https://connect.hyland.com/t5/nuxeo-forum/force-anonymous-login/m-p/327380#M14381 <P>I have decided yo use this approach for now, maybe we will filter actions as well. I really need to open access to all documents, blobs and metadata and I am already overriding StartupHelper to change the default landing page to the DAM tab, so this was a one line solution for me. The only issue I found is that documentManager was null, so instead I used</P> Thu, 18 Apr 2013 09:09:39 GMT jiyarza_Yarza 2013-04-18T09:09:39Z https://connect.hyland.com/t5/nuxeo-forum/force-anonymous-login/m-p/327372#M14373 <P>So, How do you force the login page for anonymous users?</P> <P>Any ideas?</P> <P>Thank you.</P> <P>Jose.</P> <P>Long story: We have configured anonymous access so that we can directly link and download nuxeo documents (blob files) from an external site.</P> <P>However we don't want to allow anonymous users to access the nuxeo web application, so I would like to force the login page for anonymous users. How can we achieve this?</P> <P>I have played with the forceAnonymousLogin parameter, but with little success.</P> Fri, 05 Apr 2013 13:50:55 GMT https://connect.hyland.com/t5/nuxeo-forum/force-anonymous-login/m-p/327372#M14373 jiyarza_Yarza 2013-04-05T13:50:55Z https://connect.hyland.com/t5/nuxeo-forum/force-anonymous-login/m-p/327373#M14374 <P>Hi,</P> <P>If you force the login page for anonymous users, then there is no more anonymous access <span class="lia-unicode-emoji" title=":slightly_smiling_face:">🙂</span><BR /> /&gt; You must define the URLs/paths which will be anonymously accessible (read rights to the Guest user). Then, any other URL/path including the login page will require a login.</P> Mon, 15 Apr 2013 12:08:32 GMT https://connect.hyland.com/t5/nuxeo-forum/force-anonymous-login/m-p/327373#M14374 Julien_Carsique 2013-04-15T12:08:32Z https://connect.hyland.com/t5/nuxeo-forum/force-anonymous-login/m-p/327374#M14375 <P>Hi Julien, I want to force the login page only when someone enters the nuxeo home page, but at the same time allow direct links for downloading blobs. The reason is that I am linking directly the videos in Nuxeo DAM from external video players, and I need them to be available anonymously. But I would like to avoid anonymous users to browse the repository. Would that be possible? Thank you</P> Mon, 15 Apr 2013 13:22:07 GMT https://connect.hyland.com/t5/nuxeo-forum/force-anonymous-login/m-p/327374#M14375 jiyarza_Yarza 2013-04-15T13:22:07Z https://connect.hyland.com/t5/nuxeo-forum/force-anonymous-login/m-p/327375#M14376 <P>So, instead of defining an anonymous access which is based on documents and not actions on those documents, you could simply open some URLs (those matching the direct links) with [PluggableAuthenticationService--openUrl][1]; something like</P> Mon, 15 Apr 2013 18:41:10 GMT https://connect.hyland.com/t5/nuxeo-forum/force-anonymous-login/m-p/327375#M14376 Julien_Carsique 2013-04-15T18:41:10Z https://connect.hyland.com/t5/nuxeo-forum/force-anonymous-login/m-p/327376#M14377 <P>Hi,</P> <P>How about overriding the StartupHelper ? This is done in the Social Collaboration Module and in CMF.. something like:</P> <PRE><CODE>/** * Overwrite default StartupHelper to provide custom startup page. */ @Name("startupHelper") @Scope(SESSION) @Install(precedence = Install.DEPLOYMENT) public class MyStartupHelper extends StartupHelper { private static final long serialVersionUID = 1L; @Override @Begin(id = "#{conversationIdGenerator.nextMainConversationId}", join = true) public String initDomainAndFindStartupPage(String domainTitle, String viewId) { String result = super.initDomainAndFindStartupPage(domainTitle, viewId); NuxeoPrincipal principal = (NuxeoPrincipal) documentManager.getPrincipal(); if (principal.isAdministrator()) { return result; } else if (principal.isAnonymous()) { try { FacesContext.getCurrentInstance().getExternalContext().redirect(NXAuthConstants.LOGOUT_PAGE); } catch (IOException e) { } return null; } else { return dashboardNavigationHelper.navigateToDashboard(); } } } </CODE></PRE> Mon, 15 Apr 2013 19:49:47 GMT https://connect.hyland.com/t5/nuxeo-forum/force-anonymous-login/m-p/327376#M14377 Nelson_Silva 2013-04-15T19:49:47Z https://connect.hyland.com/t5/nuxeo-forum/force-anonymous-login/m-p/327377#M14378 <P>That would avoid anonymous users to browse the repository using the JSF UI but documents would still be accessible and browsable through any other UI...</P> Tue, 16 Apr 2013 12:53:34 GMT https://connect.hyland.com/t5/nuxeo-forum/force-anonymous-login/m-p/327377#M14378 Julien_Carsique 2013-04-16T12:53:34Z https://connect.hyland.com/t5/nuxeo-forum/force-anonymous-login/m-p/327378#M14379 <P>Yes. You still have to filter unwanted actions with not_anonymous ("home", etc) and set the proper permissions in the repository but I guess it solves the "don't want to allow anonymous users to access the nuxeo web application" bit...</P> Tue, 16 Apr 2013 13:20:33 GMT https://connect.hyland.com/t5/nuxeo-forum/force-anonymous-login/m-p/327378#M14379 Nelson_Silva 2013-04-16T13:20:33Z https://connect.hyland.com/t5/nuxeo-forum/force-anonymous-login/m-p/327379#M14380 <P>The openUrl extension point is a neat solution, since you can fine grain the urls according to your needs. Thank you very much for the tip.</P> Thu, 18 Apr 2013 09:02:28 GMT https://connect.hyland.com/t5/nuxeo-forum/force-anonymous-login/m-p/327379#M14380 jiyarza_Yarza 2013-04-18T09:02:28Z https://connect.hyland.com/t5/nuxeo-forum/force-anonymous-login/m-p/327380#M14381 <P>I have decided yo use this approach for now, maybe we will filter actions as well. I really need to open access to all documents, blobs and metadata and I am already overriding StartupHelper to change the default landing page to the DAM tab, so this was a one line solution for me. The only issue I found is that documentManager was null, so instead I used</P> Thu, 18 Apr 2013 09:09:39 GMT https://connect.hyland.com/t5/nuxeo-forum/force-anonymous-login/m-p/327380#M14381 jiyarza_Yarza 2013-04-18T09:09:39Z