}
}
// if we get to here we are either allowed to access the bitstream without credentials,
// or we have been authenticated with acceptable credentials
MediaResource mr = this.getBitstreamResource(ctx, bitstream);
if (sc != null)
{
sc.abort();
}
if (ctx.isValid())
{
ctx.abort();
}
return mr;
}
else
{
// request for an item
Item item = urlManager.getItem(ctx, uri);
if (item == null)
{
// item now found in the database, so 404 the client
// Arguably, we should try to authenticate first, but it's not so important
throw new SwordError(404);
}
// find out, now we know what we're being asked for, whether this is allowed
WorkflowManagerFactory.getInstance().retrieveContent(ctx, item);
// we can do this in principle but now find out whether the item is accessible without credentials
boolean accessible = this.isAccessible(ctx, item);
if (!accessible)
{
// try to authenticate, and if successful switch the contexts around
sc = this.doAuth(authCredentials);
ctx.abort();
ctx = sc.getContext();
}
// if we get to here we are either allowed to access the bitstream without credentials,
// or we have been authenticated
MediaResource mr = this.getItemResource(ctx, item, urlManager, uri, accept);
// sc.abort();
ctx.abort();
return mr;
}
}