Hyland Community
Help
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 

How do authentication and permissions work when using the CMIS API?

Go to answer
Roland_Benedett
Star Contributor
Star Contributor

‎07-28-2011 05:31 PM

Can I restrict the documents available through CMIS requests based on user permissions? How does authentication work when using CMIS?

0 Kudos
1 ACCEPTED ANSWER

Go to answer
Florent_Guillau
World-Class Innovator
World-Class Innovator

‎07-29-2011 07:52 AM

Permissions: with CMIS like with all other Nuxeo APIs, the access to documents obeys the user's permissions. This means that you will not be able to see or search documents to which you don't have Read access granted, and won't be able to create, modify or delete documents to which you don't have Write access.

Authentication: this is the process through which you state and prove which user you actually are. Authentication depends on the protocol employed by your CMIS connection. Nuxeo 5.4.2 supports the standard AtomPub (REST) and SOAP (Web Services) bindings and the authentication methods standardized by CMIS for them:

  • For AtomPub, you authenticate through HTTP Basic Auth.
  • For SOAP, you authenticate through the Web Services Security (WSS) UsernameToken.

In both cases, using HTTPS is recommended as otherwise the credentials could be eavesdropped.

You can read more about CMIS in Nuxeo here.

View answer in original post

2 REPLIES 2

Go to answer
Roland_Benedett
Star Contributor
Star Contributor

‎07-28-2011 05:42 PM

Authentication is done through the CMIS API using Web Service Security user token. If the user used for that purpose is correctly configured and as the righ ACL in the Nuxeo server, only the document accessible to him will be accessible from the CMIS client using his user token.

0 Kudos

Go to answer
Florent_Guillau
World-Class Innovator
World-Class Innovator

‎07-29-2011 07:52 AM

Permissions: with CMIS like with all other Nuxeo APIs, the access to documents obeys the user's permissions. This means that you will not be able to see or search documents to which you don't have Read access granted, and won't be able to create, modify or delete documents to which you don't have Write access.

Authentication: this is the process through which you state and prove which user you actually are. Authentication depends on the protocol employed by your CMIS connection. Nuxeo 5.4.2 supports the standard AtomPub (REST) and SOAP (Web Services) bindings and the authentication methods standardized by CMIS for them:

  • For AtomPub, you authenticate through HTTP Basic Auth.
  • For SOAP, you authenticate through the Web Services Security (WSS) UsernameToken.

In both cases, using HTTPS is recommended as otherwise the credentials could be eavesdropped.

You can read more about CMIS in Nuxeo here.

Getting started

Find what you came for

We want to make your experience in Hyland Connect as valuable as possible, so we put together some helpful links.

Copyright © 2024 Khoros, LLC