AnsweredAssumed Answered

External Authentication (Alfresco 5.2enterprise)with SSO not work for http header shows simple auth dialog

Question asked by g_rathod on Apr 21, 2017
Latest reply on Nov 30, 2017 by prabhuk

We configured SSO based authentication with header set and we are facing one issue,  while hitting 

even with http://hostname:8080/share  it shows (gives) me popup asking for credentials (simple authentication dialog)

 

 

I twice checked configuration as per the docs.alfresco.com  ( we are using alfresco 5.2 )

http://docs.alfresco.com/5.2/tasks/auth-alfrescoexternal-sso.html 

 

How do I successfully get into login page atleast with providing port  ( consider I am not using LB URL for siteminder auth) even with port it ask for this simple authentication then if I do cancel , it redirect me to share login page.

 

Here is my share-config-custom

<config evaluator="string-compare" condition="Remote">
<remote>

<keystore>
<path>alfresco/web-extension/alfresco-system.p12</path>
<type>pkcs12</type>
<password>alfresco-system</password>
</keystore>

<!--
<ssl-config>
<keystore-path>alfresco/web-extension/alfresco-system.p12</keystore-path>
<keystore-type>pkcs12</keystore-type>
<keystore-password>alfresco-system</keystore-password>

<truststore-path>alfresco/web-extension/ssl-truststore</truststore-path>
<truststore-type>JCEKS</truststore-type>
<truststore-password>kT9X6oe68t</truststore-password>

<verify-hostname>true</verify-hostname>
</ssl-config>
-->
<connector>
<id>alfrescoCookie</id>
<name>Alfresco Connector</name>
<description>Connects to an Alfresco instance using cookie-based authentication</description>
<class>org.alfresco.web.site.servlet.SlingshotAlfrescoConnector</class>
</connector>

<connector>
<id>alfrescoHeader</id>
<name>Alfresco Connector</name>
<description>Connects to an Alfresco instance using header and cookie-based authentication</description>
<class>org.alfresco.web.site.servlet.SlingshotAlfrescoConnector</class>
<userHeader>SM_USER</userHeader>
</connector>

<endpoint>
<id>alfresco</id>
<name>Alfresco - user access</name>
<description>Access to Alfresco Repository WebScripts that require user authentication</description>
<connector-id>alfrescoHeader</connector-id>
<endpoint-url>http://localhost:8080/alfresco/s</endpoint-url>
<identity>user</identity>
<external-auth>true</external-auth>
</endpoint>
<!--
<endpoint>
<id>alfresco-feed</id>
<parent-id>alfresco</parent-id>
<name>Alfresco Feed</name>
<description>Alfresco Feed - supports basic HTTP authentication via the EndPointProxyServlet</description>
<connector-id>alfrescoHeader</connector-id>
<endpoint-url>http://localhost:8080/alfresco/wcs</endpoint-url>
<identity>user</identity>
<external-auth>true</external-auth>
</endpoint> -->

<endpoint>
<id>alfresco-api</id>
<parent-id>alfresco</parent-id>
<name>Alfresco Public API - user access</name>
<description>Access to Alfresco Repository Public API that require user authentication.
This makes use of the authentication that is provided by parent 'alfresco' endpoint.</description>
<connector-id>alfrescoHeader</connector-id>
<endpoint-url>http://localhost:8080/alfresco/api</endpoint-url>
<identity>user</identity>
<external-auth>true</external-auth>
</endpoint>
-->
</remote>
</config>

 

 

==============================

 

 

What is wrong here ?

Outcomes