chemistry-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "Sascha Homeier (JIRA)" <j...@apache.org>
Subject [jira] [Commented] (CMIS-887) RunAs Authentication possiblity
Date Thu, 29 Jan 2015 11:48:34 GMT

    [ https://issues.apache.org/jira/browse/CMIS-887?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=14296742#comment-14296742
] 

Sascha Homeier commented on CMIS-887:
-------------------------------------

Sry for commenting on a resolved ticket but I recently implemented the same behaviour and
maybe it helps you:

On client side I extended StandardAuthenticationProvider to set the HTTPHeaders and on Server
Side I extended TokenCallContextHandler to properly handle the additionally Tokens and set
them on CallContext so that they are available later.

Hope this is correct and intended usage of Chemistry, otherwise Florian may berate me ;)

I did this because I want to know if client is using my CMIS Client (then I set a version
HTTP param) or another one (then the HTTP param is not set).
So similiar to your use case where you want to know user names instead of client version.

Additionally I set encrpyted password header this way to support secure authentication also
via HTTP (not only via HTTPS)

> RunAs Authentication possiblity
> -------------------------------
>
>                 Key: CMIS-887
>                 URL: https://issues.apache.org/jira/browse/CMIS-887
>             Project: Chemistry
>          Issue Type: Improvement
>          Components: opencmis-client, opencmis-server
>    Affects Versions: OpenCMIS 0.12.0
>         Environment: Alfresco 4.2
>            Reporter: Tahir Malik
>
> There is no possibility to define a RunAs user through CMIS.
> At the moment we have a custom webscript in Alfresco which logs in as the RunAs user
and returns the ticket.
> Then we use the ticket in the password field and do our stuff.
> It would be nice to extent the Authentication mechanism to supply extra parameters and
control them server side so this is not needed.
> If this is already possible, then I didn't knew that and I'd love to have some info how
to do that.



--
This message was sent by Atlassian JIRA
(v6.3.4#6332)

Mime
View raw message