AnsweredAssumed Answered

passthru to samba for authentication

Question asked by iantopanto on Aug 14, 2009
Latest reply on Aug 17, 2010 by brazen
I got alfresco to sync to ldap and do passthru authentication to samba, the issue im having is with the web interface where if I navigate to http://server:8080/alfresco i get an apache authentication popup asking for a username and password.  I just want the standard the alfresco login box.

If i navigate directly to http://server:8080/alfresco/faces/jsp/login.jsp i get the alfresco box, and I can login ok.

When I log out I get the "You have been logged out of Alfresco." box in the middle of the browser, and If i navigate back to http://server:8080/alfresco/ or click on "Re-login to Alfresco" Im back in without entering a password or I get the apache style auth popup.

Its like it remembers my password like ntlm SSO, but I think i turned this off. here is my global config file:
————
authentication.chain=passthru1:passthru,ldap1:ldap
cifs.domain=WALES      

# Configure NTLM passthru to SAMBA Server
ntlm.authentication.sso.enabled=false  
passthru.authentication.sso.enabled=false
#ntlm.authentication.authenticateCIFS=false

passthru.authentication.servers=192.168.0.1
passthru.authentication.domain=WALES
passthru.authentication.useLocalServer=false
passthru.authentication.connectTimeout=5000
#Offline server check interval in seconds
passthru.authentication.offlineCheckInterval=300
passthru.authentication.protocolOrder=TCPIP,NETBIOS
passthru.authentication.authenticateCIFS=true
passthru.authentication.authenticateFTP=true
#ntlm.authentication.mapUnknownUserToGuest=false

##### Ldap Synchronisation
ldap.authentication.active=false
ldap.synchronization.active=true

# User Bind settings
ldap.authentication.java.naming.provider.url=ldap://192.168.0.1:389
ldap.authentication.java.naming.security.authentication=simple
ldap.synchronization.java.naming.security.principal=cn=alfresco,dc=domain,dc=com
ldap.synchronization.java.naming.security.credentials=alfuser

# what to sync
ldap.synchronization.userSearchBase=ou=People,dc=domain,dc=com
ldap.synchronization.groupSearchBase=ou=Distribution-Lists,dc=domain,dc=com
ldap.synchronization.groupQuery=(objectclass=posixGroup)
ldap.synchronization.personQuery=(objectclass=inetOrgPerson)
synchronization.synchronizeChangesOnly=true
synchronization.syncOnStartup=true
synchronization.syncWhenMissingPeopleLogIn=true 
ldap.synchronization.defaultHomeFolderProvider=userHomesHomeFolderProvider

# map attributes
ldap.synchronization.timestampFormat=yyyyMMddHHmmss'Z'
ldap.synchronization.personType=inetOrgPerson
ldap.synchronization.groupMemberAttributeName=memberUid
ldap.synchronization.userIdAttributeName=uid
ldap.synchronization.userFirstNameAttributeName=givenName
ldap.synchronization.userLastNameAttributeName=cn
ldap.synchronization.userEmailAttributeName=mail
—————-

can someone point me in the right direction to get the proper behavior.

Outcomes