Support renew=true parameter for our CAS IdP

api/src/org/labkey/api/security/AuthFilter.java

@@ -199,14 +199,9 @@ else if (!AppProps.getInstance().isDevMode())
         }
 
         if (null == user)
-        {
-            if (AppProps.getInstance().isOptionalFeatureEnabled(AppProps.EXPERIMENTAL_NO_GUESTS))
-                user = User.nobody;
-            else
-                user = User.guest;
-        }
+            user = getGuestUser();
         else
-            UserManager.updateRecentUser(user.isImpersonated() ? user.getImpersonatingUser() : user); // TODO: Sanity check this with Matt... treat impersonating admin as active, not impersonated user
+            UserManager.updateRecentUser(user.isImpersonated() ? user.getImpersonatingUser() : user);
 
         req = AuthenticatedRequest.create(req, user);
 
@@ -262,7 +257,13 @@ private void addRandomHeader(HttpServletRequest req, HttpServletResponse resp)
         resp.addHeader("X-LK-NONCE", sb.toString());
     }
 
-
+    public static User getGuestUser()
+    {
+        if (AppProps.getInstance().isOptionalFeatureEnabled(AppProps.EXPERIMENTAL_NO_GUESTS))
+            return User.nobody;
+        else
+            return User.guest;
+    }
 
     private boolean clearRequestAttributes(HttpServletRequest request)
     {

api/src/org/labkey/api/security/AuthenticatedRequest.java

@@ -55,15 +55,12 @@
 import java.util.concurrent.TimeUnit;
 import java.util.stream.Collectors;
 
-/**
- * User: matthewb
- * Date: Feb 5, 2009
- */
 public class AuthenticatedRequest extends HttpServletRequestWrapper implements AutoCloseable
 {
     private static final Logger _log = LogManager.getLogger(AuthenticatedRequest.class);
 
     private final User _user;
+
     private boolean _loggedIn;
     private HttpSession _session = null;
 
@@ -76,11 +73,17 @@ public static AuthenticatedRequest create(@NotNull HttpServletRequest request, @
 
     private AuthenticatedRequest(@NotNull HttpServletRequest request, @NotNull User user)
     {
-        super(request instanceof AuthenticatedRequest ? (HttpServletRequest)((AuthenticatedRequest)request).getRequest() : request);
+        super(request instanceof AuthenticatedRequest authRequest ? authRequest.getRequest() : request);
         _user = user;
         _loggedIn = !_user.isGuest();
     }
 
+    @Override
+    public HttpServletRequest getRequest()
+    {
+        return (HttpServletRequest)super.getRequest();
+    }
+
     @Override
     public void close()
     {

assay/src/org/labkey/assay/AssayIntegrationTestCase.jsp

@@ -580,7 +580,7 @@
         updated.put("ResultProp", 200);
         updated.put("RowId", resultRowId);
         errors = new BatchValidationException();
-        Thread.sleep(5); // SQL Server timestamps aren't granular enough to guarantee different modified time
+        Thread.sleep(schema.getDbSchema().getSqlDialect().isSqlServer() ? 100 : 5); // SQL Server timestamps aren't granular enough to guarantee different modified time
         resultsQUS.updateRows(user, c, Collections.singletonList(updated), null, errors, null, null);
 
         // verify result created matches run's created in query table, but result modified now differs from run's created