https://connect.hyland.com/t5/alfresco-archive/authentication-via-client-certificate/m-p/303618#M256748 <HTML><HEAD></HEAD><BODY><SPAN>We've done something similar by extending SSO mechanism and passing username to SSOAuthenticationFilter.</SPAN><BR /><BR /><SPAN>It would be a way to accomplish your development.</SPAN></BODY></HTML> Wed, 24 Sep 2014 08:58:23 GMT angelborroy 2014-09-24T08:58:23Z https://connect.hyland.com/t5/alfresco-archive/authentication-via-client-certificate/m-p/303617#M256747 Hello,we have a requirement that the users should be able to authenticate using&nbsp; client certificates. Users only have access to Share application.To accomplish this, so far, we have done the following customizations/extensions:1. A custom share page is defined, with authentication set to none, in or Wed, 24 Sep 2014 08:28:57 GMT https://connect.hyland.com/t5/alfresco-archive/authentication-via-client-certificate/m-p/303617#M256747 aleksandarm 2014-09-24T08:28:57Z https://connect.hyland.com/t5/alfresco-archive/authentication-via-client-certificate/m-p/303618#M256748 <HTML><HEAD></HEAD><BODY><SPAN>We've done something similar by extending SSO mechanism and passing username to SSOAuthenticationFilter.</SPAN><BR /><BR /><SPAN>It would be a way to accomplish your development.</SPAN></BODY></HTML> Wed, 24 Sep 2014 08:58:23 GMT https://connect.hyland.com/t5/alfresco-archive/authentication-via-client-certificate/m-p/303618#M256748 angelborroy 2014-09-24T08:58:23Z https://connect.hyland.com/t5/alfresco-archive/authentication-via-client-certificate/m-p/303619#M256749 <HTML><HEAD></HEAD><BODY><SPAN>Thanks for the reply,</SPAN><BR /><SPAN>I'l follow your suggestion and look into this mechanism.</SPAN><BR /></BODY></HTML> Thu, 25 Sep 2014 14:20:17 GMT https://connect.hyland.com/t5/alfresco-archive/authentication-via-client-certificate/m-p/303619#M256749 aleksandarm 2014-09-25T14:20:17Z https://connect.hyland.com/t5/alfresco-archive/authentication-via-client-certificate/m-p/303620#M256750 <HTML><HEAD></HEAD><BODY><SPAN>Angel Borroy, thanks again for your suggestion, it was very useful</SPAN><BR /><BR /><SPAN>In case that someone ever find it useful, we ended up doing the following:</SPAN><BR /><SPAN>5. Custom share filter is defined, which adds HttpRequest header containing user name extracted from certificate,</SPAN><BR /><SPAN>&nbsp; and passes it further down the filter chain. In a way, this filter within share appliication acts like an external </SPAN><BR /><SPAN>&nbsp; authentication system&nbsp; </SPAN><BR /><SPAN>6. External authentication is configured on the repo, and the way how Share passes authentication </SPAN><BR /><SPAN>&nbsp; information to the Repo is customized according to&nbsp; </SPAN><A href="https://devcon.alfresco.com/sanjose/sessions/unlocking-secrets-alfresco-authentication" rel="nofollow noopener noreferrer">https://devcon.alfresco.com/sanjose/sessions/unlocking-secrets-alfresco-authentication</A><BR /><BR /><BR /><BR /></BODY></HTML> Thu, 02 Oct 2014 11:30:23 GMT https://connect.hyland.com/t5/alfresco-archive/authentication-via-client-certificate/m-p/303620#M256750 aleksandarm 2014-10-02T11:30:23Z