Hyland Connect

manikandarajan · ‎06-14-2016

Hi , I'm trying to integrate Alfresco community edition to my JSF application. where when i click the DMS button from my JSF application - the folder will be created automatically in alfresco and it will open the workspace for that particular transaction which are handled by JAVA code ( Create session, create folder) methods but while opening the share window it asks to enter the password.how can i achieve it ? Where i have to use the login credentials used for my JSF application to bypass alfresco login. i've tried with httpheader method but not successful. other than LDAP, Kerberos, NTLM, please let me know if there any option to open alfresco share without login. Version of alfresco doesn't matter. suggest a version for me. since now i've tried with 4.0 and 4.2.e. Thanks in Advance

afaust · ‎06-14-2016

Using HTTP header (external authentication) is already the potentially simplest way to go. It would be good to know what you have tried in that regard and where you failed.
Alternatively, you could use a custom authentication filter / user factory in the Share application and generate a link to the Share UI that includes a one-time token your JSF application registered with Share to pass along a pre-established authentication via the link to the UI.

soloff · ‎06-14-2016

Axel, thank you!
For custom authentication filter should we change web.xml like that?
<java>
   <filter>
      <description>Custom Authentication</description>
      <filter-name>CustomAuthenticationFilter</filter-name>
      <filter-class>ru.mycompany.repo.authentication.CustomAuthenticationFilter</filter-class>
   </filter>

   <filter-mapping>
     <filter-name>CustomAuthenticationFilter</filter-name>
      <url-pattern>/page/*</url-pattern>
   </filter-mapping>

   <filter-mapping>
     <filter-name>CustomAuthenticationFilter</filter-name>
     <url-pattern>/p/*</url-pattern>
   </filter-mapping>
</java>

<java>
public class CustomAuthenticationFilter implements Filter
{

   @Override
   public void init(FilterConfig filterConfig) throws ServletException
   {
       //…
   }

   @Override
   public void doFilter(ServletRequest request, ServletResponse response, FilterChain chain) throws IOException, ServletException
   {
      ???
   }

   @Override
   public void destroy()
   {
      //…
   }
}
</java>

afaust · ‎06-14-2016

That is one option. Alternatively, people have been using the <a href="http://docs.oracle.com/javaee/6/tutorial/doc/bnagb.html">WebFilter annotation</a> to avoid having to modify the web.xml file altogether.

manikandarajan · ‎06-15-2016

For external authentication via HTTP Header I've followed the steps

1. renamed alfresco-4.2.e/tomcat/shared/classes/alfresco/web-extension/share-config-custom.xml.sample as share-config-custom.xml.
2. Uncommentd both the <config evaluator="string-compare" and the condition="Remote"> sections.

<config evaluator="string-compare" condition="Remote">
      <remote>
         <endpoint>
            <id>alfresco-noauth</id>
            <name>Alfresco - unauthenticated access</name>
            <description>Access to Alfresco Repository WebScripts that do not
            require authentication
        </description>
            <connector-id>alfresco</connector-id>
            <endpoint-url>http://localhost:8080/alfresco/s</endpoint-url>
            <identity>none</identity>
         </endpoint>

         <endpoint>
            <id>alfresco</id>
            <name>Alfresco - user access</name>
            <description>Access to Alfresco Repository WebScripts that
                         require user authentication
        </description>
            <connector-id>alfresco</connector-id>
            <endpoint-url>http://localhost:8080/alfresco/s</endpoint-url>
            <identity>user</identity>
         </endpoint>

         <endpoint>
            <id>alfresco-feed</id>
            <name>Alfresco Feed</name>
            <description>Alfresco Feed - supports basic HTTP authentication via
                         the EndPointProxyServlet</description>
            <connector-id>http</connector-id>
            <endpoint-url>http://localhost:8080/alfresco/s</endpoint-url>
            <basic-auth>true</basic-auth>
            <identity>user</identity>
         </endpoint>

         <endpoint>
            <id>activiti-admin</id>
            <name>Activiti Admin UI - user access</name>
            <description>Access to Activiti Admin UI, that requires user
                         authentication</description>
            <connector-id>activiti-admin-connector</connector-id>
            <endpoint-url>http://localhost:8080/alfresco/activiti-admin
            </endpoint-url>
            <identity>user</identity>
         </endpoint>
      </remote>
    </config>

<config evaluator="string-compare" condition="Remote">
      <remote>
         <keystore>
             <path>alfresco/web-extension/alfresco-system.p12</path>
             <type>pkcs12</type>
             <password>alfresco-system</password>
         </keystore>

         <connector>
            <id>alfrescoCookie</id>
            <name>Alfresco Connector</name>
            <description>Connects to an Alfresco instance using cookie-based
                          authentication
            </description>
            <class>org.alfresco.web.site.servlet.SlingshotAlfrescoConnector</class>
         </connector>

         <connector>
            <id>alfrescoHeader</id>
            <name>Alfresco Connector</name>
            <description>Connects to an Alfresco instance using header and
             cookie-based authentication
            </description>
            <class>org.alfresco.web.site.servlet.SlingshotAlfrescoConnector</class>
            <userHeader>SsoUserHeader</userHeader>
         </connector>

         <endpoint>
            <id>alfresco</id>
            <name>Alfresco - user access</name>
            <description>Access to Alfresco Repository WebScripts that require user
             authentication
            </description>
            <connector-id>alfrescoHeader</connector-id>
            <endpoint-url>http://localhost:8080/alfresco/wcs</endpoint-url>
            <identity>user</identity>
            <external-auth>true</external-auth>
         </endpoint>
      </remote>
   </config>

3. modified alfrsco-global.properties like ;

authentication.chain=external1:external,alfrescoNtlm1:alfrescoNtlm
external.authentication.proxyUserName=
external.authentication.enabled=true
external.authentication.defaultAdministratorUserNames=admin
external.authentication.proxyHeader=SsoUserHeader

Eclipse- SSO Filter class

public class SsoFilter implements Filter{

   public void doFilter(ServletRequest request, ServletResponse response, FilterChain chain)

        throws IOException, ServletException

    {

      // if the ServletRequest is an instance of HttpServletRequest
            if (request instanceof HttpServletRequest) {
               HttpServletRequest httpServletRequest = (HttpServletRequest) request;
               // Creating an instance of my custom request
               AlfrescoHttpServletRequestWrapper requestWrapper = new AlfrescoHttpServletRequestWrapper(httpServletRequest);
               // sending my custom request instead of the regular request
               chain.doFilter(requestWrapper, response);
            } else {
               chain.doFilter(request, response);
            }

            return;

   }
}

but unable to succeed .

Hyland Connect

Auto Signin to share from my JSF Project