Mercurial > hg > AnnotationManagerN4J
diff src/main/java/de/mpiwg/itgroup/annotations/restlet/AnnotatorResourceImpl.java @ 57:4efb21cf0ce0
new non-authorized mode without tokens. enabled by default. configured with annotationmanager.authorization=false property.
author | casties |
---|---|
date | Tue, 20 Nov 2012 17:56:35 +0100 |
parents | a52c597075dc |
children | f5c0e6df7e88 |
line wrap: on
line diff
--- a/src/main/java/de/mpiwg/itgroup/annotations/restlet/AnnotatorResourceImpl.java Tue Nov 20 16:54:03 2012 +0100 +++ b/src/main/java/de/mpiwg/itgroup/annotations/restlet/AnnotatorResourceImpl.java Tue Nov 20 17:56:35 2012 +0100 @@ -132,8 +132,8 @@ } /** - * checks Annotator Auth plugin authentication information from headers. - * returns userId if successful. + * Checks Annotator Auth plugin authentication information from headers. + * Returns userId if successful. Returns "anonymous" in non-authorization mode. * * @param entity * @return @@ -141,7 +141,12 @@ public String checkAuthToken(Representation entity) { Form requestHeaders = (Form) getRequest().getAttributes().get("org.restlet.http.headers"); String authToken = requestHeaders.getFirstValue("x-annotator-auth-token", true); - if (authToken == null) return null; + if (authToken == null) { + if (!((BaseRestlet) getApplication()).isAuthorizationMode()) { + return "anonymous"; + } + return null; + } // decode token first to get consumer key JsonToken token = new JsonTokenParser(null, null).deserialize(authToken); String userId = token.getParamAsPrimitive("userId").getAsString();