04-28-2016 01:42 AM
I would like to use the REST API in a Shibboleth protected application. Our Nuxeo instance is also configured to use Shibboleth with the same Service Provider.
How can I use the Shibboleth credentials so that I can have a token for the current user just like when using Nuxeo Drive ?
There is little documentation about TOKEN AUTH and some things are not clear :
using the drive_login.jsp request works in my brower (redirects to Shib Auth and returns the token in the javascript function drive.create_account)
but using it in an HTTP requester does not work right from the start (401 : needs HTTP AUTH).
05-02-2016 12:10 AM
Hello,
Does you HTTP client support / is configured for redirect? Indeed, the drive_login.jsp page is protected by the Nuxeo authentication filter which handles the redirection to the authentication page you've configured for the Nuxeo instance, in your case Shibboleth.
05-02-2016 01:17 AM
If fact everything works fine, I only needed the right URL for authentification :
/nuxeo/authentication/token?applicationName=TEST&forceAnonymousLogin=true&deviceDescription=TEST&deviceId=TEST&permission=ReadWrite
Note : the (PHP) application is protected by Shibboleth (mod_shib) and uses the same Service Provider as Nuxeo so that the ajax call can be authentificated without user interaction.
Note : that makes it possible to build one page application in javascript only using the REST API ... promising.
Find what you came for
We want to make your experience in Hyland Connect as valuable as possible, so we put together some helpful links.