if i log-in to the alfresco web client, can i also use a Single Sign ON to log-in to share directly (so that when i open share i dont have to sign-in again). i would like to use a security model that comes with alfresco like NTLM.
perhaps i should rephrase my question. i want a user to sign into alfresco web explorer using the username and password assigned. when the same user wants to access alfresco share, it will automatically sign the user in (with the credentials used to sign in to alfresco web client).
Hi, ok, I'm not sure, but you should try to move your endpoints to alfresco/wcs instead of alfresco/s: tomcat/shared/classes/alfresco/web-extension/webscript-framework-config-custom.xml:
<alfresco-config>
<!– Overriding endpoints to reference a remote Alfresco server –>
<endpoint> <id>alfresco</id> <name>Alfresco - user access</name> <description>Access to Alfresco Repository WebScripts that require user authentication</description> <connector-id>alfresco</connector-id> <endpoint-url>http://localhost:8080/alfresco/wcs</endpoint-url> <identity>user</identity> <!– not sure if you have to set the following tag in your case–> <external-auth>true</external-auth> </endpoint>
- Put apache in front of tomcat and configure it to ask for basic authentication - Configure apache to set the request header X-Alfresco-Remote-User with the username of the authenticated user as value - Configure Alfresco to use the external authentication subsystem (Alfresco 3.2r2 required) - Configure Alfresco Share (webscripts-framework-config-custom) to log into Alfresco with cookies (see the CAS wiki article for the config) - Configure the tomcat connector on port 8009 to have tomcatAuthentication=false
Now Alfresco Explorer will log you in automatically based on the header. Alfresco Share will read the REMOTE_USER cgi variable and log you in Alfresco Share will log into Alfresco itself by setting the header also.
