From ea1c5dc5b9f48059cd99c5edff341b5c196d125b Mon Sep 17 00:00:00 2001
From: Mike McKay <mfmckay@wustl.edu>
Date: Sat, 7 May 2016 19:27:13 -0500
Subject: [PATCH] XNAT-4188 Improvements to made open XNAT usable.

---
 .../restlet/extensions/AuthenticationRestlet.java     |  3 ++-
 .../nrg/xnat/restlet/resources/SecureResource.java    | 11 +++++++++--
 2 files changed, 11 insertions(+), 3 deletions(-)

diff --git a/src/main/java/org/nrg/xnat/restlet/extensions/AuthenticationRestlet.java b/src/main/java/org/nrg/xnat/restlet/extensions/AuthenticationRestlet.java
index 5eeb09a1..cbd2dada 100644
--- a/src/main/java/org/nrg/xnat/restlet/extensions/AuthenticationRestlet.java
+++ b/src/main/java/org/nrg/xnat/restlet/extensions/AuthenticationRestlet.java
@@ -14,6 +14,7 @@ import org.apache.commons.lang3.StringUtils;
 import org.apache.commons.logging.Log;
 import org.apache.commons.logging.LogFactory;
 import org.nrg.xdat.XDAT;
+import org.nrg.xft.XFT;
 import org.nrg.xnat.restlet.XnatRestlet;
 import org.nrg.xnat.security.XnatProviderManager;
 import org.restlet.Context;
@@ -75,7 +76,7 @@ public class AuthenticationRestlet extends Resource {
             _log.debug("Passing a representation of the verify extensions restlet.");
         }
 
-        if (StringUtils.isBlank(_username) || StringUtils.isBlank(_password)) {
+        if (XFT.GetRequireLogin() && (StringUtils.isBlank(_username) || StringUtils.isBlank(_password))) {
             fail();
             return;
         }
diff --git a/src/main/java/org/nrg/xnat/restlet/resources/SecureResource.java b/src/main/java/org/nrg/xnat/restlet/resources/SecureResource.java
index bbea23ef..d83c4ee3 100644
--- a/src/main/java/org/nrg/xnat/restlet/resources/SecureResource.java
+++ b/src/main/java/org/nrg/xnat/restlet/resources/SecureResource.java
@@ -28,6 +28,7 @@ import org.nrg.action.ServerException;
 import org.nrg.config.services.ConfigService;
 import org.nrg.framework.constants.Scope;
 import org.nrg.framework.exceptions.NrgServiceRuntimeException;
+import org.nrg.framework.services.SerializerService;
 import org.nrg.framework.utilities.Reflection;
 import org.nrg.xdat.XDAT;
 import org.nrg.xdat.base.BaseElement;
@@ -66,7 +67,6 @@ import org.nrg.xnat.restlet.representations.*;
 import org.nrg.xnat.restlet.util.FileWriterWrapperI;
 import org.nrg.xnat.restlet.util.RequestUtil;
 import org.nrg.xnat.turbine.utils.ArchivableItem;
-import org.nrg.framework.services.SerializerService;
 import org.nrg.xnat.utils.WorkflowUtils;
 import org.restlet.Context;
 import org.restlet.data.*;
@@ -151,7 +151,14 @@ public abstract class SecureResource extends Resource {
         // expects that the user exists in the session (either via traditional
         // session or set via the XnatSecureGuard
         user = XDAT.getUserDetails();
-
+        if(user==null && !XFT.GetRequireLogin()){
+            try {
+                user = Users.getGuest();
+                XDAT.setUserDetails(user);
+            } catch (Exception e) {
+                logger.error("",e);
+            }
+        }
         filepath = getRequest().getResourceRef().getRemainingPart();
         if (filepath != null) {
             if (filepath.contains("?")) {
-- 
GitLab