# HG changeset patch
# User casties
# Date 1353430595 -3600
# Node ID 4efb21cf0ce03d6c9ba0b17660cac06ce42e9d70
# Parent  30c2e7d4eaf97d3ebd548a9f38626288e7eba8bf
new non-authorized mode without tokens. enabled by default. configured with annotationmanager.authorization=false property.

diff -r 30c2e7d4eaf9 -r 4efb21cf0ce0 src/main/java/de/mpiwg/itgroup/annotations/restlet/AnnotatorResourceImpl.java
--- a/src/main/java/de/mpiwg/itgroup/annotations/restlet/AnnotatorResourceImpl.java	Tue Nov 20 16:54:03 2012 +0100
+++ b/src/main/java/de/mpiwg/itgroup/annotations/restlet/AnnotatorResourceImpl.java	Tue Nov 20 17:56:35 2012 +0100
@@ -132,8 +132,8 @@
     }
 
     /**
-     * checks Annotator Auth plugin authentication information from headers.
-     * returns userId if successful.
+     * Checks Annotator Auth plugin authentication information from headers.
+     * Returns userId if successful. Returns "anonymous" in non-authorization mode.
      * 
      * @param entity
      * @return
@@ -141,7 +141,12 @@
     public String checkAuthToken(Representation entity) {
         Form requestHeaders = (Form) getRequest().getAttributes().get("org.restlet.http.headers");
         String authToken = requestHeaders.getFirstValue("x-annotator-auth-token", true);
-        if (authToken == null) return null;
+        if (authToken == null) {
+            if (!((BaseRestlet) getApplication()).isAuthorizationMode()) {
+                return "anonymous";
+            }
+            return null;
+        }
         // decode token first to get consumer key
         JsonToken token = new JsonTokenParser(null, null).deserialize(authToken);
         String userId = token.getParamAsPrimitive("userId").getAsString();
diff -r 30c2e7d4eaf9 -r 4efb21cf0ce0 src/main/java/de/mpiwg/itgroup/annotations/restlet/AnnotatorRestlet.java
--- a/src/main/java/de/mpiwg/itgroup/annotations/restlet/AnnotatorRestlet.java	Tue Nov 20 16:54:03 2012 +0100
+++ b/src/main/java/de/mpiwg/itgroup/annotations/restlet/AnnotatorRestlet.java	Tue Nov 20 17:56:35 2012 +0100
@@ -14,7 +14,7 @@
  */
 public class AnnotatorRestlet extends BaseRestlet {
 
-    public final String version = "AnnotationManagerN4J/Annotator 0.2.2";
+    public final String version = "AnnotationManagerN4J/Annotator 0.2.3";
 
     public static Logger logger = Logger.getLogger(AnnotatorRestlet.class);
 
diff -r 30c2e7d4eaf9 -r 4efb21cf0ce0 src/main/java/de/mpiwg/itgroup/annotations/restlet/BaseRestlet.java
--- a/src/main/java/de/mpiwg/itgroup/annotations/restlet/BaseRestlet.java	Tue Nov 20 16:54:03 2012 +0100
+++ b/src/main/java/de/mpiwg/itgroup/annotations/restlet/BaseRestlet.java	Tue Nov 20 17:56:35 2012 +0100
@@ -33,27 +33,42 @@
     public static Logger logger = Logger.getLogger(BaseRestlet.class);
 
     /**
-     * Properties holding consumer keys and secrets
+     * Properties holding consumer keys and secrets.
      */
     protected Properties consumerKeys;
     public String CONSUMER_KEYS_PATH = "WEB-INF/consumerkeys.property";
     public static final String CONSUMERKEYS_KEY = "annotationmanager.consumerkeys";
 
+    /**
+     * Properties holding server config.
+     */
     protected Properties serverConfig;
     public String CONFIG_PROPS_PATH = "WEB-INF/serverconfig.property";
     public static final String SERVERCONFIG_KEY = "annotationmanager.serverconfig";
 
+    /** 
+     * database instance;
+     */
     protected GraphDatabaseService graphDb;
     public static final String GRAPHDB_KEY = "annotationmanager.graphdb";
     public static final String GRAPHDB_PATH_KEY = "annotationmanager.graphdb.path";
     public String graphdbPath = "WEB-INF/neo4j-annotation-db";
 
+    /**
+     * database interface server instance.
+     */
     protected WrappingNeoServerBootstrapper srv;
     public static final String GRAPHDBSRV_KEY = "annotationmanager.graphdb.srv";
 
+    /**
+     * annotation store instance.
+     */
     protected AnnotationStore store;
     public static final String ANNSTORE_KEY = "annotationmanager.store";
 
+    /**
+     * LDAP server URI (for looking up full user names).
+     */
     protected String ldapServerUrl;
     public static final String LDAP_SERVER_KEY = "annotationmanager.ldapserver.url";
 
@@ -61,6 +76,12 @@
     public static final String ADMIN_PASSWORD_KEY = "annotationmanager.admin.password";
 
     /**
+     * run in authorization mode i.e. with tokens.
+     */
+    protected boolean authorizationMode = false; 
+    public static final String AUTHORIZATION_MODE_KEY = "annotationmanager.authorization";
+    
+    /**
      * constructor
      * 
      * @param context
@@ -171,6 +192,13 @@
     public abstract String getVersion();
 
     /**
+     * @return the authorizationMode
+     */
+    public boolean isAuthorizationMode() {
+        return authorizationMode;
+    }
+
+    /**
      * @return the store
      */
     public AnnotationStore getAnnotationStore() {
diff -r 30c2e7d4eaf9 -r 4efb21cf0ce0 src/main/webapp/WEB-INF/serverconfig.property.template
--- a/src/main/webapp/WEB-INF/serverconfig.property.template	Tue Nov 20 16:54:03 2012 +0100
+++ b/src/main/webapp/WEB-INF/serverconfig.property.template	Tue Nov 20 17:56:35 2012 +0100
@@ -1,6 +1,7 @@
 # AnnotationManager server config
 # format: key = value
 annotationmanager.graphdb.path = /usr/local/neo4j/dbs/AnnotationManager
+annotationmanager.authorization = true
 annotationmanager.ldapserver.url = ldap://ldap.mpiwg-berlin.mpg.de/dc=mpiwg-berlin,dc=mpg,dc=de
 annotationmanager.admin.user = adminuser
 annotationmanager.admin.password = adminpw