Hyland Connect

mcruz · ‎09-05-2007

Hi all !

Is it possible to configure Alfresco in order to use basic authentication? (just like Apache)

The idea is to reach Alfresco via Apache, authenticate in Apache and then not having to authenticate again in Alfresco.

We know this one is not the best security configuration by far, but we have to work on it.

Thank you very much

mcruz · ‎09-06-2007

I have written in web.xml the following lines:

<security-constraint>
<web-resource-collection>
    <web-resource-name>
      Entire Application
    </web-resource-name>
    <url-pattern>/*</url-pattern>
</web-resource-collection>
<auth-constraint>
      <role-name>member</role-name>
</auth-constraint>
</security-constraint>

<!– Define the Login Configuration for this Application –>
<login-config>
<auth-method>BASIC</auth-method>
<realm-name>My Club Members-only Area</realm-name>
</login-config>

Now, when I try to reach Alfresco (http://localhost:8080/alfresco) I get a basic authentication pop-up.

Is it possible that Alfresco uses the information of the pop-up to login ? (and then I wouldn't get the Alfresco login page later)

I have disabled the filter-mapping for "Authentication Filter" but I get a AuthenticationCredentialsNotFoundException when I reach Alfresco

Thanks

andy · ‎09-10-2007

Hi

There is an autherntication filter that can just read the user name from a header. Is this what you need?

Andy

mcruz · ‎09-10-2007

Thanks Andy

Yes, that's what I need, a basic authentication and then read the username (but also the password to be able to get a ticket in Alfresco) from the header of the request.

Which one is the authentication filter you talk about?

Thank you again

Hyland Connect

Basic Authentication