisation Required" page (even though they are now > authenticated!) ....
[...] > I've tried a couple of (fairly random) hacks in various places to try > and get the request re-routed back to the original URL, but I've had > no > joy :-(. > > The academic that I've implemented this repository for is doing a demo > to the University community on May 8th, so I'm obviously very keen to > try and fix this before then! If there is anyone out there who may be > able to help, it would be very much appreciated!! It might be worthwhile, at least as a workaround, to change the code to attempt an implicit auth at the beginning of the request rather than waiting for it to fail at the end. Something like this: In DSpaceServlet.processRequest(), after the lines: // Obtain a context - either create one, or get the one created by // an authentication filter context = UIUtil.obtainContext(request); insert (copied from Authenticate.java): if (AuthenticationManager.authenticateImplicit(context, null, null, null, request) == AuthenticationMethod.SUCCESS) { Authenticate.loggedIn(context, request, context.getCurrentUser()); log.info(LogManager.getHeader(context, "login", "type=implicit")); } Which should, if my thinking is correct, set up the implicitly authenticated user in the context before any of the actual request is processed. I should stress that I have not tested this and so it may not work, but it's a problem we're about to hit here because we're currently implementing an auth filter for the university's SSO system. So I almost certainly *will* be testing this before the week is out. -- Simon Brown <[EMAIL PROTECTED]> - Cambridge University Computing Service +44 1223 3 34714 - New Museums Site, Pembroke Street, Cambridge CB2 3QH ------------------------------------------------------------------------- This SF.net email is sponsored by the 2008 JavaOne(SM) Conference Don't miss this year's exciting event. There's still time to save $100. Use priority code J8TL2D2. http://ad.doubleclick.net/clk;198757673;13503038;p?http://java.sun.com/javaone _______________________________________________ DSpace-tech mailing list DSpace-tech@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/dspace-tech