Help

Accesso diretto a Share

cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
fedemori
Member II
‎14 Jan 2015 10:07 AM

Accesso diretto a Share

Buongiorno,
da un'applicazione X è possibile aprire Alfresco Share passando user e password (quindi senza effettuare la login) o essendo gia loggato con un utente e aprire direttamente una cartella di un sito?

Grazie
Labels
0 Kudos
2 Replies
openpj
Moderator
Moderator
‎14 Jan 2015 1:54 PM

Re: Accesso diretto a Share

Si, si può fare abilitando l'external authentication su Share:
http://docs.alfresco.com/4.1/tasks/auth-alfrescoexternal-sso.html

In pratica le richieste verso Share devono passare da un proxy che decora la richiesta HTTP con un header in cui viene passato lo username dell'utente.
Quando la richiesta decorata arriva verso Share, questo leggerà l'header HTTP in cui è stato passato lo username dell'utente che Alfresco riconoscerà come autenticato.

Spero ti aiuti a risolvere.
0 Kudos
fedemori
Member II
‎14 Jan 2015 3:08 PM

Re: Accesso diretto a Share

Ok grazie, ho impostato il file share-config-custom.xml nel seguente modo:


<alfresco-config>

   <!– Repository Library config section –>
   <config evaluator="string-compare" condition="RepositoryLibrary" replace="true">
      <!–
         Whether the link to the Repository Library appears in the header component or not.
      –>
      <visible>true</visible>
   </config>
   <config evaluator="string-compare" condition="Remote">
      <remote>
         <endpoint>
            <id>alfresco-noauth</id>
            <name>Alfresco - unauthenticated access</name>
            <description>Access to Alfresco Repository WebScripts that do not 
            require authentication
            </description>
            <connector-id>alfresco</connector-id>
            <endpoint-url>http://localhost:8080/alfresco/s</endpoint-url>
            <identity>none</identity>
         </endpoint>

         <endpoint>
            <id>alfresco</id>
            <name>Alfresco - user access</name>
            <description>Access to Alfresco Repository WebScripts that 
                         require user authentication
            </description>
            <connector-id>alfresco</connector-id>
            <endpoint-url>http://localhost:8080/alfresco/s</endpoint-url>
            <identity>user</identity>
         </endpoint>

         <endpoint>
            <id>alfresco-feed</id>
            <name>Alfresco Feed</name>
            <description>Alfresco Feed - supports basic HTTP authentication via
                         the EndPointProxyServlet</description>
            <connector-id>http</connector-id>
            <endpoint-url>http://localhost:8080/alfresco/s</endpoint-url>
            <basic-auth>true</basic-auth>
            <identity>user</identity>
         </endpoint>

         <endpoint>
            <id>activiti-admin</id>
            <name>Activiti Admin UI - user access</name>
            <description>Access to Activiti Admin UI, that requires user 
                         authentication</description>
            <connector-id>activiti-admin-connector</connector-id>
            <endpoint-url>http://localhost:8080/alfresco/activiti-admin
            </endpoint-url>
            <identity>user</identity>
         </endpoint>
      </remote>
   </config>

   <config evaluator="string-compare" condition="Remote">
      <remote>
         <keystore>
            <path>alfresco/web-extension/alfresco-system.p12</path>
            <type>pkcs12</type>
            <password>alfresco-system</password>
         </keystore>

         <connector>
            <id>alfrescoCookie</id>
            <name>Alfresco Connector</name>
            <description>Connects to an Alfresco instance using cookie-based 
                          authentication
            </description>
            <class>org.alfresco.web.site.servlet.SlingshotAlfrescoConnector</class>
         </connector>

         <connector>
            <id>alfrescoHeader</id>
            <name>Alfresco Connector</name>
            <description>Connects to an Alfresco instance using header and 
             cookie-based authentication
            </description>
            <class>org.alfresco.web.site.servlet.SlingshotAlfrescoConnector</class>
            <userHeader>SsoUserHeader</userHeader>
         </connector>

         <endpoint>
            <id>alfresco</id>
            <name>Alfresco - user access</name>
            <description>Access to Alfresco Repository WebScripts that require user
             authentication
            </description>
            <connector-id>alfrescoHeader</connector-id>
            <endpoint-url>http://localhost:8080/alfresco/wcs</endpoint-url>
            <identity>user</identity>
            <external-auth>true</external-auth>
         </endpoint>
      </remote>
   </config>

</alfresco-config>


e alfresco-global.properties


authentication.chain=external1:external,alfrescoNtlm1:alfrescoNtlm
#authentication.chain=external,alfrescoNtlm1:alfrescoNtlm,ldap1:ldap-ad 
external.authentication.proxyUserName=
external.authentication.enabled=true
external.authentication.defaultAdministratorUserNames=admin
external.authentication.proxyHeader=SsoUserHeader


Come posso testare la connessione?

Ho provato a fare la login lanciando sul browser l'url http://localhost:8080/alfresco/service/api/login?u=admin&pw={password} e mi è stato restituito un token sul browser e poi ho lanciato http://localhost:8080/share ma mi ha dato la login. Dove sbaglio?
0 Kudos
Italian Archive

Archive content from product discussions in Italian.

This group is now closed and content is read-only.

“Alfresco

We use cookies on this site to enhance your user experience

By using this site, you are agreeing to allow us to collect and use cookies as outlined in Alfresco’s Cookie Statement and Terms of Use (and you have a legitimate interest in Alfresco and our products, authorizing us to contact you in such methods).   If you are not ok with these terms, please do not use this website.