Hyland Community
Help
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 

How to make web ui use custom authentication plugin to authenticate the user?

Go to answer
Ankush_Bandil
Confirmed Champ
Confirmed Champ

‎04-28-2020 06:07 AM

I have created a plugin for authentication which will be validating a JWT token passed during API calls. I have also installed web-ui plugin of Nuxeo on my server but when I am logging in with Administrator credentials on web ui login page, it allows me login with any JWT token. Is there any way to prevent login without JWT token?

Below is the contrib.xml

<?xml version="1.0"?>
<component
	name="com.softcell.dms.auth.jwt.authchain-override-config">
	<extension
		target="org.nuxeo.ecm.platform.ui.web.auth.service.PluggableAuthenticationService"
		point="specificChains">
		<!-- 
			Extending specificChains as we only want to handle RestApis through custom jwt plugin
		-->
		<specificAuthenticationChain
			name="RestAPI">
			<headers>
				<header name = "Authorization">^(?:Basic|Bearer)\s.*</header>
				<!-- request not intended with basic authentication -->
			</headers>
			<replacementChain>
				<plugin>CUSTOM_JWT_AUTH</plugin>
			</replacementChain>
		</specificAuthenticationChain>
	</extension>
	<extension
		target="org.nuxeo.ecm.platform.ui.web.auth.service.PluggableAuthenticationService"
		point="specificChains">
		<!--
			Extending specificChains as we only want to handle Automation apis through custom jwt plugin
		-->
		<specificAuthenticationChain
			name="Automation">
			<headers>
				<header name = "Authorization">^(?:Basic|Bearer)\s.*</header>
				<!-- request not intended with basic authentication -->
			</headers>
			<replacementChain>
				<plugin>CUSTOM_JWT_AUTH</plugin>
			</replacementChain>
		</specificAuthenticationChain>
	</extension>
</component>
0 Kudos
1 ACCEPTED ANSWER

Go to answer
Rodri_
Star Contributor
Star Contributor

‎04-28-2020 12:10 PM

Hello,

first of all, take a look at this (first piece of code): https://answers.nuxeo.com/general/q/52798df8e3754ec2b908aeaf6008e32b/Custom-Authentication-not-worki...

I implemented JWT authentication, but I also kept the Basic Auth and Form Auth. I think you can just remove them from the authenticationChain. As I have seen, you only defined "specificChains", but you didn't add the authentication to the "generic" chain, so your authentication is not defined in the Web UI.

Regards.

View answer in original post

1 REPLY 1

Go to answer
Rodri_
Star Contributor
Star Contributor

‎04-28-2020 12:10 PM

Hello,

first of all, take a look at this (first piece of code): https://answers.nuxeo.com/general/q/52798df8e3754ec2b908aeaf6008e32b/Custom-Authentication-not-worki...

I implemented JWT authentication, but I also kept the Basic Auth and Form Auth. I think you can just remove them from the authenticationChain. As I have seen, you only defined "specificChains", but you didn't add the authentication to the "generic" chain, so your authentication is not defined in the Web UI.

Regards.

Getting started

Find what you came for

We want to make your experience in Hyland Connect as valuable as possible, so we put together some helpful links.

Copyright © 2024 Khoros, LLC