Connectar con la API Rest con autenticación NTLM activada

dpardell — Fri, 01 Mar 2024 09:55:32 GMT

He modificado la configuración del alfresco para utilizar autenticación con NTLM

ntlm.authentication.sso.enabled = true

y modificando el fichero .../alfresco/web-extension/share-config-custom.xml añadiendo esto:

<connector>
<id>alfrescoCookie</id>
<name>Alfresco Connector</name>
<description>Connects to an Alfresco instance using cookie-based authentication</description>
<class>org.alfresco.web.site.servlet.SlingshotAlfrescoConnector</class>
</connector>

<endpoint>
<id>alfresco</id>
<name>Alfresco - user access</name>
<description>Access to Alfresco Repository WebScripts that require user authentication</description>
<connector-id>alfrescoCookie</connector-id>
<endpoint-url>http://localhost:8080/alfresco/wcs</endpoint-url>
<identity>user</identity>
<external-auth>true</external-auth>
</endpoint>

<endpoint>
<id>alfresco-api</id>
<parent-id>alfresco</parent-id>
<name>Alfresco Public API - user access</name>
<description>Access to Alfresco Repository Public API that require user authentication.
This makes use of the authentication that is provided by parent 'alfresco' endpoint.</description>
<connector-id>alfrescoHeader</connector-id>
<endpoint-url>http://localhost:8080/alfresco/api</endpoint-url>
<identity>user</identity>
<external-auth>true</external-auth>
</endpoint>

Haciendo este cambio parece que funciona la autenticación con NTLM para el shared y cuando se hace la llamada desde el Microsoft office para la edición online, pero al intentar conectar desde mi aplicación con los servicios REST me da el siguiente error:

SEVERE: Servlet.service() for servlet [publicapiServlet] in context with path [/alfresco] threw exception
java.lang.NullPointerException
at org.alfresco.repo.webdav.auth.BaseNTLMAuthenticationFilter.processType3(BaseNTLMAuthenticationFilter.java:542)
at org.alfresco.repo.webdav.auth.BaseNTLMAuthenticationFilter.authenticateRequest(BaseNTLMAuthenticationFilter.java:313)
at org.alfresco.repo.webdav.auth.BaseSSOAuthenticationFilter.doFilter(BaseSSOAuthenticationFilter.java:195)
at sun.reflect.GeneratedMethodAccessor416.invoke(Unknown Source)
at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43)
at java.lang.reflect.Method.invoke(Method.java:498)
at org.alfresco.repo.management.subsystems.ChainingSubsystemProxyFactory$1.invoke(ChainingSubsystemProxyFactory.java:119)
at org.springframework.aop.framework.ReflectiveMethodInvocation.proceed(ReflectiveMethodInvocation.java:172)
at org.springframework.aop.framework.JdkDynamicAopProxy.invoke(JdkDynamicAopProxy.java:204)
at com.sun.proxy.$Proxy227.doFilter(Unknown Source)
at org.alfresco.repo.web.filter.beans.BeanProxyFilter.doFilter(BeanProxyFilter.java:89)
at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:241)
at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:208)
at org.alfresco.web.app.servlet.GlobalLocalizationFilter.doFilter(GlobalLocalizationFilter.java:68)
at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:241)
at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:208)
at org.apache.catalina.core.StandardWrapperValve.invoke(StandardWrapperValve.java:218)
at org.apache.catalina.core.StandardContextValve.invoke(StandardContextValve.java:110)
at org.apache.catalina.authenticator.AuthenticatorBase.invoke(AuthenticatorBase.java:506)
at org.apache.catalina.core.StandardHostValve.invoke(StandardHostValve.java:169)
at org.apache.catalina.valves.ErrorReportValve.invoke(ErrorReportValve.java:103)
at org.apache.catalina.valves.AccessLogValve.invoke(AccessLogValve.java:962)
at org.apache.catalina.core.StandardEngineValve.invoke(StandardEngineValve.java:116)
at org.apache.catalina.connector.CoyoteAdapter.service(CoyoteAdapter.java:445)
at org.apache.coyote.http11.AbstractHttp11Processor.process(AbstractHttp11Processor.java:1115)
at org.apache.coyote.AbstractProtocol$AbstractConnectionHandler.process(AbstractProtocol.java:637)
at org.apache.tomcat.util.net.AprEndpoint$SocketProcessor.doRun(AprEndpoint.java:2549)
at org.apache.tomcat.util.net.AprEndpoint$SocketProcessor.run(AprEndpoint.java:2538)
at java.util.concurrent.ThreadPoolExecutor.runWorker(ThreadPoolExecutor.java:1142)
at java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:617)
at org.apache.tomcat.util.threads.TaskThread$WrappingRunnable.run(TaskThread.java:61)
at java.lang.Thread.run(Thread.java:748)

El código que utilizo para llamar a los servicios Rest es el siguiente:

CredentialsProvider provider = new BasicCredentialsProvider();
NTCredentials credentials = new NTCredentials("user", "password", "workstation", "");

provider.setCredentials(new AuthScope(AuthScope.ANY_HOST, AuthScope.ANY_PORT, AuthScope.ANY_REALM, AuthSchemes.NTLM), credentials);

//El dominio está vacío, puesto que no tengo dominio (como he dicho para shared y office no se lo paso y funciona)

CloseableHttpClient client = HttpClientBuilder.create().setDefaultCredentialsProvider(provider).build();

HttpGet httpGet = new HttpGet(url);

CloseableHttpResponse response = client.execute(httpGet);

también he probado con esto y me da el mismo error

CredentialsProvider provider = new BasicCredentialsProvider();
NTCredentials credentials = new NTCredentials("user", "password", "workstation", "");
provider.setCredentials(AuthScope.ANY, credentials);

Registry<AuthSchemeProvider> authSchemeRegistry = RegistryBuilder.<AuthSchemeProvider>create().register(AuthSchemes.NTLM, new NTLMSchemeFactory()).build();
HttpRequestInterceptor interceptor = (request, context) -> request.removeHeaders(HttpHeaders.CONTENT_LENGTH);
RequestConfig config = RequestConfig.custom().setConnectTimeout(30000).build();
CloseableHttpClient client = HttpClients.custom().setDefaultRequestConfig(config).setDefaultAuthSchemeRegistry(authSchemeRegistry).setDefaultCredentialsProvider(provider).addInterceptorFirst(interceptor).build();

HttpGet httpGet = new HttpGet(url);
CloseableHttpResponse response = client.execute(httpGet);

Re: Connectar con la API Rest con autenticación NTLM activada

dpardell — Fri, 01 Mar 2024 09:56:40 GMT

me he dejado de decir que utilizo alfresco 5.2 community edition

topic Connectar con la API Rest con autenticación NTLM activada in Alfresco Archive

Connectar con la API Rest con autenticación NTLM activada

Re: Connectar con la API Rest con autenticación NTLM activada