Plugin to handle identity propagation between an external application and Nuxeo CAS_AUTH and PORTAL_AUTH

djoncour_ — Wed, 11 Sep 2013 22:10:56 GMT

Hello!

I have trouble to use the plugin CAS_AUTH and I have add PORTAL_AUTH with automation to propagate the identity between an external application and Nuxeo. But this mechanism doesn't work, I don't understand why. Nevertheless I followed the indications on the documentation Nuxeo as well as the various forums.

For headers sent to the http request, which are the ones to send for my case. Or where i can find the differents headers to send a http request for using CAS_AUTH abd PORTAL_AUTH.

Because when I test to send a http request via the addon RestClient of Firefox, I am automatically connect with the anonymous user. Here is my configuration for the plugin

<?xml version="1.0"?>
<component name="org.esup.ecm.login">
<!-- certains composants doivent être chargés avant que ce fichier soit
       lu car ils contiennent des points d'extension sur l'authentification -->
<require>org.nuxeo.ecm.platform.ui.web.auth.defaultConfig</require>
<require>org.nuxeo.ecm.platform.login.Cas2SSO</require>

<extension
target="org.nuxeo.ecm.platform.ui.web.auth.service.PluggableAuthenticationService"
    point="authenticators">
    <authenticationPlugin name="CAS2_AUTH">
       <needStartingURLSaving>true</needStartingURLSaving>
       <loginModulePlugin>Trusting_LM</loginModulePlugin>
        <parameters>
            <!-- variable contenant le ticket dans l'url -->
            <parameter name="ticketKey">ticket</parameter>
            <!-- si utilisation du mode proxy -->
            <!--<parameter name="proxyKey">ticket</parameter>-->
            <parameter name="appURL">http://localhost:8080/nuxeo/</parameter>
            <!-- URL de login du serveur CAS -->
            <parameter name="serviceLoginURL">https://localhost/cas/login</parameter>
            <!-- URL de validation du ticket du serveur CAS -->
            <parameter name="serviceValidateURL">https://localhost/cas/serviceValidate</parameter>
            <!-- variable contenant le nom du service dans l'URL -->
            <parameter name="serviceKey">service</parameter>
            <!-- URL de logout de CAS -->
            <parameter name="logoutURL">https://localhost/cas/logout?service=http://localhost:8080/nuxeo/</parameter>
        </parameters>
    </authenticationPlugin>
</extension>
<!-- chainage de l'authentification : on garde une authentification de type
     BASIC pour les accès particuliers (RSS/cmis/contentAutomation) -->
<extension
    target="org.nuxeo.ecm.platform.ui.web.auth.service.PluggableAuthenticationService"
    point="chain">
    <authenticationChain>
        <plugins>
            <plugin>BASIC_AUTH</plugin>
            <plugin>CAS2_AUTH</plugin>
        </plugins>
    </authenticationChain>
</extension>
<extension point="specificChains" target="org.nuxeo.ecm.platform.ui.web.auth.service.PluggableAuthenticationService">

    <specificAuthenticationChain name="Automation">
        <urlPatterns>
            <url>(.*)/automation.*</url>
        </urlPatterns>

        <replacementChain>
            <plugin>AUTOMATION_BASIC_AUTH</plugin>
            <plugin>PORTAL_AUTH</plugin>
            <plugin>ANONYMOUS_AUTH</plugin>
        </replacementChain>
    </specificAuthenticationChain>
</extension>
</component>

Thank you for your help.

Re: Plugin to handle identity propagation between an external application and Nuxeo CAS_AUTH and PORTAL_AUTH

ludovic_UTT — Tue, 10 Dec 2013 16:34:01 GMT

hello, did you find a solution ?

topic Re: Plugin to handle identity propagation between an external application and Nuxeo CAS_AUTH and PORTAL_AUTH in Nuxeo Forum

Plugin to handle identity propagation between an external application and Nuxeo CAS_AUTH and PORTAL_AUTH

Re: Plugin to handle identity propagation between an external application and Nuxeo CAS_AUTH and PORTAL_AUTH