AnsweredAssumed Answered

Unable to get NTLM working for Alfresco Labs 3 Beta

Question asked by melvinwong on Aug 20, 2008
I have just installed Alfresco Labs 3 Beta but I just can't get the NTLM authentication working. I followed the steps in http://forums.alfresco.com/viewtopic.php?f=9&t=7750&p=28923&hilit=active+directory+authentication#p32914.
I changed the web.xml and ntlm-authentication-context.xml as per the post and restarted Alfresco. When I try to login using a valid account in my AD, alfresco keeps complaining that user does not have Alfresco account. However I can still login using the default user admin, password admin. Any idea why I cannot authenticate with my AD? Did I miss out anything or the steps does not work for Labs 3?

web.xml

   <filter>
      <filter-name>Authentication Filter</filter-name>

<!–      <filter-class>org.alfresco.web.app.servlet.AuthenticationFilter</filter-class>  –>
     
      <!– For Novell IChain support use the following filter –>
      <!–
        <filter-class>org.alfresco.web.app.servlet.NovellIChainsHTTPRequestAuthenticationFilter</filter-class>
      –>
     
      <!– For NTLM authentication support use the following filter –>
     
        <filter-class>org.alfresco.web.app.servlet.NTLMAuthenticationFilter</filter-class>
     
   </filter>

   <filter>
      <filter-name>WebDAV Authentication Filter</filter-name>
<!–      <filter-class>org.alfresco.repo.webdav.auth.AuthenticationFilter</filter-class> –>
     
      <!– For NTLM authentication support use the following filter –>
     
        <filter-class>org.alfresco.repo.webdav.auth.NTLMAuthenticationFilter</filter-class>
     
   </filter>

   <filter>
      <filter-name>Admin Authentication Filter</filter-name>
      <filter-class>org.alfresco.web.app.servlet.AdminAuthenticationFilter</filter-class>
   </filter>
  
   <filter>
      <filter-name>MT WebScript Basic Authentication Filter</filter-name>
      <filter-class>org.alfresco.web.app.servlet.MTWebScriptAuthenticationFilter</filter-class>
      <init-param>
         <param-name>authenticator</param-name>
         <param-value>webscripts.authenticator.basic</param-value>
      </init-param>
   </filter>
  
   <filter>
      <filter-name>MT WebScript WC Authentication Filter</filter-name>
      <filter-class>org.alfresco.web.app.servlet.MTWebScriptAuthenticationFilter</filter-class>
      <init-param>
         <param-name>authenticator</param-name>
         <param-value>webscripts.authenticator.webclient</param-value>
      </init-param>
   </filter>
  
   <filter>
      <filter-name>Vti Filter</filter-name>
      <filter-class>org.alfresco.module.vti.VtiContextFilter</filter-class>
   </filter>

   <filter-mapping>
      <filter-name>Vti Filter</filter-name>
      <url-pattern>/*</url-pattern>
   </filter-mapping>

   <filter-mapping>
      <filter-name>Authentication Filter</filter-name>
      <url-pattern>/faces/*</url-pattern>
   </filter-mapping>
  
   <!– For NTLM authentication support enable the following mapping –>
  
   <filter-mapping>
      <filter-name>Authentication Filter</filter-name>
      <url-pattern>/navigate/*</url-pattern>
   </filter-mapping>
  
   <filter-mapping>
      <filter-name>Authentication Filter</filter-name>
      <url-pattern>/command/*</url-pattern>
   </filter-mapping>

   <filter-mapping>
      <filter-name>Authentication Filter</filter-name>
      <url-pattern>/download/*</url-pattern>
   </filter-mapping>
  
   <filter-mapping>
      <filter-name>Authentication Filter</filter-name>
      <url-pattern>/template/*</url-pattern>
   </filter-mapping>
  
   <filter-mapping>
      <filter-name>Authentication Filter</filter-name>
      <url-pattern>/n/*</url-pattern>
   </filter-mapping>
  
   <filter-mapping>
      <filter-name>Authentication Filter</filter-name>
      <url-pattern>/c/*</url-pattern>
   </filter-mapping>

   <filter-mapping>
      <filter-name>Authentication Filter</filter-name>
      <url-pattern>/t/*</url-pattern>
   </filter-mapping>
  
   <filter-mapping>
      <filter-name>Authentication Filter</filter-name>
      <url-pattern>/d/*</url-pattern>
   </filter-mapping>


ntlm-authentication-context.xml

    <bean id="authenticationComponent"
          class="org.alfresco.repo.security.authentication.ntlm.NTLMAuthenticationComponentImpl"
       parent="authenticationComponentBase"> 

        <property name="useLocalServer">
            <value>false</value>
        </property>

        <property name="servers">
            <value>192.168.11.30</value>
        </property>

        <property name="personService">
            <ref bean="personService" />
        </property>
        <property name="nodeService">
            <ref bean="nodeService" />
        </property>
        <property name="transactionService">
            <ref bean="transactionComponent" />
        </property>
        <property name="guestAccess">
            <value>false</value>
        </property>
    </bean>
   
</beans>

Outcomes