cancel
Showing results for 
Search instead for 
Did you mean: 

Authentication

nm_santos
Champ in-the-making
Champ in-the-making
Hi everyone,

When I create an application that needs to interact with an alfresco repository residing in another computer, I know it needs a properties file so specify host and port.

But does it need always to be in the package alfresco ?

Where do I define where the properties file is located in a new application?

Regards,
Nuno.
3 REPLIES 3

nm_santos
Champ in-the-making
Champ in-the-making
Also, another detail that I forgot.

I'm using Single-sign on in alfresco.

How can I add that to the application I am creating?

i.e. Before the program communicates with the alfresco server, I want to obtain the username and password from the active directory, so that it can authenticate successfully in order to utilize the web service.

mrogers
Star Contributor
Star Contributor
You will never get the password from an authentication system, that would be a massive security hole!

What a SSO solution does is to take some credentials (username, password, ip address whatever) and generate some sort of token or ticket to say that you have authenticated with the authentication system.     This token is then given to the application in lieu of a user/name or password.    

Or the other way of authenticating is for a username/password to be given to alfresco which then acts as a "man in the middle" and passes those credentials to the authentication system.

nm_santos
Champ in-the-making
Champ in-the-making
You will never get the password from an authentication system, that would be a massive security hole!

What a SSO solution does is to take some credentials (username, password, ip address whatever) and generate some sort of token or ticket to say that you have authenticated with the authentication system.     This token is then given to the application in lieu of a user/name or password.    

Or the other way of authenticating is for a username/password to be given to alfresco which then acts as a "man in the middle" and passes those credentials to the authentication system.


But then how can my application use the alfresco WS api?

It needs credentials to login, in order to add/edit/remove content on the repository.

I already managed to make SSO + AD work with alfresco.

For example, in the web service client, there is this fragment of code:

public static void main(String[] args) throws Exception
   {
      // Start the session
      AuthenticationUtils.startSession(MY_USER, MY_PASSWORD);

I need to obtain that user and password based on who logged in, on the computer.