AnsweredAssumed Answered

Alfresco SDK 3.0 and configuring Tomcat

Question asked by davidraines on Jul 18, 2018

Is it possible to configure and Alfresco SDK 3.0 AOI enviornment to configure Tomcat to:

  • Use HTTPS instead of HTTP
  • Configure a keystore
  • Configure a truststore
  • Set the tomcat "clientAuth" property, so that users are prompted to provide a client certificate when they attempt to establish the connection?

 

Our application works in this manner, and we also have a custom LoginBean to facilitate user logins.  We're in production, and been doing this for a while.  We switched over to Alfresco 5.2 / SDK 3.0 a while ago, but have just done without the ability to test this custom LoginBean from a development environment (we have an alternate mechanism to let developers test over HTTP).  This is getting more and more frustrating.

 

Historically, in Alfresco 5.1 / SDK 2.2, we were able to go into the "runner" project, and the following configuration to the "tomcat7-maven-plugin" plugin:

 

<artifactId>tomcat7-maven-plugin</artifactId>
<executions>
   ...
</executions>
<configuration>
   <httpsPort>8443</httpsPort>
   <keystoreFile>${project.basedir}/keystore/ssl.keystore</keystoreFile>
   <keystorePass>password1</keystorePass>
   <keystoreType>JCEKS</keystoreType>
   <truststoreFile>${project.basedir}/keystore/ssl.truststore</truststoreFile>
   <truststorePass>password2</truststorePass>
   <truststoreType>JCEKS</truststoreType>
   <tomcatUsers>${project.basedir}/tomcat/conf/tomcat-users.xml</tomcatUsers>
   <clientAuth>want</clientAuth>

 ...

</configuration>

 

There does not seem to be an equivalent confriguration option in Alfresco SDK 3.0.

 

The 4 tomcat properties defined here don't give us enough control to change this:

Configuring the Alfresco Maven plugin | Alfresco Documentation 

 

I've gone so far to look at the relevant source code of the "alfresco-maven-plugin":

https://github.com/Alfresco/alfresco-sdk/blob/865ae6fd38d93816827467696fd3e37e50542603/plugins/alfresco-maven-plugin/src/main/java/org/alfresco/maven/plugin/AbstractRunMojo.java#L1420-L1438

There does not seem to be any mechanism to define additional "elements" for the "configuration" of the tomcat7-maven-plugin.

 

Am I missing anything?  Is there some alternate way to configure an SDK 3.0 All-in-one environment to run HTTPS 
with client certificate based authentication?

VR,
David

Outcomes