cancel
Showing results for 
Search instead for 
Did you mean: 

Workaround for ALF-21129?

a_varvitsiotis
Champ in-the-making
Champ in-the-making
Hello to all,

We are working on an internal project on Alfresco CE 4.2.f. For this project,
I am trying to access the CMIS 1.1 browser bindings via javascript on a
Cross-Origin (CORS) setup, using JQuery.ajax with a
  "xhrFields: {withCredentials=true}"
setting. Our settings for the rest of Alfresco (and share) includes NTLM,
which works fine.

This triggers https://issues.alfresco.com/jira/browse/ALF-21129, which is as yet
unresolved.

By my findings, Firefox and Mozilla pop up an authentication dialog (which, at
least, provides for authentication albeit with a degraded user experience), whereas
MSIE fails altogether the connection, at least with my current settings (I have
read of a modified setting here:
http://stackoverflow.com/questions/20614809/cors-authentication-in-internet-explorer-using-jquery
), which however is unacceptable for our case, since it would require all users
to make changes to their IE settings, even for a pilot tryout.

Since we have NTLM Authentication on and working (and we are also in the way of
setting up Kerberos/SSPNEG), we would like to have NTLM and/or SSPNEG working
for the CMIS 1.1 browser binding, too.

My question is, has anyone worked around ALF-21129 and managed to provide e.g. NTLM
(or SSPNEG) authentication for the CMIS 1.1 browser binding on 4.2? Our demo setup
runs on Tomcat, so even a Tomcat-specific workaround would be acceptable at this
point.

Of course, I would be delighted to hear when a fix for ALF-21129 is scheduled, too,
and whether this will only be available for 5.0.

Regards,

Angelos
1 REPLY 1

a_varvitsiotis
Champ in-the-making
Champ in-the-making
I am replying to my own post, to note that https://issues.alfresco.com/jira/browse/ALF-21129
seems to have been fixed in 5.0.d which came out recently. We shall give it a testing shot.
Thanks to Kevin Roast for fixing it!

Regards,

Angelos