Hyland Community
Help
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 

User Impersonation

ukdavo
Champ in-the-making
Champ in-the-making

‎08-03-2010 06:39 AM

Hi there

I would like to be able to perform CMIS actions against Alfresco as an impersonated user. I am aware that CMIS does not specify any functionality re user impersonation. I was hoping to achieve something like this:

  • Login to Alfresco via REST API or Web Script as the admin.

  • Impersonate the target user

  • Create a login ticket for the target user

  • Execute a CMIS service method (e.g. getChildren()) against Alfresco using the target user's username and login ticket
I'd like to do this so that users can login to my webapp, click a button in it and this will trigger a CMIS method. My app utilises Kerberos authentication via Spring Security so I would have the authenticated username but no password.

The questions that I have are:

  • Does the REST API provide a getLoginticketForUser() type method? If not then I guess I'll have to create a WebScript to do this via AuthenticationUtil.setCurrentUser().

  • Can I pass login tickets instead of the password to Alfresco's CMIS service?
Thanks
Labels:
0 Kudos
1 REPLY 1

ukdavo
Champ in-the-making
Champ in-the-making

‎08-03-2010 11:19 AM

I just noticed in Jeff Pott's CMIS article (http://ecmarchitect.com/archives/2009/11/23/1094) that Alfresco's CMIS implementation can accept basic auth or Alfresco tickets. I also found a blog post that discusses how to get an Alfresco ticket via web script (http://fabiostrozzi.eu/?p=24).
0 Kudos
Getting started

Tags

Find what you came for

We want to make your experience in Hyland Connect as valuable as possible, so we put together some helpful links.

Copyright © 2025 Khoros, LLC