AnsweredAssumed Answered

Configuring custom login for Alfresco

Question asked by hpalma on Feb 23, 2009
Hi,
i have a use case where the users and groups are managed by Alfresco but i want the user/password combination to be validated by a custom implementation provided by me. So basically the user password configured in Alfresco gets ignored.
I've managed to get this working for the web interface and FTP, but can't make it work for CIFS. I was hoping someone could help me figure out a way to do this. Maybe i'm just over complicating things and there's a much easier way to do this.
Here's how i've managed to get web and FTP working with custom authentication:

WEB
I implemented a class that extends from org.alfresco.repo.security.authentication.AuthenticationComponentImpl. My class overrides the authenticateImpl(String username, char[] password) method where i implement my own authentication logic.
In order to get Alfresco to use my implementation i change the authenticationComponent bean defined in the authentication-services-context.xml to reference my class.
That's it, web login now works using my authentication logic.

FTP
This one was more tricky.
I implemented a class that extends from org.alfresco.filesys.ServerConfigurationBean. My class overrides the processFTPServerConfig(Config config) like so:

    protected void processFTPServerConfig(Config config) {
        try {
            super.processFTPServerConfig(config);
        } catch (AlfrescoRuntimeException ex) {
            // ignore
        }

        FTPConfigSection ftpConfig = (FTPConfigSection) getConfigSection("FTP");

        if (ftpConfig != null) {
            try {
                ftpConfig.setAuthenticator("com.myproject.MyFtpAuthenticator",
                        config.getConfigElement("authenticator"));
            } catch (InvalidConfigurationException ex) {
                throw new AlfrescoRuntimeException("Error processing FTP configuration!", ex);
            }
        }
    }

The class MyFtpAuthenticator extends from org.alfresco.filesys.auth.ftp.AlfrescoFtpAuthenticator and overrides the authenticateUser(ClientInfo client, FTPSrvSession ftpSrvSession) in order to implement the authentication logic.
Finally, had to the the fileServerConfiguration bean class to reference my own serverconfiguraction implementation.

CIFS
I tried the same approach as FTP but in my authenticator i can't get hold of the plain text password that i need for my custom authentication logic. I always get an MD4 hash.


Really appreciate some help.
Thanks in advance.

Outcomes