Hyland Connect

americanolinhar · ‎03-21-2016

I would like to log on Alfresco without going through the login page. But I don't want to use LDAP. I tried to use the CAS through this tutorial: https://wiki.alfresco.com/wiki/Alfresco_cas_with_jasig_cas_client
But the error "unable to find valid certification path to requested target" occurs and I can not solve.
Does anyone have any ideas? My Alfresco Community 5

Thank you,

teterkin · ‎05-11-2016

I need help myself, but I have a clue for you problem.

Usually, this is due to lack of trust to your certificates.
Try to add CA and intermediate certificates to you truststore.
You need to use a keytool. Something like this:

./java/bin/keytool -import -alias ssl.alfreco.ca -file ./alf_data/keystore/ca.crt -keystore ./alf_data/keystore/ssl.truststore -storetype JCEKS -storepass your_password‍

vikpr · ‎05-11-2016

The "unable to find valid certification path to requested target" error usually means that you have a self-signed SSL certificate which Java doesn't like. The simplest fix is to import the certificate into your JVM trust store like it's described here http://www.mkyong.com/webservices/jax-ws/suncertpathbuilderexception-unable-to-find-valid-certificat... . The link there seems to be dead but it should give you the idea.

manikandarajan · ‎06-10-2016

Hi , I'm trying to integrate Alfresco community edition to my JSF application. where when i click the DMS button from my JSF application - the folder will be created automatically in alfresco and it will open the workspace for that particular transaction which are handled by JAVA code ( Create session, create folder) methods but while opening the share window it asks to enter the password.how can i achieve it ? Where i have to use the login credentials used for my JSF application to bypass alfresco login. i've tried with httpheader method but not successful. other than LDAP, Kerberos, NTLM, please let me know if there any option to open alfresco share without login. Version of alfresco doesn't matter. suggest a version for me. since now i've tried with 4.0 and 4.2.e. Thanks in Advance

steven_okennedy · ‎06-10-2016

Hi,

If you're talking about effectively delegating responsibility for authenticating the user to your JSF application (i.e. it controls whether a user is authenticated or not) then you can use the External authentication subsystem. What this does is it expects the user identity to be provided to it in a HTTP header, X-Alfresco-Remote-User by default, and treats requests that come through as being already authenticated.

So your JSF code can set this header on the requests to Alfresco/Share specifying the user name of the logged in user as the value of the header. Alfresco will treat this as being authorised by another trusted external system and will allow access as that user. You'll need to ensure that both the JSF application and Alfresco have access to the same pool of users (e.g. synced from LDAP, or have Alfresco auto create users that don't exist)

Obviously this dilutes the security that Alfresco provides considerably so you should take appropriate steps to ensure that Alfresco cannot be accessed illegitimately by other parties (by faking a header with an arbitrary user name) e.g. by securing access to the Alfresco server at a network level.

Have a look at http://docs.alfresco.com/5.0/concepts/auth-basics.html

Regards

Steven

Hyland Connect

Login without login page