Hyland Community
Help
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 

Disabling guest access

rbramley
Champ in-the-making
Champ in-the-making

‎02-23-2006 08:02 AM

There doesn't seem to be a configuration parameter to enable/disable guest access…

org.alfresco.repo.security.authentication.AbstractAuthenticationComponent declares    
protected abstract boolean implementationAllowsGuestLogin();

and org.alfresco.repo.security.authentication.AuthenticationComponentImpl implements it as:
    @Override
    protected boolean implementationAllowsGuestLogin()
    {
        return true;
    }


If this is altered to return false, will Alfresco behave in the same way as pre-1.2RC1?
If so, are there any plans to make this configurable in repository.properties/Spring config?

Thanks,

Robin
Labels:
0 Kudos
14 REPLIES 14

rdanner
Champ in-the-making
Champ in-the-making

‎06-21-2009 07:35 PM

Just to keep this thread up to date:

the spring code has been updated and should now be:
    <bean id="authenticationComponent"
          class="org.alfresco.repo.security.authentication.AuthenticationComponentImpl" 
          parent="authenticationComponentBase">
        <property name="authenticationDao">
            <ref bean="authenticationDao" />
        </property>
        <property name="authenticationManager">
            <ref bean="authenticationManager" />
        </property>
        <property name="allowGuestLogin">
            <value>fasle</value>
        </property>
        <property name="nodeService">
            <ref bean="nodeService" />
        </property>
        <property name="personService">
            <ref bean="personService" />
        </property>
        <property name="transactionService">
            <ref bean="transactionService" />
        </property>
    </bean>

in your shared/classes/alfresco/extension area, add the above to your modified spring configuration.

I'd like to see this pulled out as a property in custom-repository.properties.  I'll check and see if there is a ticket for this - would make things much cleaner/easier.

Hello,

You can disable guest access within the authentication-services-context.xml

The relevant section is:

    <bean id="authenticationComponentImpl" class="org.alfresco.repo.security.authentication.AuthenticationComponentImpl">
        <property name="authenticationDao">
            <ref bean="alfDaoImpl" />
        </property>
        <property name="authenticationManager">
            <ref bean="authenticationManager" />
        </property>
        <property name="allowGuestLogin">
            <value>true</value>
        </property>
    </bean>

Change 

        <property name="allowGuestLogin">
            <value>true</value>
        </property>

To:

        <property name="allowGuestLogin">
            <value>false</value>
        </property>

You can use the new extension configuration functionality to change this setting: see here

Hope this helps,

Steve
0 Kudos

gronfelt
Champ in-the-making
Champ in-the-making

‎08-06-2009 02:57 AM

I have an authentication chain looking like this:

authentication.chain=ldap1:ldap,ldap2:ldap

In the properties files for each instance the following property is set:

ldap.authentication.allowGuestLogin=false

However, Alfresco keeps spitting out error messages like this all the time:

08:31:07,840 ERROR [org.alfresco.web.scripts.AbstractRuntime] Exception from executeScript - redirecting to status template error: 07061383 Guest authentication not supported

My guess would be that Alfresco wants to authenticate the Guest account, but that's not possible since I've disabled the internal authentication. Any ideas on how to fix this the proper way?
0 Kudos

kevinr
Star Contributor
Star Contributor

‎08-06-2009 04:19 AM

Are you using Share? As i have a feeling there may be an issue in 3.2 where the Guest account is required for it to work - we are looking at this to solve a similar issue with NTLM.
0 Kudos

gronfelt
Champ in-the-making
Champ in-the-making

‎08-06-2009 05:26 AM

Yes, I'm using Share. I will try to enable guest authentication in my ldap properties files and then add a Guest user to one of my ldap directories, that should do the trick, right?
0 Kudos

ofrxnz
Champ in-the-making
Champ in-the-making

‎08-10-2009 10:34 AM

hey, im using kerberos, i get a similar error when i start with a blank repository….

though, if i start alfresco with the absolute default authentication mechanism once, then switch back to kerberos without guest access it seems to work…until i completely blank out the database/data files again…
0 Kudos
Getting started

Tags

Find what you came for

We want to make your experience in Hyland Connect as valuable as possible, so we put together some helpful links.

Copyright © 2025 Khoros, LLC