Hyland Community
Help
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 

Exception with <authentication>none</authentication>

kapil_k
Champ on-the-rise
Champ on-the-rise

‎07-14-2008 02:49 AM

I have created a simple webscript to list content articles. Using Alfresco Community & WCM 2.9.0B.
It works fine with <authentication>admin</authentication> (while logged in to Webclient as admin)

But when I try to use <authentication>none</authentication>
I get the following exception:

500 Description:    An error inside the HTTP server which prevented it from fulfilling the request.

Message:   Error during processing of the template 'get(children) failed on instance of org.alfresco.repo.template.TemplateNode'. Please contact your system administrator.

Exception:   net.sf.acegisecurity.AuthenticationCredentialsNotFoundException - A valid SecureContext was not provided in the RequestContext
   
   net.sf.acegisecurity.intercept.AbstractSecurityInterceptor.credentialsNotFound(AbstractSecurityInterceptor.java:477)
   net.sf.acegisecurity.intercept.AbstractSecurityInterceptor.beforeInvocation(AbstractSecurityInterceptor.java:355)
   net.sf.acegisecurity.intercept.method.aopalliance.MethodSecurityInterceptor.invoke(MethodSecurityInterceptor.java:77)
   org.springframework.aop.framework.ReflectiveMethodInvocation.proceed(ReflectiveMethodInvocation.java:176)
   org.alfresco.repo.security.permissions.impl.ExceptionTranslatorMethodInterceptor.invoke(ExceptionTranslatorMethodInterceptor.java:49)
   org.springframework.aop.framework.ReflectiveMethodInvocation.proceed(ReflectiveMethodInvocation.java:176)
   org.alfresco.repo.audit.AuditComponentImpl.audit(AuditComponentImpl.java:241)
   org.alfresco.repo.audit.AuditMethodInterceptor.invoke(AuditMethodInterceptor.java:69)
   org.springframework.aop.framework.ReflectiveMethodInvocation.proceed(ReflectiveMethodInvocation.java:176)
   org.springframework.transaction.interceptor.TransactionInterceptor.invoke(TransactionInterceptor.java:107)
   org.springframework.aop.framework.ReflectiveMethodInvocation.proceed(ReflectiveMethodInvocation.java:176)
   org.springframework.aop.framework.JdkDynamicAopProxy.invoke(JdkDynamicAopProxy.java:210)

Is this a known BUG? Or am I doing something wrong?
The URL for invoking the webscript is:
http://localhost:8080/alfresco/service/pac/avm/path/alfresco-compac/www/avm_webapps/ROOT/media/relea...

If I want to send authentication credentials (admin/admin) in the request URL above, how do I achieve that?

Thanks,
Kapil
Labels:
7 REPLIES 7

jpfi
Champ in-the-making
Champ in-the-making

‎07-14-2008 04:10 AM

Hi Kapil,
that's not a Bug…that's a feature 😉
Using "none" in authentication context you'll never get any informations out of the repository. You aren't authenticated, so spring security context cannot check your permissions on the node you are asking for.
You can use "none" if you want to build a WebScript which don't use any data out of the repo.
Using "guest" you will get access to all nodes where guest has sufficents permission, e.g. Guest Home.
Cheers, Jan
0 Kudos

kapil_k
Champ on-the-rise
Champ on-the-rise

‎07-15-2008 05:23 AM

How do I send authentication credentials as part of the http request?
The Webscript URL is included as a link in a JSP page. I need to authenticate without user intervention and display result inline.

Thanks,
Kapil
0 Kudos

stevewickii
Champ in-the-making
Champ in-the-making

‎12-08-2008 07:32 PM

I get the same exception with <authentication runas="admin">none</authentication> from a web script deployed on the classpath under alfresco/extension/templates/webscripts.  This should work according to the Wiki.
0 Kudos

pmonks
Star Contributor
Star Contributor

‎12-08-2008 10:39 PM

Can you post the exception here, including the entire stack trace?  The logic of your Web Script's controller (JS / Java) would also be handy, if it's not too lengthy.

Cheers,
Peter
0 Kudos

stevewickii
Champ in-the-making
Champ in-the-making

‎12-09-2008 02:16 PM

I discovered from the source code that the RUNAS feature is not available in Alfresco 2.9.0B build 683.  Alfresco 2.9B was packages on December 10, 2007, well before the runas feature was committed to subversion.  RUNAS was added to subversion at revision 3101 on September 29, 2008.  I don't know if it has been included in an official community release to this date.
0 Kudos

stevewickii
Champ in-the-making
Champ in-the-making

‎12-09-2008 02:29 PM

If you intend to use Alfresco 2.9.0B, you can accomplish nearly the same thing by setting <authentication>guest</authentication>, and then append "guest=true" to your web script URL like "http://www.example.com/alfresco/s/test?guest=true".

This works for us as long as the Guest account has been given access to all of the content and spaces you need to access from the web script.  Note: you will not have a 'companyhome' root object if Guest has not been given at least the "Consumer" role on the Company Home space.

Hope this helps.

Stephen
0 Kudos

pmonks
Star Contributor
Star Contributor

‎12-09-2008 03:14 PM

You can also use the "runAs" API [1] within a Java backed Web Script, then configure the Web Script with authentication=none or authentication=guest.  For security reasons this API is not available to Javascript backed Web Scripts however.

[1] http://dev.alfresco.com/resource/docs/java/repository/org/alfresco/repo/security/authentication/Auth...

Cheers,
Peter
0 Kudos
Getting started

Tags

Find what you came for

We want to make your experience in Hyland Connect as valuable as possible, so we put together some helpful links.

Copyright © 2025 Khoros, LLC