AnsweredAssumed Answered

Share SSO with External Subsystem

Question asked by rf-srns on Oct 12, 2010
Latest reply on Oct 12, 2010 by loftux
Has anyone been able to get this to work?  We did the *alfresco* webapp using a servlet filter that caused HttpServletRequest.getRemoteUser() to return the authenticated user, and it worked just fine.  No such luck with Share - we tried setting the X-Alfresco-Remote-User header on the request (by wrapping it in a HttpServletRequestWrapper), and on the response.  No luck.  I have seen conflicting threads about which webapp (share vs. alfresco) cares about the header - our experience seems to show that alfresco does not use it.  We have set the "external.authentication.proxyUserName" property to be empty (in alfresco-global.properties, and in ..tomcat\webapps\alfresco\WEB-INF\classes\alfresco\subsystems\Authentication\external\external-filter.properties).  No luck.

And then since external is in the global authentication chain, I HAVE to use it for Share (am I wrong about that?).  At the moment, I have had to back off to having no SSO for either, and doing that over SSL.  Yuck!

Outcomes