Hyland Community
Help
cancel
Turn on suggestions
Showing results for 
Search instead for 
Did you mean: 

Generating an Alfresco Ticket on Behalf of another User?

praj
Champ in-the-making
Champ in-the-making

‎04-18-2012 10:25 PM

Hi,

Is it possible through a combination of external (or appropriate) authentication using a proxyUserName to generate an Alfresco ticket on behalf of another user?

E.g. proxy user logs in, runs the webscript:
POST /alfresco/s/api/login

And generates a ticket for the target user which can then be used by the target user for authentication purposes?

Thanks

Praj
Labels:
0 Kudos
6 REPLIES 6

mitpatoliya
Star Collaborator
Star Collaborator

‎04-19-2012 06:42 AM

No, I do not think so.
And also logically it makes system insecure.
So, I do not think this feature will ever be there in any of the system.
0 Kudos

mrogers
Star Contributor
Star Contributor

‎04-19-2012 07:00 AM

If you are using external authentication then you can pass in whatever token you want.    Alfresco will simply trust whatever your external authentication system says.
0 Kudos

praj
Champ in-the-making
Champ in-the-making

‎04-23-2012 07:38 PM

If you are using external authentication then you can pass in whatever token you want.    Alfresco will simply trust whatever your external authentication system says.

Thanks for the advice. I've been through the external authentication documentation covered here:
http://wiki.alfresco.com/wiki/Alfresco_Authentication_Subsystems#External

My question relates to setting up same-signon between another system and Alfresco without the use of a 3rd party authentication system (LDAP, CAS, etc). From what I understand of the external authentication functionality, it requires the REMOTE_USER CGI variable to be set to enable pass-thru authentication into Share (looking specifically at same-signon into Share). Would there be a way to do this without doing it at the apache level? E.g. within a PHP script? Any suggestions?
0 Kudos

mrogers
Star Contributor
Star Contributor

‎04-24-2012 05:28 AM

Any suggestions?

Why are you doing this?  It seems a bit strange.
0 Kudos

rdanner
Champ in-the-making
Champ in-the-making

‎05-02-2012 12:33 AM

Hi,

Is it possible through a combination of external (or appropriate) authentication using a proxyUserName to generate an Alfresco ticket on behalf of another user?

E.g. proxy user logs in, runs the webscript:
POST /alfresco/s/api/login

And generates a ticket for the target user which can then be used by the target user for authentication purposes?

Thanks

Praj


Are you thinking that your third party authentication would have to log in as a super user and then generate ticket for the user it's authenticating?

You should not have to do this.  Take a look at the out of the box subsystems for supporting CAS.  Another example is the CROWD plugin by AppFusion.
0 Kudos

abarisone
Star Contributor
Star Contributor

‎10-05-2012 05:47 AM

Hi all,
we have a scenario where having Alfresco external authentication coming from a portal (trought CAS), we would need that a Call Center user could "impersonate" another user in order to carry out operations on behalf of another user.
We obtain a TGT for the CC user, but it is there an out-of-the-box function or procedure in order to achieve this impersonation?

Thanks,
Andrea
0 Kudos
Getting started

Tags

Find what you came for

We want to make your experience in Hyland Connect as valuable as possible, so we put together some helpful links.

Copyright © 2025 Khoros, LLC
li.common.scroll-to.top