Hyland Connect

sans · ‎06-16-2011

Hi,
I want to extend the surf LoginController so that I can check if the user is part of a group in an AD, if yes allow login.
Now I have extended surf LoginController and created a jar put that jar in share/WEB-INF/lib folder.
But when I test it, I am getting PsersonService class not found exception as I am using personService.PersonExists(username) to see if the person exists.
So I moved the jar file to alfresco/WEB-INF/lib because PersonService is present in alfresco-repository-3.4.d.jar.
But now I am getting LoginController class not found exception. Because LoginController is in share/WEB-INF/lib.
Any suggestions on how to get around this?

Please help!!!

Sanjay.

sujaypillai · ‎06-16-2011

Hello Sanjay,

Rather than extending the Surf controller for AD authentication, I would suggest you to configure Alfresco with an AD-LDAP combination.

Please refer the following page for more details :
http://wiki.alfresco.com/wiki/Enterprise_Security_and_Authentication_Configuration#Recommended_combi...

Thanks,

sans · ‎06-20-2011

Hi Sujay,
Thanks for the reply.
Well, even if I configure alfresco with an AD-LDAP combination, how am i gonna check if user is part of a group or not. I will have to extend the LoginController, right? Correct me if I am wrong.

Note:- I have already configured alfresco with an AD-LDAP. I am able to login using AD-LDAP userid and password.
Thanks
Sanjay.

sujaypillai · ‎06-20-2011

Hi Sanjay,

Say that you want only a group (e.g. SHAREUSERS) in AD to access the application. Make sure that you have a group created with the same name in AD and make use of the "ldap.synchronization.groupQuery" property to sync only those set of users in to Alfresco.

Are you using the above property to sync particular group?
If possible do share the alfresco-global.properties?

Thanks,

sans · ‎06-20-2011

Hi Sujay,
No. we are not using synchronization.

Hyland Connect

Extending surf LoginController