WebApiNoAuth bug

[andreaskring]

The @WebApiNoAuth annotation is not working on a MultiPartResourceAction.Create method unless another EntityResourceAction.Create method is present in the same class.

Steps to reproduce:

1. Clone the sandbox project located here and see the https://github.com/andreaskring/alfresco-sdk4-sandbox/blob/master/src/main/java/dk/magenta/sdk4/webscripts/SandboxEntityResource.java#L29
2. A POST request to the endpoint above with e.g. curl -i -X POST -F 'xyz=abc' http://localhost:8080/alfresco/api/-default-/public/sandbox/versions/1/sandbox will respond with a HTTP status code 401.
3. If an extra endpoint is added to the class by using the EntityResourceAction.Create interface, and if this new endpoint method is annotated with the @WebApiNoAuth annotation, then the above mentioned endpoint in line 29 wil suddenly start to work as expected, i.e. it can be called without authentication.

So the presence of one endpoint affects the authentication properties of another endpoint, and I guess that this is not the expected behaviour?

[DavidRobinson8]

We believe this issue is resolved now. Please check in the latest release (A10)

[andreaskring]

@DavidRobinson8 Thanks for addressing the issue. The GitHub sandbox project referenced above was build using the SDK4 (i.e. using Docker containers). Sorry if this is a trivial question, but how do I most easily update this sandbox project to include the changes in the latest release (A10)?

[andreaskring]

@DavidRobinson8 Nevermind the question above - I think, I figured it out how to do it with acs-community-deployment project. It seems to be a simple matter of setting the image to alfresco/alfresco-content-repository-community:6.2.0-A10 in the docker-compose.yml. However, the Docker image for the A10 release does not seem to be available yet - when will this become available?

[DavidRobinson8]

@andreaskring , it should be available by the end of today :-)