11-21-2016 09:21 AM
I downloaded community edition GA from below link
Now I want to achieve my SSO to be run on this community instance.
Here is my alfresco-global.properties file
authentication.chain=external1:external,alfrescoNtlm1:alfrescoNtlm
external.authentication.enabled=true
external.authentication.proxyHeader=SM_USER
external.authentication.proxyUserName=
And here is my share-config-custom.xml file
<config evaluator="string-compare" condition="Remote">
<remote>
<!--
<ssl-config>
<keystore-path>alfresco/web-extension/alfresco-system.p12</keystore-path>
<keystore-type>pkcs12</keystore-type>
<keystore-password>alfresco-system</keystore-password><truststore-path>alfresco/web-extension/ssl-truststore</truststore-path>
<truststore-type>JCEKS</truststore-type>
<truststore-password>password</truststore-password><verify-hostname>true</verify-hostname>
</ssl-config>
-->
<connector>
<id>alfrescoCookie</id>
<name>Alfresco Connector</name>
<description>Connects to an Alfresco instance using cookie-based authentication</description>
<class>org.alfresco.web.site.servlet.SlingshotAlfrescoConnector</class>
</connector><connector>
<id>alfrescoHeader</id>
<name>Alfresco Connector</name>
<description>Connects to an Alfresco instance using header and cookie-based authentication</description>
<class>org.alfresco.web.site.servlet.SlingshotAlfrescoConnector</class>
<userHeader>SM_USER</userHeader>
</connector><endpoint>
<id>alfresco</id>
<name>Alfresco - user access</name>
<description>Access to Alfresco Repository WebScripts that require user authentication</description>
<connector-id>alfrescoHeader</connector-id>
<endpoint-url>http://localhost:8080/alfresco/wcs</endpoint-url>
<identity>user</identity>
<external-auth>true</external-auth>
</endpoint>
<endpoint>
<id>alfresco-feed</id>
<parent-id>alfresco</parent-id>
<name>Alfresco Feed</name>
<description>Alfresco Feed - supports basic HTTP authentication via the EndPointProxyServlet</description>
<connector-id>alfrescoHeader</connector-id>
<endpoint-url>http://localhost:8080/alfresco/wcs</endpoint-url>
<identity>user</identity>
<external-auth>true</external-auth>
</endpoint>
<endpoint>
<id>alfresco-api</id>
<parent-id>alfresco</parent-id>
<name>Alfresco Public API - user access</name>
<description>Access to Alfresco Repository Public API that require user authentication.
This makes use of the authentication that is provided by parent 'alfresco' endpoint.</description>
<connector-id>alfrescoHeader</connector-id>
<endpoint-url>http://localhost:8080/alfresco/api</endpoint-url>
<identity>user</identity>
<external-auth>true</external-auth>
</endpoint>
</remote>
</config>
Now when I try siteminder login, it tries to redirect me to dashboard, but there are below errors in console, and I am not able to create site or use few scripts. UI is something messup.
Here is catalina.out logs
Nov 21, 2016 9:02:56 AM org.apache.catalina.startup.Catalina start
INFO: Server startup in 101415 ms
2016-11-21 09:02:58,250 INFO [web.site.EditionInterceptor] [http-apr-8080-exec-5] Successfully retrieved license information from Alfresco.
2016-11-21 09:04:46,592 INFO [web.scripts.ImapServerStatus] [ajp-apr-8009-exec-4] Successfully retrieved IMAP server status from Alfresco: disabled
Nov 21, 2016 9:04:48 AM org.apache.catalina.core.StandardWrapperValve invoke
SEVERE: Servlet.service() for servlet [default] in context with path [/share] threw exception
java.lang.NullPointerException
at org.alfresco.web.site.servlet.SlingshotAlfrescoConnector.applyRequestHeaders(SlingshotAlfrescoConnector.java:196)
at org.springframework.extensions.webscripts.connector.HttpConnector.initRemoteClient(HttpConnector.java:269)
at org.springframework.extensions.webscripts.connector.HttpConnector.call(HttpConnector.java:67)
at org.springframework.extensions.webscripts.RequestCachingConnector.call(RequestCachingConnector.java:91)
at org.alfresco.web.site.servlet.SSOAuthenticationFilter.challengeOrPassThrough(SSOAuthenticationFilter.java:843)
at org.alfresco.web.site.servlet.SSOAuthenticationFilter.doFilter(SSOAuthenticationFilter.java:542)
at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:241)
at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:208)
at org.apache.catalina.core.StandardWrapperValve.invoke(StandardWrapperValve.java:220)
at org.apache.catalina.core.StandardContextValve.invoke(StandardContextValve.java:122)
at org.apache.catalina.authenticator.AuthenticatorBase.invoke(AuthenticatorBase.java:504)
at org.apache.catalina.core.StandardHostValve.invoke(StandardHostValve.java:170)
at org.apache.catalina.valves.ErrorReportValve.invoke(ErrorReportValve.java:103)
at org.apache.catalina.valves.AccessLogValve.invoke(AccessLogValve.java:950)
at org.apache.catalina.core.StandardEngineValve.invoke(StandardEngineValve.java:116)
at org.apache.catalina.connector.CoyoteAdapter.service(CoyoteAdapter.java:421)
at org.apache.coyote.ajp.AjpAprProcessor.process(AjpAprProcessor.java:188)
at org.apache.coyote.AbstractProtocol$AbstractConnectionHandler.process(AbstractProtocol.java:611)
at org.apache.tomcat.util.net.AprEndpoint$SocketWithOptionsProcessor.run(AprEndpoint.java:2403)
at java.util.concurrent.ThreadPoolExecutor.runWorker(ThreadPoolExecutor.java:1142)
at java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:617)
at org.apache.tomcat.util.threads.TaskThread$WrappingRunnable.run(TaskThread.java:61)
at java.lang.Thread.run(Thread.java:745)2016-11-21 09:04:48,581 ERROR [alfresco.web.site] [ajp-apr-8009-exec-5] java.lang.NullPointerException
Nov 21, 2016 9:05:12 AM org.apache.catalina.core.StandardWrapperValve invoke
SEVERE: Servlet.service() for servlet [Spring Surf Dispatcher Servlet] in context with path [/share] threw exception [Could not resolve view with name 'user/502434591/undefinedservice/modules/authenticated' in servlet with name 'Spring Surf Dispatcher Servlet'] with root cause
javax.servlet.ServletException: Could not resolve view with name 'user/502434591/undefinedservice/modules/authenticated' in servlet with name 'Spring Surf Dispatcher Servlet'
at org.springframework.web.servlet.DispatcherServlet.render(DispatcherServlet.java:1198)
at org.springframework.web.servlet.DispatcherServlet.processDispatchResult(DispatcherServlet.java:1001)
As I am using Alfresco community version GA 201605 - which is they called as alfresco 5.1
I already tried below under share's web.xml
but this wont help me resolving above issue.
<filter-mapping>
<filter-name>Authentication Filter</filter-name>
<url-pattern>/service/*</url-pattern>
</filter-mapping>
TO
<filter-mapping>
<filter-name>Authentication Filter</filter-name>
<url-pattern>/service/modules/*</url-pattern>
</filter-mapping>
Any update or workaround for this issue? I am in critical phase and require solution of this ASAP.
Anyone please help.
Thanks,
Ghanshyam
11-21-2016 09:25 AM
Got almost same error reference,
[MNT-15942] CLONE - SSO alfrescoHeader problems in Share 201602-GA - Alfresco JIRA
They said fixed, but 201605 is later version and still error is there.
11-21-2016 11:06 AM
I believe that SSO is still broken in that release.
You will need share version 5.1.g which is part of the following release but should be compatible
See [MNT-15795] CAS authentication no longer works - Alfresco JIRA
11-21-2016 11:08 AM
The 201606-EA contains an updated version of 5.1 Share (5.1.g) - you might want to try that as the latest Share version with bugfixes for the 5.1 line.
11-21-2016 11:10 AM
Thanks Axel,
Can you help getting me download link for 5.1g community.
Thanks,
Ghanshyam
11-21-2016 11:14 AM
Sure - just use the search feature in this platform (top right corner) and enter "file list 201606 EA" and you should find the wiki article with all the download links. The distribution ZIP contains the 5.1.g share.war file. For convenience / comparison with your search result, this is the page I am talking about.
Tags
Find what you came for
We want to make your experience in Hyland Connect as valuable as possible, so we put together some helpful links.