https://connect.hyland.com/t5/alfresco-archive/share-authentication-customization/m-p/281198#M234328 <HTML><HEAD></HEAD><BODY><SPAN>I need to modify the Share authentication mechanism. When a user attempts to login from the share page, I need to add a check that checks for the user's tenant domain with the prefix of the web address. If username's tenant address matches with the prefix of the web address then the user is allowed to log in otherwise the authentication is rejected.</SPAN><BR /><BR /><SPAN>For examples:</SPAN><BR /><BR /><SPAN><SPAN>user logs in as </SPAN><A class="jive-link-email-small" href="mailto:username@mydomain.com" rel="nofollow noopener noreferrer">username@mydomain.com</A><SPAN> from </SPAN></SPAN><A href="http://mydomain.alfresco.com/share" rel="nofollow noopener noreferrer">mydomain.alfresco.com/share</A><BR /><BR /><SPAN>In the above case the user would be allowed to login because …@mydomain.com matches with the web address prefix </SPAN><A href="http://mydomain.alfresco.com/share" rel="nofollow noopener noreferrer">mydomain.alfresco.com/share</A><SPAN>.</SPAN><BR /><BR /><BR /><SPAN>I am not sure where to begin and would appreciate any help on accomplishing this.</SPAN><BR /><BR /></BODY></HTML> Tue, 21 May 2013 18:04:12 GMT outlandish 2013-05-21T18:04:12Z https://connect.hyland.com/t5/alfresco-archive/share-authentication-customization/m-p/281198#M234328 I need to modify the Share authentication mechanism. When a user attempts to login from the share page, I need to add a check that checks for the user's tenant domain with the prefix of the web address. If username's tenant address matches with the prefix of the web address then the user is allowed Tue, 21 May 2013 18:04:12 GMT https://connect.hyland.com/t5/alfresco-archive/share-authentication-customization/m-p/281198#M234328 outlandish 2013-05-21T18:04:12Z https://connect.hyland.com/t5/alfresco-archive/share-authentication-customization/m-p/281199#M234329 <HTML><HEAD></HEAD><BODY><SPAN>Hello,</SPAN><BR /><BR /><SPAN>this will be a bit tricky, since authentication is done on the Repository tier while the web address will only be available on the Share tier for validation. I think the best way would be to provide a custom Surf LoginController implementation via an override of the "loginController" bean i.e. in custom-slingshot-application-context.xml. The default bean is:</SPAN><BR /><BR /><PRE class="language-none line-numbers"><CODE><BR />&lt;bean id="loginController" class="org.springframework.extensions.surf.mvc.LoginController"&gt;<BR />&nbsp;&nbsp; &lt;property name="cacheSeconds" value="-1" /&gt;<BR />&nbsp;&nbsp; &lt;property name="useExpiresHeader"&gt;&lt;value&gt;true&lt;/value&gt;&lt;/property&gt;<BR />&nbsp;&nbsp; &lt;property name="useCacheControlHeader"&gt;&lt;value&gt;true&lt;/value&gt;&lt;/property&gt;<BR />&nbsp;&nbsp; &lt;property name="userFactory" ref="user.factory"&gt;&lt;/property&gt;<BR />&lt;/bean&gt;<BR /><SPAN class="line-numbers-rows"><SPAN>‍</SPAN><SPAN>‍</SPAN><SPAN>‍</SPAN><SPAN>‍</SPAN><SPAN>‍</SPAN><SPAN>‍</SPAN><SPAN>‍</SPAN><SPAN>‍</SPAN></SPAN></CODE></PRE><BR /><BR /><SPAN>and you need to provide a different implementation class (meaning via Java development). This class has access to the HTTPServletRequest and can compare the tenant suffix of the userName (request parameter) with the public web address. Only if there is a match, a custom implementation can delegate to the default logic (e.g. using a specific subclass which delegates to super).</SPAN><BR /><BR /><SPAN>Regards</SPAN><BR /><SPAN>Axel</SPAN></BODY></HTML> Thu, 23 May 2013 10:28:28 GMT https://connect.hyland.com/t5/alfresco-archive/share-authentication-customization/m-p/281199#M234329 afaust 2013-05-23T10:28:28Z https://connect.hyland.com/t5/alfresco-archive/share-authentication-customization/m-p/281200#M234330 <HTML><HEAD></HEAD><BODY><SPAN>This works. Thank you.</SPAN></BODY></HTML> Fri, 24 May 2013 20:42:57 GMT https://connect.hyland.com/t5/alfresco-archive/share-authentication-customization/m-p/281200#M234330 outlandish 2013-05-24T20:42:57Z