Hyland Connect

Hi Mikel,

Correction in above. I just checked and YES the guest user is disabled in the production instance but so in my local. I did a bit of googling and found out that by default the Guest user is disabled in Alfresco.

In my local I am running the same code as in my production but in my local I am not prompted with the authentication login. If I put username and password as guest/guest in my production I am able successfully authenticate and view the content that the webscript returns. So, I am writing down certain questions please help me in answering them.

1. Does guest need to authenticate by using guest/guest as username/password ?

2. I have read the documentation and if the authentication is set to none then the transaction is by default set to none but in my case I do need a readonly transaction ??

3. Also, setting the authentication to none anyone who can form the webscript url can get access to data that the webscript return. How can I avoid it ?

Maybe some context of what you're trying to achieve will help, 

1. The guest has no authentication behind, it can be seen as the FTP annonimous

This is the default value for AlfrescoNtlm auth subsystem (tipically the one you're hitting locally)

alfresco.authentication.allowGuestLogin=true

alfresco-repository/alfresco-authentication.properties at master · Alfresco/alfresco-repository · Gi... 

On production this normally differs

2. It totally depends on your implementation code

3. Creating a ws as guest or none will make it public to the world, why can't you just use "user"?

Thanks Mikel for your reply.

I am trying to make a folder and its content in Alfresco accessible to outside world without authentication, for this purpose we have used an addon and with some modification created our own from it, so none and guest works for me.

The folder has an action that generates a unique URL and gives Consumer access to guest user on all the content inside that folder.

The unique URL generates a page which displays the all the content inside the folder which is fetched through the webscript. This webscript has guest authentication which as stated above works well on local but not on production and demand authentication on the same code.

I am not able to figure out the reason for this behaviour. Here is the link to the project .

I see, 

Maybe there is something with the order of your authentication chain, what's the value for authentication.chain property on production?

I am using default authentication on the production as well as local instance.

Yes,

We are using an apache web server.

Maybe apache is causing the auth promp

Can you try the service bypassing apache? maybe some curl from the production server console or so.