Hello,
I'm trying to do the impersonation through the alfresco API in java.
I found a guide that makes this example:
public String impersonate(String username) {
String currentUser = AuthenticationUtil.getFullyAuthenticatedUser();
if (currentUser == null || !currentUser.equals(username)) {
AuthenticationUtil.setRunAsUser(username);
AuthenticationUtil.setFullyAuthenticatedUser(username);
}
return currentUser;
}
from maven I don't find the library that has the class and methods described in the code above.
can you help me?
ps: maybe they are old API? I must use spring API?
if you have alternative methods you can post the code and also the link to download the API please
The AuthenticationUtil class is part of "alfresco-data-model" jar file. It should be available. Can you check if this jar file is part of your classpath ?
There is another class having same name (org.springframework.extensions.surf.site.AuthenticationUtil) in spring-surf jar file and would be part of classpath. Can you also check if you have imported this class by any chance.
You need to import this class : org.alfresco.repo.security.authentication.AuthenticationUtil after making sure that alfresco-data-model jar file is part of the classpath.
hello,
I did as you told me, now it gives me a compilation error on eclipse:
"The type net.sf.acegisecurity.Authentication cannot be resolved. It is indirectly referenced from required .class files "
line : AuthenticationUtil.setRunAsUser (username);
and "The method setFullyAuthenticatedUser(String) from the type AuthenticationUtil refers to the missing type Authentication"
line: AuthenticationUtil.setFullyAuthenticatedUser(username);
but i don't know why.
maybe there is a conflict whit the dependencies between spring and alfresco?
however the problem is to "impersonate",
can you post me a working code and also the related dependencies to be downloaded from maven?
will be 10 lines of code more or less
i don't find a smart and complete guide on alfresco and on the web,
thank you so much
Hi Valerio,
take a look at the following great post written by Angel Borroy, it describes how to implement your own runAs method:
https://angelborroy.wordpress.com/2015/07/24/alfresco-run-as-system-admin-user-without-credentials/
Please note that you have to incapsulate the logic of your method inside an atomic unit of work that you will pass to the runAs component. In this way you can use it inside any component of Alfresco such as an action, ECMAScript, WebScripts, Scheduled Jobs and so on.
Hope this helps
This code works for me:
import org.alfresco.repo.security.authentication.AuthenticationUtil;
public final class Impersonate {
private Impersonate(){
super();
}
public static String runAsUser(final String userName) {
final String currentUser = AuthenticationUtil.getFullyAuthenticatedUser();
if (!currentUser.equals(userName)) {
AuthenticationUtil.setRunAsUser(userName);
AuthenticationUtil.setFullyAuthenticatedUser(userName);
}
return currentUser;
}
}
However, if you are looking to perform some piece of code/operations which requires admin level permissions or write permissions, then its better to use AuthenticationUtil.RunAsWork method.
Example:
final Object result = AuthenticationUtil.runAs(
new AuthenticationUtil.RunAsWork<Object>() {
public Set<String> doWork() throws Exception {
.....
}
}, AuthenticationUtil.getSystemUserName()
);
Or simply run your whole operation by setting the authentication as system user based on your use case.
AuthenticationUtil.setRunAsUserSystem();
hello,
I tried to run all the examples he gave me but an exception is thrown:
Exception in thread "main" org.apache.chemistry.opencmis.commons.exceptions.CmisUnauthorizedException: Unauthorized
this is the code:
public static void impersonateFour() {
final Object result = AuthenticationUtil.runAs( new AuthenticationUtil.RunAsWork<Object>() {
public ArrayList<String> doWork() throws Exception {
ArrayList<String> a = new ArrayList<String>();
//WITH THIS
AuthenticationUtil.setRunAsUserSystem();
//OR WITH THIS
// final String currentUser = AuthenticationUtil.getFullyAuthenticatedUser();
// if (!currentUser.equals("test")) {
// AuthenticationUtil.setRunAsUser("test");
// AuthenticationUtil.setFullyAuthenticatedUser("test");
// }
SessionFactory sessionFactory = SessionFactoryImpl.newInstance();
Map<String, String> parameter = new HashMap<String, String>();
// I'm BOUND PUT AN USER NAME AND PASSWORD?
/////////parameter.put(SessionParameter.USER, "userTest");
/////////parameter.put(SessionParameter.PASSWORD, "password");
parameter.put(SessionParameter.ATOMPUB_URL, ALFRSCO_ATOMPUB_URL);
parameter.put(SessionParameter.BINDING_TYPE,BindingType.ATOMPUB.value());
// WHEN CALL getRepositories(parameter) THROW EXCEPTION Unauthorized
List<Repository> repositories=sessionFactory.getRepositories(parameter); // <<-- ?
session=repositories.get(0).createSession();
return a;
}
}, AuthenticationUtil.getSystemUserName()
);
}
CAN YOU SAY WHY?
THANK YOU SO MUCH
Hi Piergiorgio,
this is my exception and i don't know why:
Exception in thread "main" org.apache.chemistry.opencmis.commons.exceptions.CmisPermissionDeniedException: Permission denied: 0605370828 Accesso Negato. Non si dispone di permessi appropriati per eseguire questa operazione.
i tried this code:
public static void impersonateFive()throws Exception {
SessionFactory sessionFactory = SessionFactoryImpl.newInstance();
Map<String, String> parameter = new HashMap<String, String>();
parameter.put(SessionParameter.USER, "testProfilazione");
parameter.put(SessionParameter.PASSWORD, "testProfilazione");
parameter.put(SessionParameter.ATOMPUB_URL, ALFRSCO_ATOMPUB_URL);
parameter.put(SessionParameter.BINDING_TYPE,BindingType.ATOMPUB.value());
List<Repository> repositories=sessionFactory.getRepositories(parameter);
session=repositories.get(0).createSession();
AuthenticationUtil lu = new AuthenticationUtil();
lu.afterPropertiesSet();
AuthenticationUtil.runAsSystem(
new AuthenticationUtil.RunAsWork<Object>() {
public Object doWork() throws Exception {
Folder root =session.getRootFolder();
//AT THIS POINT WHEN GET DOCUMENT THROW EXCEPTION
Document newDocument = (Document)session.getObjectByPath("/xxx/xx/documentLibrary/test");
return null;
}
}
);
}
inside the RunAsWork method can I do all the operations with any user? right?
thank you
Ask for and offer help to other Alfresco Content Services Users and members of the Alfresco team.
Related links:
By using this site, you are agreeing to allow us to collect and use cookies as outlined in Alfresco’s Cookie Statement and Terms of Use (and you have a legitimate interest in Alfresco and our products, authorizing us to contact you in such methods). If you are not ok with these terms, please do not use this website.