Share authentication customization

outlandish — Tue, 21 May 2013 18:04:12 GMT

I need to modify the Share authentication mechanism. When a user attempts to login from the share page, I need to add a check that checks for the user's tenant domain with the prefix of the web address. If username's tenant address matches with the prefix of the web address then the user is allowed

Re: Share authentication customization

afaust — Thu, 23 May 2013 10:28:28 GMT

Hello,

this will be a bit tricky, since authentication is done on the Repository tier while the web address will only be available on the Share tier for validation. I think the best way would be to provide a custom Surf LoginController implementation via an override of the "loginController" bean i.e. in custom-slingshot-application-context.xml. The default bean is:


<bean id="loginController" class="org.springframework.extensions.surf.mvc.LoginController">
   <property name="cacheSeconds" value="-1" />
   <property name="useExpiresHeader"><value>true</value></property>
   <property name="useCacheControlHeader"><value>true</value></property>
   <property name="userFactory" ref="user.factory"></property>
</bean>
‍‍‍‍‍‍‍‍

and you need to provide a different implementation class (meaning via Java development). This class has access to the HTTPServletRequest and can compare the tenant suffix of the userName (request parameter) with the public web address. Only if there is a match, a custom implementation can delegate to the default logic (e.g. using a specific subclass which delegates to super).

Regards
Axel

Re: Share authentication customization

outlandish — Fri, 24 May 2013 20:42:57 GMT

This works. Thank you.

topic Re: Share authentication customization in Alfresco Archive

Share authentication customization

Re: Share authentication customization

Re: Share authentication customization