Hyland Community
Help
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 

nuxeo-platform-login-portal-sso 401 Server Error?

Go to answer
NuxeoNate_
Champ in-the-making
Champ in-the-making

‎05-11-2015 01:00 PM

Hello,

New user to Nuxeo and trying to follow the steps of using the nuxeo-platform-login-portal-sso plugin, using the steps outlined here: http://answers.nuxeo.com/questions/1002/how-do-i-integrate-with-nuxeo-platform-login-portal-sso-in-m... We are trying to use the Nuxeo Automation Client (Java) to authenticate using the portal-sso plugin. Here's the Java code in the automation client:

HttpAutomationClient client = new HttpAutomationClient("http://localhost:8080/nuxeo/site/automation"
client.setRequestInterceptor(new PortalSSOAuthInterceptor("nuxeo5secretkey", "myUser"));
Session session = client.getSession();

At the point that 'getSession()' is called we get the following error from Tomcat: 401 - Server Error "This request requires HTTP authentication."

We are using a standard tomcat deployment and have put in our own portalsso-config.xml file per the documentation.

Any ideas on why we would still be getting the 401 Server Error?

Any help is appreciated.

Thanks.

0 Kudos
1 ACCEPTED ANSWER

Go to answer
NuxeoNate_
Champ in-the-making
Champ in-the-making

‎05-11-2015 04:35 PM

[SOLVED] The issue for us was that we needed to add an extension in the *-config.xml to the specificAuthenticationChain using "Automation".

An example file that worked for us looks like this:

<component name="MyAPP.Mod_sso">
<require>org.nuxeo.ecm.platform.ui.web.auth.defaultConfig</require>
<require>org.nuxeo.ecm.platform.login.Portal</require>
<extension
  target="org.nuxeo.ecm.platform.ui.web.auth.service.PluggableAuthenticationService"
  point="authenticators">
  <authenticationPlugin
          name="PORTAL_AUTH">
   <loginModulePlugin>Trusting_LM</loginModulePlugin>
   <parameters>
     <parameter name="secret">nuxeo5secretkey</parameter>
     <parameter name="maxAge">3600</parameter>
   </parameters>
  </authenticationPlugin>
</extension>

<!-- Include Portal Auth into authentication chain -->
<extension
  target="org.nuxeo.ecm.platform.ui.web.auth.service.PluggableAuthenticationService"
  point="chain">
  <authenticationChain>
    <plugins>
      <!--  Keep basic Auth at top of Auth chain to support RSS access via BasicAuth -->
      <plugin>BASIC_AUTH</plugin>
      <plugin>PORTAL_AUTH</plugin>
      <plugin>FORM_AUTH</plugin>
    </plugins>
  </authenticationChain>
</extension>

<extension
  target="org.nuxeo.ecm.platform.ui.web.auth.service.PluggableAuthenticationService"
  point="specificChains">
  <!-- Setup Automation client to use the Portal SSO plugin -->
  <specificAuthenticationChain name="Automation">
    <urlPatterns>
      <url>(.*)/automation.*</url>
    </urlPatterns>

    <replacementChain>
      <plugin>BASIC_AUTH</plugin>
      <plugin>PORTAL_AUTH</plugin>
      <plugin>FORM_AUTH</plugin>
    </replacementChain>
  </specificAuthenticationChain>
</extension>
</component>

Note that if you need REST API as well, you may need to add another extension in this file for REST API to use portal SSO authentication.

View answer in original post

0 Kudos
2 REPLIES 2

Go to answer
NuxeoNate_
Champ in-the-making
Champ in-the-making

‎05-11-2015 04:35 PM

[SOLVED] The issue for us was that we needed to add an extension in the *-config.xml to the specificAuthenticationChain using "Automation".

An example file that worked for us looks like this:

<component name="MyAPP.Mod_sso">
<require>org.nuxeo.ecm.platform.ui.web.auth.defaultConfig</require>
<require>org.nuxeo.ecm.platform.login.Portal</require>
<extension
  target="org.nuxeo.ecm.platform.ui.web.auth.service.PluggableAuthenticationService"
  point="authenticators">
  <authenticationPlugin
          name="PORTAL_AUTH">
   <loginModulePlugin>Trusting_LM</loginModulePlugin>
   <parameters>
     <parameter name="secret">nuxeo5secretkey</parameter>
     <parameter name="maxAge">3600</parameter>
   </parameters>
  </authenticationPlugin>
</extension>

<!-- Include Portal Auth into authentication chain -->
<extension
  target="org.nuxeo.ecm.platform.ui.web.auth.service.PluggableAuthenticationService"
  point="chain">
  <authenticationChain>
    <plugins>
      <!--  Keep basic Auth at top of Auth chain to support RSS access via BasicAuth -->
      <plugin>BASIC_AUTH</plugin>
      <plugin>PORTAL_AUTH</plugin>
      <plugin>FORM_AUTH</plugin>
    </plugins>
  </authenticationChain>
</extension>

<extension
  target="org.nuxeo.ecm.platform.ui.web.auth.service.PluggableAuthenticationService"
  point="specificChains">
  <!-- Setup Automation client to use the Portal SSO plugin -->
  <specificAuthenticationChain name="Automation">
    <urlPatterns>
      <url>(.*)/automation.*</url>
    </urlPatterns>

    <replacementChain>
      <plugin>BASIC_AUTH</plugin>
      <plugin>PORTAL_AUTH</plugin>
      <plugin>FORM_AUTH</plugin>
    </replacementChain>
  </specificAuthenticationChain>
</extension>
</component>

Note that if you need REST API as well, you may need to add another extension in this file for REST API to use portal SSO authentication.

0 Kudos

Go to answer
Eduardo_Rodrigu
Champ on-the-rise
Champ on-the-rise
In response to NuxeoNate_

‎03-30-2017 02:36 AM

do you happen to know which extension we need to add for the REST API

0 Kudos
Getting started

Find what you came for

We want to make your experience in Hyland Connect as valuable as possible, so we put together some helpful links.

Copyright © 2024 Khoros, LLC