AnsweredAssumed Answered

External authentication and the user id pattern

Question asked by florianhuebner on Aug 19, 2011
Latest reply on Aug 24, 2011 by florianhuebner
Hello

We wanted to switch from kerberos to external authentication.
I have set
external.authentication.enabled=true
external.authentication.proxyHeader=REMOTE_USER
and as long as basic authentication is used on the Apache everything works fine.

Now I wanted to switch to AuthType Kerberos but I get an Alfresco Explorer - System Error when trying to log in using SSO:

org.alfresco.repo.security.authentication.AuthenticationException: 07190007 Failed to set current user huebner@MY.COMPANY

How can I get rid of the "@MY.COMPANY"?
Setting the
external.authentication.userIdPattern=(^[-a-zA-z0-9\.]*)
seems to have no effect, no matter what RegEx I use.
Even trying to resolve the issue on the Apache side via:
# Grab the REMOTE_USER apache environment variable for HTTP forwarding
  RewriteEngine On
  RewriteCond %{LA-U:REMOTE_USER} ([-a-zA-z0-9\.]+)[@]*.*
  RewriteRule . - [E=RU:%1]
# Set the REMOTE_USER and x-user to the authenticated username
  RequestHeader set REMOTE_USER %{RU}e
  RequestHeader set x-user %{RU}e
Has no visible effect…

Am I doing anything wrong or have I missed something?

Outcomes