12-11-2019 08:26 AM
I am currently working on a web client(usging alfresco REST API) to signup new users but I am wondering if I can sigunup new users without using admin credentials.
https://docs.alfresco.com/5.0/references/RESTful-PersonPeoplePost.html
12-12-2019 11:49 AM
No, People API (POST /alfresco/service/api/people) requires admin level authentication in order to exeute the request.
<url>/api/people</url> <format default="json">argument</format> <authentication>admin</authentication> <transaction>required</transaction>
However, you can create your custom webcript/rest api which can be authenticated using a general user and can be used to create users by wrapping the transaction under system user. if you want to limit the API to a limited user (e.g. users who recieve tickets to add users via service desk), then create a group in alfresco and add those users to the group.
Something like:
LOGGER.info("Creating user..."); //user creation process requires administrator privileges String currentUser = AuthenticationUtil.getFullyAuthenticatedUser(); AuthenticationUtil.setRunAsUserSystem(); try { //TODO:: Your code to create user.
//Check if user is part of the group then proceed with user creation else throw error. //write response for the request } catch (InvalidNodeRefException | IllegalArgumentException | IOException | AlfrescoRuntimeException excp) { LOGGER.error("Exception occurred while creating the user", excp); throw new WebScriptException(Status.STATUS_INTERNAL_SERVER_ERROR, excp.getMessage(),excp); } finally { AuthenticationUtil.clearCurrentSecurityContext(); //Clear system user context and set original user context AuthenticationUtil.setFullyAuthenticatedUser(currentUser); } LOGGER.info("User created successfully!");
You would have to mainly use following repository services in order to create user using your custom webscript.
1- org.alfresco.service.cmr.repository.NodeService;
2- org.alfresco.service.cmr.security.AuthorityService;
3- org.alfresco.service.cmr.security.MutableAuthenticationService;
4- org.alfresco.service.cmr.security.PersonService;
12-12-2019 11:49 AM
No, People API (POST /alfresco/service/api/people) requires admin level authentication in order to exeute the request.
<url>/api/people</url> <format default="json">argument</format> <authentication>admin</authentication> <transaction>required</transaction>
However, you can create your custom webcript/rest api which can be authenticated using a general user and can be used to create users by wrapping the transaction under system user. if you want to limit the API to a limited user (e.g. users who recieve tickets to add users via service desk), then create a group in alfresco and add those users to the group.
Something like:
LOGGER.info("Creating user..."); //user creation process requires administrator privileges String currentUser = AuthenticationUtil.getFullyAuthenticatedUser(); AuthenticationUtil.setRunAsUserSystem(); try { //TODO:: Your code to create user.
//Check if user is part of the group then proceed with user creation else throw error. //write response for the request } catch (InvalidNodeRefException | IllegalArgumentException | IOException | AlfrescoRuntimeException excp) { LOGGER.error("Exception occurred while creating the user", excp); throw new WebScriptException(Status.STATUS_INTERNAL_SERVER_ERROR, excp.getMessage(),excp); } finally { AuthenticationUtil.clearCurrentSecurityContext(); //Clear system user context and set original user context AuthenticationUtil.setFullyAuthenticatedUser(currentUser); } LOGGER.info("User created successfully!");
You would have to mainly use following repository services in order to create user using your custom webscript.
1- org.alfresco.service.cmr.repository.NodeService;
2- org.alfresco.service.cmr.security.AuthorityService;
3- org.alfresco.service.cmr.security.MutableAuthenticationService;
4- org.alfresco.service.cmr.security.PersonService;
Explore our Alfresco products with the links below. Use labels to filter content by product module.