Hyland Community
Help
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 

Share Custom Authentication

soloff
Champ in-the-making
Champ in-the-making

‎06-13-2016 09:00 AM

Dear colleagues, could you kindly help me with the problem described here.
I have to develop Custom Authentication method, so that users can log in the system in two ways: enter their UserName or their personal number (Custom Person Attribute).

First of all, I set authentication.chain in <strong>alfresco-global.properties</strong>
authentication.chainalfrescoNtlm1:alfrescoNtlm,CustomAuthentication:CustomAuthentication

After that I implemented CustomAuthentication class as:


public class CustomAuthentication extends AbstractAuthenticationComponent
{
   public void authenticateImpl(String userName, char[] password) throws AuthenticationException
   {      
      userName = GetUserNameByPersonalNumber(userName);      
      if (userName != null)
      {
         setCurrentUser(userName);         
      }
      else
      {
         throw new AuthenticationException("User is not found!");
      }
   }
      
   private String GetUserNameByPersonalNumber(String personNumber)
   {   
      //For example…   
      return "myUserName";
   }
      
   public Authentication authenticate(Authentication token) throws AuthenticationException
   {
      return token;
   }

   @Override
   protected boolean implementationAllowsGuestLogin()
   {
      return false;
   }
}


I can see that the user is autheticated in Repo, but what can I do with Share? Each time a system error appears (see below):


2016-06-13 15:11:29,964 ERROR [org.alfresco.web.site] [http-apr-8080-exec-3] org.springframework.web.util.NestedServletException: Request processing failed; nested exception is org.springframework.extensions.surf.exception.UserFactoryException: Unable to retrieve user from repository
org.springframework.extensions.surf.exception.UserFactoryException: Unable to retrieve user from repository
   at org.springframework.extensions.surf.support.AlfrescoUserFactory.loadUser(AlfrescoUserFactory.java:194)
   at org.alfresco.web.site.SlingshotUserFactory.loadUser(SlingshotUserFactory.java:135)
   at org.springframework.extensions.surf.support.AbstractUserFactory.initialiseUser(AbstractUserFactory.java:182)
   at org.springframework.extensions.surf.support.AbstractUserFactory.initialiseUser(AbstractUserFactory.java:100)
   at org.springframework.extensions.surf.RequestContextUtil.initialiseUser(RequestContextUtil.java:259)
   at org.springframework.extensions.surf.RequestContextUtil.populateRequestContext(RequestContextUtil.java:182)
   at org.springframework.extensions.surf.RequestContextUtil.populateRequestContext(RequestContextUtil.java:137)
   at org.springframework.extensions.surf.mvc.AbstractWebFrameworkView.populateRequestContext(AbstractWebFrameworkView.java:384)
   at org.springframework.extensions.surf.mvc.AbstractWebFrameworkView.renderMergedOutputModel(AbstractWebFrameworkView.java:294)
   at org.springframework.web.servlet.view.AbstractView.render(AbstractView.java:264)
   at org.springframework.web.servlet.DispatcherServlet.render(DispatcherServlet.java:1216)
   at org.springframework.web.servlet.DispatcherServlet.processDispatchResult(DispatcherServlet.java:1001)
   at org.springframework.web.servlet.DispatcherServlet.doDispatch(DispatcherServlet.java:945)
   at org.springframework.web.servlet.DispatcherServlet.doService(DispatcherServlet.java:867)
   at org.springframework.web.servlet.FrameworkServlet.processRequest(FrameworkServlet.java:953)
   at org.springframework.web.servlet.FrameworkServlet.doGet(FrameworkServlet.java:844)
   at javax.servlet.http.HttpServlet.service(HttpServlet.java:620)
   at org.springframework.web.servlet.FrameworkServlet.service(FrameworkServlet.java:829)
   at javax.servlet.http.HttpServlet.service(HttpServlet.java:727)
   at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:303)
   at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:208)
   at org.apache.tomcat.websocket.server.WsFilter.doFilter(WsFilter.java:52)
   at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:241)
   at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:208)
   at org.alfresco.web.site.servlet.SecurityHeadersFilter.doFilter(SecurityHeadersFilter.java:182)
   at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:241)
   at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:208)
   at org.alfresco.web.site.servlet.CSRFFilter.doFilter(CSRFFilter.java:315)
   at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:241)
   at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:208)
   at org.alfresco.web.site.servlet.SSOAuthenticationFilter.doFilter(SSOAuthenticationFilter.java:447)
   at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:241)
   at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:208)
   at org.alfresco.web.site.servlet.MTAuthenticationFilter.doFilter(MTAuthenticationFilter.java:74)
   at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:241)
   at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:208)
   at org.apache.catalina.core.StandardWrapperValve.invoke(StandardWrapperValve.java:220)
   at org.apache.catalina.core.StandardContextValve.invoke(StandardContextValve.java:122)
   at org.apache.catalina.authenticator.AuthenticatorBase.invoke(AuthenticatorBase.java:504)
   at org.apache.catalina.core.StandardHostValve.invoke(StandardHostValve.java:170)
   at org.apache.catalina.valves.ErrorReportValve.invoke(ErrorReportValve.java:103)
   at org.apache.catalina.valves.AccessLogValve.invoke(AccessLogValve.java:950)
   at org.apache.catalina.core.StandardEngineValve.invoke(StandardEngineValve.java:116)
   at org.apache.catalina.connector.CoyoteAdapter.service(CoyoteAdapter.java:421)
   at org.apache.coyote.http11.AbstractHttp11Processor.process(AbstractHttp11Processor.java:1074)
   at org.apache.coyote.AbstractProtocol$AbstractConnectionHandler.process(AbstractProtocol.java:611)
   at org.apache.tomcat.util.net.AprEndpoint$SocketProcessor.doRun(AprEndpoint.java:2466)
   at org.apache.tomcat.util.net.AprEndpoint$SocketProcessor.run(AprEndpoint.java:2455)
   at java.util.concurrent.ThreadPoolExecutor.runWorker(Unknown Source)
   at java.util.concurrent.ThreadPoolExecutor$Worker.run(Unknown Source)
   at org.apache.tomcat.util.threads.TaskThread$WrappingRunnable.run(TaskThread.java:61)
   at java.lang.Thread.run(Unknown Source)
Caused by: org.springframework.extensions.surf.exception.UserFactoryException: Unable to create user - failed to retrieve user metadata: 
   at org.springframework.extensions.surf.support.AlfrescoUserFactory.loadUser(AlfrescoUserFactory.java:183)
   … 51 more


I guess, my current task is quite close to UserAutentication by email or login. Unfortunatelely, I haven't found Source Code with any examples.
Labels:
0 Kudos
2 REPLIES 2

afaust
Legendary Innovator
Legendary Innovator

‎06-14-2016 04:12 AM

Both the <a href="https://github.com/Alfresco/share/blob/fab09705778b71d4c424279ab3d433b93fdb74ce/share/src/main/java/...">SlingshotLoginController</a> and the <a href="https://github.com/Alfresco/share/blob/fab09705778b71d4c424279ab3d433b93fdb74ce/share/src/main/java/...">SlingshotUserFactory</a> use the name provided in the login UI as the user name. If that name now can be a multitude of things, e.g. an email address or personal number, then these components need to be adapted or replaced in Share to work with the new authentication methods. Essentially they should no longer trust the name provided and strive to load the correct information from the Repository-backend in order to execute the code they need to execute.

Regards
Axel
0 Kudos

soloff
Champ in-the-making
Champ in-the-making

‎06-20-2016 11:18 AM

Thank you very much for your help!
So, I have overrided <strong>SlingshotLoginController</strong> in this way

<java>
public class CustomLoginController extends SlingshotLoginController
{
    @Override
    public ModelAndView handleRequestInternal(HttpServletRequest request, HttpServletResponse response) throws Exception
    {
        …
            boolean authenticated = this.userFactory.authenticate(request, username, password);
            if (authenticated)
            {                              
               username = this.resolveLoginToUserName(username);
                AuthenticationUtil.login(request, response, username, false, webFrameworkConfiguration.isLoginCookiesEnabled());
                success = true;
            }   
        …
    }
   
    private String resolveLoginToUserName(String login) throws JSONException
    {
   String URL = URLEncoder.encodeUri(String.format("/api/user/logintousername?login=%s", login));
   Response response = this.scriptRemote.call(URL);
   JSONObject result = new JSONObject(response.getResponse());   
   return result.getString("username");
    }
}
</java>
0 Kudos
Getting started

Tags

Find what you came for

We want to make your experience in Hyland Connect as valuable as possible, so we put together some helpful links.

Copyright © 2024 Khoros, LLC