Hyland Community
Help
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 

ver 4.0.d:disabled NTLM/ SSO/CIFS but invite has no user/pwd

rlyders
Champ in-the-making
Champ in-the-making

‎06-07-2012 02:53 PM

I am simply trying to setup a test site to show the managers how Alfresco works. i do not want to setup NTLM, SSO, CIFS, AD, etc. I just want to allow user to login with a username and password. Unfortunately, the "invite" emails never include the user's username and password.

I've disabled every authentication setting I can find, yet the invitation email still shows no user name and no password to the invited user. Based on this link: http://andoylang.wordpress.com/2010/07/20/alfresco-with-cifs/ I set all of the following to false:

————————–
————————–
nano /opt/alfresco-4.0.d/tomcat/shared/classes/alfresco-global.properties

ntlm.authentication.sso.enabled=false
ntlm.authentication.authenticateCIFS=false
alfresco.authentication.authenticateCIFS=false
alfresco.authentication.allowGuestLogin=false
passthru.authentication.sso.enabled=false
passthru.authentication.authenticateCIFS=false
ldap.authentication.active=false
ldap.synchronization.active=false
ntlm.authentication.sso.enables=false
ntlm.authentication.mapUnknownUserToGuest=false
passthru.authentication.authenticateFTP=false
passthru.authentication.guestAccess=false
————————–
————————–

… I understand that that user should get a username and password shown in their invitation email, but the invitation emails never include any username or password.

I then went through and updated all of the other places where these settings exist and set everything to 'false':

————————–
————————–
find -regextype posix-extended -regex '(.*\.xml|.*\.properties)' -exec  grep -H 'ntlm.authentication.sso.enabled' {} \;
nano ./webapps/alfresco/WEB-INF/classes/alfresco/subsystems/Authentication/passthru/ntlm-filter.properties
OLD:
ntlm.authentication.sso.enabled=true
ntlm.authentication.mapUnknownUserToGuest=false
ntlm.authentication.browser.ticketLogons=true
NEW:
ntlm.authentication.sso.enabled=false
ntlm.authentication.mapUnknownUserToGuest=false
ntlm.authentication.browser.ticketLogons=false

find -regextype posix-extended -regex '(.*\.xml|.*\.properties)' -exec  grep -H 'ntlm.authentication.authenticateCIFS' {} \;
find -regextype posix-extended -regex '(.*\.xml|.*\.properties)' -exec  grep -H 'alfresco.authentication.authenticateCIFS' {} \;
nano ./webapps/alfresco/WEB-INF/classes/alfresco/subsystems/Authentication/alfrescoNtlm/alfresco-authentication.properties
find -regextype posix-extended -regex '(.*\.xml|.*\.properties)' -exec  grep -H 'alfresco.authentication.allowGuestLogin' {} \;
find -regextype posix-extended -regex '(.*\.xml|.*\.properties)' -exec  grep -H 'passthru.authentication.sso.enabled' {} \;
find -regextype posix-extended -regex '(.*\.xml|.*\.properties)' -exec  grep -H 'passthru.authentication.authenticateCIFS' {} \;
nano ./webapps/alfresco/WEB-INF/classes/alfresco/subsystems/Authentication/passthru/passthru-authentication-context.properties
OLD:
passthru.authentication.authenticateCIFS=true
passthru.authentication.authenticateFTP=true
NEW:
passthru.authentication.authenticateCIFS=false
passthru.authentication.authenticateFTP=false


find -regextype posix-extended -regex '(.*\.xml|.*\.properties)' -exec  grep -H 'ldap.authentication.active' {} \;
nano ./webapps/alfresco/WEB-INF/classes/alfresco/subsystems/Authentication/ldap-ad/ldap-ad-authentication.properties
OLD:
ldap.authentication.active=true
ldap.authentication.allowGuestLogin=true
NEW:
ldap.authentication.active=false
ldap.authentication.allowGuestLogin=false

find -regextype posix-extended -regex '(.*\.xml|.*\.properties)' -exec  grep -H 'ldap.synchronization.active' {} \;
nano ./webapps/alfresco/WEB-INF/classes/alfresco/subsystems/Authentication/ldap/ldap-authentication.properties
OLD:
ldap.authentication.active=true
ldap.authentication.allowGuestLogin=true
NEW:
ldap.authentication.active=false
ldap.authentication.allowGuestLogin=false

nano ./webapps/alfresco/WEB-INF/classes/alfresco/subsystems/Authentication/ldap-ad/ldap-ad-authentication.properties
OLD:
ldap.synchronization.active=true
NEW
ldap.synchronization.active=false
————————–
————————–

no errors seen when I invite the user or when the user clicks on the URL in the invite email:
tail -f /opt/alfresco-4.0.d/alfresco.log
tail -f /opt/alfresco-4.0.d/tomcat/logs/catalina.out

Any help would be appreciated.

Regards,
Rich
Labels:
0 Kudos
1 REPLY 1

mrogers
Star Contributor
Star Contributor

‎06-07-2012 03:12 PM

Whether authentication is enabled or not is irrelevant.

If your authentication chain allows users to authenticate against an external system then there is no need to send the user name and password,  and to do so would be a major security flaw.    Only if the account is being generated on alfresco for the first time is a username and password sent (otherwise how could the user know what their user name and alfresco specific password is.)
0 Kudos
Getting started

Tags

Find what you came for

We want to make your experience in Hyland Connect as valuable as possible, so we put together some helpful links.

Copyright © 2024 Khoros, LLC