Hyland Community
Help
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 

[Alfresco 5.2] External SSO configuration not work for http header encoded on base64

ysebahi
Champ in-the-making
Champ in-the-making

‎05-31-2022 04:59 AM

Hello there,

I have configured SSO authentication with header set, And it working well when I receive my header in clear (not encoded), But I need to configure it to receive  a header value encoded on Base64. 

this is My configuration :

Alfresco-global.properties

authentication.chain=external1:external
kerberos.authentication.sso.fallback.enabled=true
external.authentication.enabled=true
external.authentication.defaultAdministratorUserNames=admin
external.authentication.proxyUserName=
external.authentication.proxyHeader=Authorization
external.authentication.userIdPattern=uid=(.*)-.*
create.missing.people=false

Share-config-costum.xml

   <config evaluator="string-compare" condition="Remote">
      <remote>
             <connector>
            <id>alfrescoHeader</id>
            <name>Alfresco Connector</name>
            <description>Connects to an Alfresco instance using header and cookie-based authentication</description>
            <class>org.alfresco.web.site.servlet.SlingshotAlfrescoConnector</class>
            <userHeader>Authorization</userHeader>
            <userIdPattern>uid=(.*)-.*</userIdPattern>
         </connector>

         <endpoint>
            <id>alfresco</id>
            <name>Alfresco - user access</name>
            <description>Access to Alfresco Repository WebScripts that require user authentication</description>
            <connector-id>alfrescoHeader</connector-id>
            <endpoint-url>http://localhost:8080/alfresco/s</endpoint-url>
            <identity>user</identity>
            <external-auth>true</external-auth>
         </endpoint>
         
         <endpoint>
            <id>alfresco-feed</id>
            <parent-id>alfresco</parent-id>
            <name>Alfresco Feed</name>
            <description>Alfresco Feed - supports basic HTTP authentication via the EndPointProxyServlet</description> 
            <connector-id>alfrescoHeader</connector-id> 
            <endpoint-url>http://localhost:8080/alfresco/s</endpoint-url>
            <identity>user</identity>
            <external-auth>true</external-auth>
         </endpoint>
         
         <endpoint>
            <id>alfresco-api</id>
            <parent-id>alfresco</parent-id>
            <name>Alfresco Public API - user access</name>
            <description>Access to Alfresco Repository Public API that require user authentication.
                         This makes use of the authentication that is provided by parent 'alfresco' endpoint.</description>
            <connector-id>alfrescoHeader</connector-id>
            <endpoint-url>http://localhost:8080/alfresco/api</endpoint-url>
            <identity>user</identity>
            <external-auth>true</external-auth>
         </endpoint>
      </remote>
   </config>

And this is my header coded on baseµ64 :

Authorization : Basic dWlkPWFkbWluLTAsb3U9cGVyc29ubmVz

Regards.

Labels:
0 Kudos
0 REPLIES 0
Getting started

Explore our Alfresco products with the links below. Use labels to filter content by product module.

Copyright © 2024 Khoros, LLC