Hyland Connect

luca · ‎06-29-2012

Hi all,
I'm trying to enable authentication through CAS in Alfresco 4.0d, but I have some problems.

When I restart Alfresco I get this error:

Cannot create JDBC driver of class '' for connect URL 'null'
java.lang.NullPointerException
   at sun.jdbc.odbc.JdbcOdbcDriver.getProtocol(JdbcOdbcDriver.java:507)
   at sun.jdbc.odbc.JdbcOdbcDriver.knownURL(JdbcOdbcDriver.java:476)
   at sun.jdbc.odbc.JdbcOdbcDriver.acceptsURL(JdbcOdbcDriver.java:307)
   at java.sql.DriverManager.getDriver(DriverManager.java:253)
   at org.apache.tomcat.dbcp.dbcp.BasicDataSource.createConnectionFactory(BasicDataSource.java:1437)
   at org.apache.tomcat.dbcp.dbcp.BasicDataSource.createDataSource(BasicDataSource.java:1371)
   at org.apache.tomcat.dbcp.dbcp.BasicDataSource.getConnection(BasicDataSource.java:1044)
   at org.alfresco.config.JndiObjectFactoryBean.lookup(JndiObjectFactoryBean.java:44)
   at org.springframework.jndi.JndiObjectFactoryBean.lookupWithFallback(JndiObjectFactoryBean.java:201)
   at org.springframework.jndi.JndiObjectFactoryBean.afterPropertiesSet(JndiObjectFactoryBean.java:187)
   at org.springframework.beans.factory.support.AbstractAutowireCapableBeanFactory.invokeInitMethods(AbstractAutowireCapableBeanFactory.java:1477)
…‍‍‍‍‍‍‍‍‍‍‍‍‍‍

This happens when Alfresco calls the filter class, when I try to get the applicationContext to retrieve Alfresco system beans like this:

applicationContext = ApplicationContextHelper.getApplicationContext();‍

Am I doing something wrong?
Anyone can help me?

It seems like I am getting the application Context in a wrong way, but I don't know why :cry:

The filter class is very simple now because I want to know what is causing the problem.

afaust · ‎07-01-2012

Hello,

it appears your database connection configuration might be wrong - nothing to do with CAS at first glance. Please check your alfresco-global.properties for database URL as well as JDBC driver and make sure you have your JDBC driver JAR on the classpath.

Regards
Axel

luca · ‎07-02-2012

The database configuration is ok, if I start Alfresco without CAS, I get no errors and I can access Alfresco explorer without problems.

This error appears only when I set up the CAS filter.

afaust · ‎07-02-2012

Can you provide an account of the configuration steps you have taken to set up your CAS integration? It would appear that some of it interferes with the normal behaviour of the database initialisation / connection handling. Also, could you provide more logging information on the exception? The previous one has been cut off / shortened using an ellipsis, and it might be helpful to see more of the context. (Maybe my interpretation of it until now based upon the available information is not even correct at all.)

Regards
Axel

luca · ‎07-02-2012

Hi Axel,
I'm upgrading a CAS authentcation that worked in Alfresco 3.2 and I'm missing something in Alfresco 4 with its subsystem.

For now I have done this:
1. add filters in web.xml
2. create filter classes and added to Alfresco lib as jar
3. modified alfresco-global.properties like this:

authentication.chain=cas:external
external.authentication.proxyHeader=x-alfresco-remote-user
external.authentication.enabled=true
external.authentication.userIdPattern=‍‍‍‍

I think I have to instantiate my filter in another way, maybe using a webscript like they have done here:
http://ecmstuff.blogspot.it/2011/06/configuring-alfresco-for-sso-with-cas.html

Down here the files I have touched:

Web.xml:


<!–       Commented out Alfresco's default authentication filter in order to be able to configure CAS filters
   <filter>
      <filter-name>Authentication Filter</filter-name>
      <description>Authentication filter mapped only to faces URLs. Other URLs generally use proprietary means to talk to the AuthenticationComponent</description>
      <filter-class>org.alfresco.repo.web.filter.beans.BeanProxyFilter</filter-class>
      <init-param>
         <param-name>beanName</param-name>
         <param-value>AuthenticationFilter</param-value>
      </init-param>
</filter>
   –>‍‍‍‍‍‍‍‍‍‍‍‍

and

<!– CAS Authentication Filter for casclient.jar (pre cas-client 3.1.3) –>
      <filter>
     <filter-name>CAS Filter</filter-name>
     <filter-class>edu.yale.its.tp.cas.client.filter.CASFilter</filter-class>
     <init-param>
         <param-name>edu.yale.its.tp.cas.client.filter.loginUrl</param-name>
         <param-value>https://apitest1.engilab.ewebpd.eng.it/cas/login</param-value>
     </init-param>
     <init-param>
         <param-name>edu.yale.its.tp.cas.client.filter.validateUrl</param-name>
         <param-value>https://apitest1.engilab.ewebpd.eng.it/cas/serviceValidate</param-value>
     </init-param>
     <init-param>
         <param-name>edu.yale.its.tp.cas.client.filter.serverName</param-name>
         <param-value>apitest1.engilab.ewebpd.eng.it</param-value>
     </init-param>
   </filter>
     
   <filter>
      <filter-name>Authentication Filter</filter-name>
      <filter-class>it.eng.api.alfresco.authentication.cas.CASAuthenticationFilter</filter-class>
      <init-param>
         <param-name>cas.user.label</param-name>
         <param-value>edu.yale.its.tp.cas.client.filter.user</param-value>
      </init-param>
   </filter>
   <filter>
      <filter-name>CAS Content Filter</filter-name>
      <filter-class>it.eng.api.alfresco.authentication.cas.CASContentFilter</filter-class>
   </filter>‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍

and

<!–
   <filter-mapping>
      <filter-name>Global Authentication Filter</filter-name>
      <url-pattern>/navigate/*</url-pattern>
   </filter-mapping>

   <filter-mapping>
      <filter-name>Global Authentication Filter</filter-name>
      <url-pattern>/command/*</url-pattern>
   </filter-mapping>

   <filter-mapping>
      <filter-name>Global Authentication Filter</filter-name>
      <url-pattern>/download/*</url-pattern>
   </filter-mapping>
   
   <filter-mapping>
      <filter-name>Global Authentication Filter</filter-name>
      <url-pattern>/template/*</url-pattern>
   </filter-mapping>
   
   <filter-mapping>
      <filter-name>Global Authentication Filter</filter-name>
      <url-pattern>/n/*</url-pattern>
   </filter-mapping>
   
   <filter-mapping>
      <filter-name>Global Authentication Filter</filter-name>
      <url-pattern>/c/*</url-pattern>
   </filter-mapping>

   <filter-mapping>
      <filter-name>Global Authentication Filter</filter-name>
      <url-pattern>/t/*</url-pattern>
   </filter-mapping>
   
   <filter-mapping>
      <filter-name>Global Authentication Filter</filter-name>
      <url-pattern>/d/*</url-pattern>
   </filter-mapping>
   –>
   <!– The WebScript Authentication filter sits in front of web service URLs in addition to the global authentication filter –>
   <!–
   <filter-mapping>
      <filter-name>WebScript Authentication Filter</filter-name>
      <url-pattern>/wcservice/*</url-pattern>
   </filter-mapping>
   
   <filter-mapping>
      <filter-name>WebScript Authentication Filter</filter-name>
      <url-pattern>/wcs/*</url-pattern>
   </filter-mapping>
   
   <filter-mapping>
      <filter-name>Global Authentication Filter</filter-name>
      <url-pattern>/wcservice/*</url-pattern>
   </filter-mapping>
   
   <filter-mapping>
      <filter-name>Global Authentication Filter</filter-name>
      <url-pattern>/wcs/*</url-pattern>
   </filter-mapping>

   <filter-mapping>
      <filter-name>Global Authentication Filter</filter-name>
      <url-pattern>/ajax/*</url-pattern>
   </filter-mapping>
   
   <filter-mapping>
      <filter-name>Global Authentication Filter</filter-name>
      <url-pattern>/faces/*</url-pattern>
   </filter-mapping>

   <filter-mapping>
      <filter-name>Authentication Filter</filter-name>
      <url-pattern>/faces/*</url-pattern>
   </filter-mapping>
   –>

   <!– CAS Filter–>
   <filter-mapping>
      <filter-name>CAS Filter</filter-name>
      <url-pattern>/navigate/*</url-pattern>
   </filter-mapping>
   <filter-mapping>
      <filter-name>Authentication Filter</filter-name>
      <url-pattern>/navigate/*</url-pattern>
   </filter-mapping>
   <filter-mapping>
      <filter-name>CAS Content Filter</filter-name>
      <url-pattern>/navigate/*</url-pattern>
   </filter-mapping>
   
      <filter-mapping>
      <filter-name>CAS Filter</filter-name>
      <url-pattern>/faces/*</url-pattern>
   </filter-mapping>
   <filter-mapping>
      <filter-name>Authentication Filter</filter-name>
      <url-pattern>/faces/*</url-pattern>
   </filter-mapping>
   <filter-mapping>
      <filter-name>CAS Content Filter</filter-name>
      <url-pattern>/faces/*</url-pattern>
   </filter-mapping>
   
      <filter-mapping>
      <filter-name>CAS Filter</filter-name>
      <url-pattern>/command/*</url-pattern>
   </filter-mapping>
   <filter-mapping>
      <filter-name>Authentication Filter</filter-name>
      <url-pattern>/command/*</url-pattern>
   </filter-mapping>
   <filter-mapping>
      <filter-name>CAS Content Filter</filter-name>
      <url-pattern>/command/*</url-pattern>
   </filter-mapping>
   
   <filter-mapping>
      <filter-name>CAS Filter</filter-name>
      <url-pattern>/download/*</url-pattern>
   </filter-mapping>
   <filter-mapping>
      <filter-name>Authentication Filter</filter-name>
      <url-pattern>/download/*</url-pattern>
   </filter-mapping>
   <filter-mapping>
      <filter-name>CAS Content Filter</filter-name>
      <url-pattern>/download/*</url-pattern>
   </filter-mapping>
   
      <filter-mapping>
      <filter-name>CAS Filter</filter-name>
      <url-pattern>/template/*</url-pattern>
   </filter-mapping>
   <filter-mapping>
      <filter-name>Authentication Filter</filter-name>
      <url-pattern>/template/*</url-pattern>
   </filter-mapping>
   <filter-mapping>
      <filter-name>CAS Content Filter</filter-name>
      <url-pattern>/template/*</url-pattern>
   </filter-mapping>
   
      <filter-mapping>
      <filter-name>CAS Filter</filter-name>
      <url-pattern>/n/*</url-pattern>
   </filter-mapping>
   <filter-mapping>
      <filter-name>Authentication Filter</filter-name>
      <url-pattern>/n/*</url-pattern>
   </filter-mapping>
   <filter-mapping>
      <filter-name>CAS Content Filter</filter-name>
      <url-pattern>/n/*</url-pattern>
   </filter-mapping>
   
      <filter-mapping>
      <filter-name>CAS Filter</filter-name>
      <url-pattern>/c/*</url-pattern>
   </filter-mapping>
   <filter-mapping>
      <filter-name>Authentication Filter</filter-name>
      <url-pattern>/c/*</url-pattern>
   </filter-mapping>
   <filter-mapping>
      <filter-name>CAS Content Filter</filter-name>
      <url-pattern>/c/*</url-pattern>
   </filter-mapping>
   
      <filter-mapping>
      <filter-name>CAS Filter</filter-name>
      <url-pattern>/t/*</url-pattern>
   </filter-mapping>
   <filter-mapping>
      <filter-name>Authentication Filter</filter-name>
      <url-pattern>/t/*</url-pattern>
   </filter-mapping>
   <filter-mapping>
      <filter-name>CAS Content Filter</filter-name>
      <url-pattern>/t/*</url-pattern>
   </filter-mapping>
   
   <filter-mapping>
      <filter-name>CAS Filter</filter-name>
      <url-pattern>/d/*</url-pattern>
   </filter-mapping>
   <filter-mapping>
      <filter-name>Authentication Filter</filter-name>
      <url-pattern>/d/*</url-pattern>
   </filter-mapping>
   <filter-mapping>
      <filter-name>CAS Content Filter</filter-name>
      <url-pattern>/d/*</url-pattern>
   </filter-mapping>
   <!– New CAS filter mappings end here –>‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍

My filter classes are here:

package it.eng.api.alfresco.authentication.cas;

import java.io.IOException;

import javax.servlet.Filter;
import javax.servlet.FilterChain;
import javax.servlet.FilterConfig;
import javax.servlet.ServletContext;
import javax.servlet.ServletException;
import javax.servlet.ServletRequest;
import javax.servlet.ServletResponse;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import javax.servlet.http.HttpSession;

import org.alfresco.repo.security.authentication.AuthenticationException;
import org.alfresco.util.ApplicationContextHelper;
import org.alfresco.web.app.Application;
import org.alfresco.web.app.servlet.AbstractAuthenticationFilter;
import org.alfresco.web.bean.repository.User;
import org.apache.commons.logging.Log;
import org.apache.commons.logging.LogFactory;
import org.springframework.context.ApplicationContext;

public class CASAuthenticationFilter extends AbstractAuthenticationFilter implements Filter {

   private static final String LOCALE = "locale";
   private static final String MESSAGE_BUNDLE = "alfresco.messages.webclient";
   private static final String CAS_USER_INIT_PARAM_NAME = "cas.user.label";
   private static Log logger = LogFactory.getLog(CASAuthenticationFilter.class);
   private ServletContext context;
   private String loginPage;
//   private AuthenticationComponent authComponent;
//   private AuthenticationService authService;
//   private TransactionService transactionService;
//   private PersonService personService;
//   private NodeService nodeService;
//   private List<String> m_languages;
//   private String casUserSessionAttributeName;

   private static ApplicationContext applicationContext;

   public CASAuthenticationFilter() {
   }

   public void destroy() {
   }

   /**
    * Run the filter
    *
    * @param sreq  ServletRequest
    * @param sresp ServletResponse
    * @param chain FilterChain
    *
    * @exception IOException
    * @exception ServletException
    */
   public void doFilter(ServletRequest sreq, ServletResponse sresp, FilterChain chain) throws IOException, ServletException {
      // Get the HTTP request/response/session
      HttpServletRequest req = (HttpServletRequest) sreq;
      HttpServletResponse resp = (HttpServletResponse) sresp;
      HttpSession httpSess = req.getSession(true);

      applicationContext = ApplicationContextHelper.getApplicationContext();

      if (logger.isDebugEnabled()) {
         logger.debug("req.getRequestURI(): "+req.getRequestURI());
      }

      // Retrieve the CAS username from the session
      String userName = null;
      String casUserSessionAttributeName = "edu.yale.its.tp.cas.client.filter.user";
      Object o = httpSess.getAttribute(casUserSessionAttributeName);
      if (o == null) {
         logger.error("CAS : Attribute named "+casUserSessionAttributeName+" not found in the session. ");
      } else {
         userName = o.toString();
      }

      if (logger.isDebugEnabled()) {
         logger.debug("CAS : User = " + userName);
         logger.debug("HttpServletRequest Ticket = " + req.getParameter("ticket"));
         logger.debug("HttpServletRequest alf_ticket = " + req.getParameter("alf_ticket"));
         logger.debug("HttpServletRequest alfTicket = " + req.getParameter("alfTicket"));
      }

      // See if there is a user in the session and test if it matches
      User user = (User) httpSess.getAttribute("_alfAuthTicket");
      if (user == null) {
         if (logger.isDebugEnabled()) {
            logger.debug("Alfresco user is null.");
         }
      }

      if (user != null) {
         try {
            if (logger.isDebugEnabled()) {
               logger.debug("CAS : User " + user.getUserName() + " validate ticket");
            }

            if (user.getUserName().equals(userName)) {
//               authComponent.setCurrentUser(user.getUserName());
//               I18NUtil.setLocale(Application.getLanguage(applicationContext));
               chain.doFilter(sreq, sresp);
               return;

            } else {
               // No match
               setAuthenticatedUser(req, httpSess, userName);
            }

         } catch (AuthenticationException ex) {
            if (logger.isErrorEnabled()) {
               logger.error("Failed to validate user " + user.getUserName(), ex);
            }
         }
      }

      setAuthenticatedUser(req, httpSess, userName);

      // Redirect the login page as it is never seen as we always login by name
      if (req.getRequestURI().endsWith(getLoginPage())) {

         if (logger.isDebugEnabled()) {
            logger.debug("Login page requested, chaining …");
            logger.debug(" Redirect without chaining to: "+req.getContextPath() + "/faces/jsp/browse/browse.jsp");
         }

         resp.sendRedirect(req.getContextPath() + "/faces/jsp/browse/browse.jsp");

         return;

      } else {
         chain.doFilter(sreq, sresp);
         return;
      }
   }

   private void setAuthenticatedUser(HttpServletRequest req, HttpSession httpSess, String userName) {
      // Set the authentication
      
      // Here I have to log in the user in Alfresco
   }

   public void init(FilterConfig config) throws ServletException {
      context = config.getServletContext();

      // This line will cause the exception:
      WebApplicationContextUtils.getWebApplicationContext(servletContext);
   }

   /**
    * Return the login page address
    *
    * @return String
    */
   private String getLoginPage() {
      if (loginPage == null) {
         loginPage = Application.getLoginPage(context);
      }
      return loginPage;
   }

}
‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍

And this is the other filter to manage redirects:

package it.eng.api.alfresco.authentication.cas;

import java.io.IOException;

import javax.servlet.Filter;
import javax.servlet.FilterChain;
import javax.servlet.FilterConfig;
import javax.servlet.ServletException;
import javax.servlet.ServletRequest;
import javax.servlet.ServletResponse;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import javax.servlet.http.HttpSession;

import org.apache.commons.logging.Log;
import org.apache.commons.logging.LogFactory;

public class CASContentFilter implements Filter {

   private static final Log logger = LogFactory.getLog(CASContentFilter.class);

   public CASContentFilter() {
   }

   public void destroy() {
   }

   public void doFilter(ServletRequest sreq, ServletResponse sresp, FilterChain chain) throws IOException, ServletException {
      // Get the HTTP request/response/session
      HttpServletRequest httpServletRequest = (HttpServletRequest) sreq;
      HttpServletResponse httpServletResponse = (HttpServletResponse) sresp;
      HttpSession session = httpServletRequest.getSession();
      
      if (logger.isDebugEnabled()) {
         logger.debug("req.getRequestURI(): "+httpServletRequest.getRequestURI());
      }
      
      String redirectURL = (String) session.getAttribute("_alfRedirect");
      if (redirectURL != null) {
         
         if (logger.isDebugEnabled()) {
            logger.debug("Redirect URL found: "+redirectURL);
         }
         
         session.removeAttribute("_alfRedirect");
         
         if (session.getAttribute("_alfRedirect")==null)
            logger.debug("Redirect URL removed from session. ");
         
         try {
            httpServletResponse.sendRedirect(redirectURL);
            return;
            
         } catch (IOException ioErr) {
            logger.warn("Unable to redirect to url: "+redirectURL);
         }
         
      } else {
         if (logger.isDebugEnabled()) {
            logger.debug("No Redirect URL found");
         }
      }
      
      chain.doFilter(sreq, sresp);
   }

   public void init(FilterConfig filterconfig) throws ServletException {
   }

}
‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍

And last the stacktrace:

Cannot create JDBC driver of class '' for connect URL 'null'
java.lang.NullPointerException
   at sun.jdbc.odbc.JdbcOdbcDriver.getProtocol(JdbcOdbcDriver.java:507)
   at sun.jdbc.odbc.JdbcOdbcDriver.knownURL(JdbcOdbcDriver.java:476)
   at sun.jdbc.odbc.JdbcOdbcDriver.acceptsURL(JdbcOdbcDriver.java:307)
   at java.sql.DriverManager.getDriver(DriverManager.java:253)
   at org.apache.tomcat.dbcp.dbcp.BasicDataSource.createConnectionFactory(BasicDataSource.java:1437)
   at org.apache.tomcat.dbcp.dbcp.BasicDataSource.createDataSource(BasicDataSource.java:1371)
   at org.apache.tomcat.dbcp.dbcp.BasicDataSource.getConnection(BasicDataSource.java:1044)
   at org.alfresco.config.JndiObjectFactoryBean.lookup(JndiObjectFactoryBean.java:44)
   at org.springframework.jndi.JndiObjectFactoryBean.lookupWithFallback(JndiObjectFactoryBean.java:201)
   at org.springframework.jndi.JndiObjectFactoryBean.afterPropertiesSet(JndiObjectFactoryBean.java:187)
   at org.springframework.beans.factory.support.AbstractAutowireCapableBeanFactory.invokeInitMethods(AbstractAutowireCapableBeanFactory.java:1477)
   at org.springframework.beans.factory.support.AbstractAutowireCapableBeanFactory.initializeBean(AbstractAutowireCapableBeanFactory.java:1417)
   at org.springframework.beans.factory.support.AbstractAutowireCapableBeanFactory.doCreateBean(AbstractAutowireCapableBeanFactory.java:519)
   at org.springframework.beans.factory.support.AbstractAutowireCapableBeanFactory.createBean(AbstractAutowireCapableBeanFactory.java:456)
   at org.springframework.beans.factory.support.AbstractBeanFactory$1.getObject(AbstractBeanFactory.java:291)
   at org.springframework.beans.factory.support.DefaultSingletonBeanRegistry.getSingleton(DefaultSingletonBeanRegistry.java:222)
   at org.springframework.beans.factory.support.AbstractBeanFactory.doGetBean(AbstractBeanFactory.java:288)
   at org.springframework.beans.factory.support.AbstractBeanFactory.getBean(AbstractBeanFactory.java:190)
   at org.springframework.beans.factory.support.BeanDefinitionValueResolver.resolveReference(BeanDefinitionValueResolver.java:322)
   at org.springframework.beans.factory.support.BeanDefinitionValueResolver.resolveValueIfNecessary(BeanDefinitionValueResolver.java:106)
   at org.springframework.beans.factory.support.AbstractAutowireCapableBeanFactory.applyPropertyValues(AbstractAutowireCapableBeanFactory.java:1325)
   at org.springframework.beans.factory.support.AbstractAutowireCapableBeanFactory.populateBean(AbstractAutowireCapableBeanFactory.java:1086)
   at org.springframework.beans.factory.support.AbstractAutowireCapableBeanFactory.doCreateBean(AbstractAutowireCapableBeanFactory.java:517)
   at org.springframework.beans.factory.support.AbstractAutowireCapableBeanFactory.createBean(AbstractAutowireCapableBeanFactory.java:456)
   at org.springframework.beans.factory.support.AbstractBeanFactory$1.getObject(AbstractBeanFactory.java:291)
   at org.springframework.beans.factory.support.DefaultSingletonBeanRegistry.getSingleton(DefaultSingletonBeanRegistry.java:222)
   at org.springframework.beans.factory.support.AbstractBeanFactory.doGetBean(AbstractBeanFactory.java:288)
   at org.springframework.beans.factory.support.AbstractBeanFactory.getBean(AbstractBeanFactory.java:190)
   at org.springframework.beans.factory.support.BeanDefinitionValueResolver.resolveReference(BeanDefinitionValueResolver.java:322)
   at org.springframework.beans.factory.support.BeanDefinitionValueResolver.resolveValueIfNecessary(BeanDefinitionValueResolver.java:106)
   at org.springframework.beans.factory.support.AbstractAutowireCapableBeanFactory.applyPropertyValues(AbstractAutowireCapableBeanFactory.java:1325)
   at org.springframework.beans.factory.support.AbstractAutowireCapableBeanFactory.populateBean(AbstractAutowireCapableBeanFactory.java:1086)
   at org.springframework.beans.factory.support.AbstractAutowireCapableBeanFactory.doCreateBean(AbstractAutowireCapableBeanFactory.java:517)
   at org.springframework.beans.factory.support.AbstractAutowireCapableBeanFactory.createBean(AbstractAutowireCapableBeanFactory.java:456)
   at org.springframework.beans.factory.support.AbstractBeanFactory$1.getObject(AbstractBeanFactory.java:291)
   at org.springframework.beans.factory.support.DefaultSingletonBeanRegistry.getSingleton(DefaultSingletonBeanRegistry.java:222)
   at org.springframework.beans.factory.support.AbstractBeanFactory.doGetBean(AbstractBeanFactory.java:288)
   at org.springframework.beans.factory.support.AbstractBeanFactory.getBean(AbstractBeanFactory.java:190)
   at org.springframework.beans.factory.support.BeanDefinitionValueResolver.resolveReference(BeanDefinitionValueResolver.java:322)
   at org.springframework.beans.factory.support.BeanDefinitionValueResolver.resolveValueIfNecessary(BeanDefinitionValueResolver.java:106)
   at org.springframework.beans.factory.support.AbstractAutowireCapableBeanFactory.applyPropertyValues(AbstractAutowireCapableBeanFactory.java:1325)
   at org.springframework.beans.factory.support.AbstractAutowireCapableBeanFactory.populateBean(AbstractAutowireCapableBeanFactory.java:1086)
   at org.springframework.beans.factory.support.AbstractAutowireCapableBeanFactory.doCreateBean(AbstractAutowireCapableBeanFactory.java:517)
   at org.springframework.beans.factory.support.AbstractAutowireCapableBeanFactory.createBean(AbstractAutowireCapableBeanFactory.java:456)
   at org.springframework.beans.factory.support.AbstractBeanFactory$1.getObject(AbstractBeanFactory.java:291)
   at org.springframework.beans.factory.support.DefaultSingletonBeanRegistry.getSingleton(DefaultSingletonBeanRegistry.java:222)
   at org.springframework.beans.factory.support.AbstractBeanFactory.doGetBean(AbstractBeanFactory.java:288)
   at org.springframework.beans.factory.support.AbstractBeanFactory.getBean(AbstractBeanFactory.java:190)
   at org.springframework.beans.factory.support.BeanDefinitionValueResolver.resolveReference(BeanDefinitionValueResolver.java:322)
   at org.springframework.beans.factory.support.BeanDefinitionValueResolver.resolveValueIfNecessary(BeanDefinitionValueResolver.java:106)
   at org.springframework.beans.factory.support.AbstractAutowireCapableBeanFactory.applyPropertyValues(AbstractAutowireCapableBeanFactory.java:1325)
   at org.springframework.beans.factory.support.AbstractAutowireCapableBeanFactory.populateBean(AbstractAutowireCapableBeanFactory.java:1086)
   at org.springframework.beans.factory.support.AbstractAutowireCapableBeanFactory.doCreateBean(AbstractAutowireCapableBeanFactory.java:517)
   at org.springframework.beans.factory.support.AbstractAutowireCapableBeanFactory.createBean(AbstractAutowireCapableBeanFactory.java:456)
   at org.springframework.beans.factory.support.AbstractBeanFactory$1.getObject(AbstractBeanFactory.java:291)
   at org.springframework.beans.factory.support.DefaultSingletonBeanRegistry.getSingleton(DefaultSingletonBeanRegistry.java:222)
   at org.springframework.beans.factory.support.AbstractBeanFactory.doGetBean(AbstractBeanFactory.java:288)
   at org.springframework.beans.factory.support.AbstractBeanFactory.getBean(AbstractBeanFactory.java:190)
   at org.springframework.beans.factory.support.DefaultListableBeanFactory.preInstantiateSingletons(DefaultListableBeanFactory.java:580)
   at org.springframework.context.support.AbstractApplicationContext.finishBeanFactoryInitialization(AbstractApplicationContext.java:895)
   at org.springframework.context.support.AbstractApplicationContext.refresh(AbstractApplicationContext.java:425)
   at org.springframework.web.context.ContextLoader.createWebApplicationContext(ContextLoader.java:276)
   at org.springframework.web.context.ContextLoader.initWebApplicationContext(ContextLoader.java:197)
   at org.springframework.web.context.ContextLoaderListener.contextInitialized(ContextLoaderListener.java:47)
   at org.alfresco.web.app.ContextLoaderListener.contextInitialized(ContextLoaderListener.java:63)
   at org.apache.catalina.core.StandardContext.listenerStart(StandardContext.java:4135)
   at org.apache.catalina.core.StandardContext.start(StandardContext.java:4630)
   at org.apache.catalina.core.ContainerBase.addChildInternal(ContainerBase.java:791)
   at org.apache.catalina.core.ContainerBase.addChild(ContainerBase.java:771)
‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍

afaust · ‎07-02-2012

Hello,

on a third glance, I noticed that this is not really a database related issue, but a JNDI-reated one which involves some database-related code. I still cannot see a relation with your CAS modifications though, although the amount of changes necessary to enable CAS seems excessive (as I haven't done a CAS integration myself, this is just a subjective observation, and should not be considered to be any kind of judgment). Have you tried running Alfresco 4 without your modifications before you applied your CAS integration? If the same issue occured then, we can stop focussing on CAS changes …

Regards
Axel

luca · ‎07-02-2012

Hi Axel,
as I previuos said if I start Alfresco without CAS modification, everything runs well. I think that the problem is in my Filter class and how I instantiate it.

Now I will try to instatiate it through a webscript and I will inform you if I succeed.

Thanks for your help!

luca · ‎07-02-2012

I tryed to follow the steps described here:
http://ecmstuff.blogspot.it/2011/06/configuring-alfresco-for-sso-with-cas.html

I want only to authenticate in Alfresco Explorer, so I tryed to use only the CasAuthenticationfilter.java, but I'm stucked trying to find an equivalent for Alfresco 4.0d for this line to get the services that I need:

WebApplicationContext ctx = WebApplicationContextUtils.getRequiredWebApplicationContext(context);‍

If I use ApplicationContextHelper.getApplicationContext() I get the nullpointer error of my starting post.

The webscript LoginCas is only to used by Share, so it is not of help to me. :cry:

afaust · ‎07-02-2012

Hello,

try using the bean proxy filter bean as the filter and declare your custom filter as a Spring bean. This way you can inject your services via Spring and don't need to manually access the application context.
Please see the Alfresco "Authentication Filter" as a reference, which uses this approach.

Regards
Axel

luca · ‎07-04-2012

Thanks AFaust,
with your suggestion I made some more steps in the right direction.

Now when I access in Alfresco I'm redirect to the CAS login page, I log in and I return to Alfresco. I then enter in the filter with the CAS ticket and the name of the user, but I cannot find a right way to authenticate in Alfresco.
I tried calling AuthenticationHelper.setUser(context, req, currentUsername, ticket, externalAuth), but I get this error:

net.sf.acegisecurity.AuthenticationCredentialsNotFoundException: A valid SecureContext was not provided in the RequestContext
at net.sf.acegisecurity.intercept.AbstractSecurityInterceptor.credentialsNotFound(AbstractSecurityInterceptor.java:481)
at net.sf.acegisecurity.intercept.AbstractSecurityInterceptor.beforeInvocation(AbstractSecurityInterceptor.java:359)
at net.sf.acegisecurity.intercept.method.aopalliance.MethodSecurityInterceptor.invoke(MethodSecurityInterceptor.java:77)
at org.springframework.aop.framework.ReflectiveMethodInvocation.proceed(ReflectiveMethodInvocation.java:172)
at org.alfresco.repo.security.permissions.impl.ExceptionTranslatorMethodInterceptor.invoke(ExceptionTranslatorMethodInterceptor.java:46)
at org.springframework.aop.framework.ReflectiveMethodInvocation.proceed(ReflectiveMethodInvocation.java:172)
at org.alfresco.repo.audit.AuditMethodInterceptor.invoke(AuditMethodInterceptor.java:147)
at org.springframework.aop.framework.ReflectiveMethodInvocation.proceed(ReflectiveMethodInvocation.java:172)
at org.springframework.transaction.interceptor.TransactionInterceptor.invoke(TransactionInterceptor.java:110)
at org.springframework.aop.framework.ReflectiveMethodInvocation.proceed(ReflectiveMethodInvocation.java:172)
at org.springframework.aop.framework.JdkDynamicAopProxy.invoke(JdkDynamicAopProxy.java:202)
at $Proxy60.getCurrentTicket(Unknown Source)
at it.eng.api.alfresco.authentication.cas.CASAuthenticationFilterBean.doFilter(CASAuthenticationFilterBean.java:159)
at sun.reflect.GeneratedMethodAccessor406.invoke(Unknown Source)
at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:25)
at java.lang.reflect.Method.invoke(Method.java:597)
at org.alfresco.repo.management.subsystems.ChainingSubsystemProxyFactory$1.invoke(ChainingSubsystemProxyFactory.java:116)
at org.springframework.aop.framework.ReflectiveMethodInvocation.proceed(ReflectiveMethodInvocation.java:172)
at org.springframework.aop.framework.JdkDynamicAopProxy.invoke(JdkDynamicAopProxy.java:202)
at $Proxy231.doFilter(Unknown Source)
at org.alfresco.repo.web.filter.beans.BeanProxyFilter.doFilter(BeanProxyFilter.java:82)
at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:235)
at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:206)
at edu.yale.its.tp.cas.client.filter.CASFilter.doFilter(CASFilter.java:317)
at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:235)
at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:206)
at org.alfresco.web.app.servlet.GlobalLocalizationFilter.doFilter(GlobalLocalizationFilter.java:58)
at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:235)
at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:206)
at org.apache.catalina.core.StandardWrapperValve.invoke(StandardWrapperValve.java:233)
at org.apache.catalina.core.StandardContextValve.invoke(StandardContextValve.java:191)
at org.apache.catalina.authenticator.AuthenticatorBase.invoke(AuthenticatorBase.java:470)
at org.apache.catalina.core.StandardHostValve.invoke(StandardHostValve.java:127)
at org.apache.catalina.valves.ErrorReportValve.invoke(ErrorReportValve.java:102)
at org.apache.catalina.core.StandardEngineValve.invoke(StandardEngineValve.java:109)
at org.apache.catalina.connector.CoyoteAdapter.service(CoyoteAdapter.java:298)
at org.apache.jk.server.JkCoyoteHandler.invoke(JkCoyoteHandler.java:190)
at org.apache.jk.common.HandlerRequest.invoke(HandlerRequest.java:291)
at org.apache.jk.common.ChannelSocket.invoke(ChannelSocket.java:774)
at org.apache.jk.common.ChannelSocket.processConnection(ChannelSocket.java:703)
at org.apache.jk.common.ChannelSocket$SocketConnection.runIt(ChannelSocket.java:896)
at org.apache.tomcat.util.threads.ThreadPool$ControlRunnable.run(ThreadPool.java:690)
at java.lang.Thread.run(Thread.java:662)‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍

I think that first I need to create a SecureContext, but I don't know how, could you help me?

This is how I set up the filter:

<filter>
      <filter-name>Authentication Filter</filter-name>
      <description>Authentication CAS filter.</description>
      <filter-class>org.alfresco.repo.web.filter.beans.BeanProxyFilter</filter-class>
      <init-param>
         <param-name>beanName</param-name>
         <param-value>CASAuthenticationFilter</param-value>
      </init-param>
   </filter>‍‍‍‍‍‍‍‍‍

And this is how I configured the CASAuthenticationFilter bean:

<bean id="CASAuthenticationFilter" class="org.alfresco.repo.management.subsystems.ChainingSubsystemProxyFactory">
      <property name="applicationContextManager">
         <ref bean="Authentication" />
      </property>
      <property name="interfaces">
         <list>
            <value>org.alfresco.repo.web.filter.beans.DependencyInjectedFilter</value>
         </list>
      </property>
      <property name="sourceBeanName">
         <value>cASAuthenticationFilter</value>
      </property>
      <!– Fall back to a benign default implementation –>
      <property name="defaultTarget">
         <ref bean="defaultCASAuthenticationFilter"/>
      </property>
   </bean>

   <bean id="defaultCASAuthenticationFilter" class="it.eng.api.alfresco.authentication.cas.CASAuthenticationFilterBean">
      <property name="configService">
         <ref bean="webClientConfigService" />
      </property>
   </bean>‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍

Hyland Connect

Alfresco 4.0d + CAS