chemistry-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Florian Müller <f...@apache.org>
Subject Re: Question regarding OpenCMIS Authentication Methods
Date Tue, 18 Jun 2013 14:52:55 GMT
 Hi Michel,

 You can control the authentication method with session parameters [1].
 Check the parameters AUTH_HTTP_BASIC and AUTH_SOAP_USERNAMETOKEN.

 OpenCMIS sends both by default because some repositories need both for 
 some reason.


 - Florian


 [1] 
 http://chemistry.apache.org/java/developing/dev-session-parameters.html



> Hi all
>
> We are using Apache OpenCMIS to connect to our FileNet P8 Repository.
> It works well, but there is an unclarity regarding the authentication
> mechanism used.
>
> We have seen when we analysed the tcp traffic that both HTTP Basic
> Authentication and ws-security UserToken Profile are used in the same 
> soap
> call:
>
> POST /fncmis/RepositoryService HTTP/1.1
> Content-type:
> 
> multipart/related;start="<rootpart*5f4ecd63-252f-4c00-a30f-7472e69f9b2b@example.jaxws.sun.com>";type="application/xop
> 
> +xml";boundary="uuid:5f4ecd63-252f-4c00-a30f-7472e69f9b2b";start-info="text/xml"
> X-cmis-client: Apache Chemistry OpenCMIS/0.8.0
> Authorization: Basic "Not shown here"
> Soapaction: ""
> Accept: text/xml, multipart/related, text/html, image/gif, 
> image/jpeg, *;
> q=.2, */*; q=.2
> User-Agent: JAX-WS RI 2.1.7-b01-
> Host: b0d01042.rz.ch.zurich.com:22281
> Connection: keep-alive
> Content-Length: 1277
>
> --uuid:5f4ecd63-252f-4c00-a30f-7472e69f9b2b
> Content-Id:
> <rootpart*5f4ecd63-252f-4c00-a30f-7472e69f9b2b@example.jaxws.sun.com>
> Content-Type: application/xop+xml;charset=utf-8;type="text/xml"
> Content-Transfer-Encoding: binary
>
> <?xml version='1.0' encoding='UTF-8'?><S:Envelope
> 
> xmlns:S="http://schemas.xmlsoap.org/soap/envelope/"><S:Header><Security
> 
> xmlns="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd"><Timestamp
>
> 
> xmlns="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd"><Created>2013-06-18T12:46:11Z</Created><Expires>2013-06-19T12:46:11Z</Expires></Timestamp><UsernameToken><Username>XXXXX</Username><Password
>
> 
> Type="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-username-token-profile-1.0#PasswordText">XXXXX</Password><Created
>
> 
> xmlns="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd">2013-06-18T12:46:11Z</Created></UsernameToken></Security></S:Header><S:Body><ns2:getRepositoryInfo
>  xmlns="http://docs.oasis-open.org/ns/cmis/core/200908/"
> 
> xmlns:ns2="http://docs.oasis-open.org/ns/cmis/messaging/200908/"><ns2:repositoryId>GI_CH_DOC01</ns2:repositoryId></ns2:getRepositoryInfo></S:Body></S:Envelope>
>
> Is there any way to configure that only one method is used to 
> authenticate?
>
> Thank you
>
> Regards
> __________________________________________
>
> Michel Riondel
> Solution Architect ECM
> GITS
>
> Zurich Insurance Company
> Austrasse 46
> CH-8045 Zürich
> Schweiz / Switzerland
>
> ++41 (0)44 628 94 88 (direkt)
> ++41 (0)78 946 80 27 (mobil)
> michel.riondel@zurich.com
>
>
>
>
>
>
> ******************* BITTE BEACHTEN *******************
> Diese Nachricht (wie auch allfällige Anhänge dazu) beinhaltet
> möglicherweise vertrauliche oder gesetzlich geschützte Daten oder
> Informationen. Zum Empfang derselben ist (sind) ausschliesslich die
> genannte(n) Person(en) bestimmt. Falls Sie diese Nachricht
> irrtümlicherweise erreicht hat, sind Sie höflich gebeten, diese unter
> Ausschluss jeder Reproduktion zu zerstören und die absendende Person
> umgehend zu benachrichtigen. Vielen Dank für Ihre Hilfe.


Mime
View raw message