nuxeo-platform-login-portal-sso 401 Server Error?

Hello,

New user to Nuxeo and trying to follow the steps of using the nuxeo-platform-login-portal-sso plugin, using the steps outlined here: http://answers.nuxeo.com/questions/1002/how-do-i-integrate-with-nuxeo-platform-login-portal-sso-in-my-portal We are trying to use the Nuxeo Automation Client (Java) to authenticate using the portal-sso plugin. Here's the Java code in the automation client:

HttpAutomationClient client = new HttpAutomationClient("http://localhost:8080/nuxeo/site/automation"
client.setRequestInterceptor(new PortalSSOAuthInterceptor("nuxeo5secretkey", "myUser"));
Session session = client.getSession();

At the point that 'getSession()' is called we get the following error from Tomcat: 401 - Server Error “This request requires HTTP authentication.”

We are using a standard tomcat deployment and have put in our own portalsso-config.xml file per the documentation.

Any ideas on why we would still be getting the 401 Server Error?

Any help is appreciated.

Thanks.

0 votes

1 answers

1748 views

ANSWER



[SOLVED] The issue for us was that we needed to add an extension in the *-config.xml to the specificAuthenticationChain using “Automation”.

An example file that worked for us looks like this:

<component name="MyAPP.Mod_sso">
<require>org.nuxeo.ecm.platform.ui.web.auth.defaultConfig</require>
<require>org.nuxeo.ecm.platform.login.Portal</require>
<extension
  target="org.nuxeo.ecm.platform.ui.web.auth.service.PluggableAuthenticationService"
  point="authenticators">
  <authenticationPlugin
          name="PORTAL_AUTH">
   <loginModulePlugin>Trusting_LM</loginModulePlugin>
   <parameters>
     <parameter name="secret">nuxeo5secretkey</parameter>
     <parameter name="maxAge">3600</parameter>
   </parameters>
  </authenticationPlugin>
</extension>

<!-- Include Portal Auth into authentication chain -->
<extension
  target="org.nuxeo.ecm.platform.ui.web.auth.service.PluggableAuthenticationService"
  point="chain">
  <authenticationChain>
    <plugins>
      <!--  Keep basic Auth at top of Auth chain to support RSS access via BasicAuth -->
      <plugin>BASIC_AUTH</plugin>
      <plugin>PORTAL_AUTH</plugin>
      <plugin>FORM_AUTH</plugin>
    </plugins>
  </authenticationChain>
</extension>

<extension
  target="org.nuxeo.ecm.platform.ui.web.auth.service.PluggableAuthenticationService"
  point="specificChains">
  <!-- Setup Automation client to use the Portal SSO plugin -->
  <specificAuthenticationChain name="Automation">
    <urlPatterns>
      <url>(.*)/automation.*</url>
    </urlPatterns>

    <replacementChain>
      <plugin>BASIC_AUTH</plugin>
      <plugin>PORTAL_AUTH</plugin>
      <plugin>FORM_AUTH</plugin>
    </replacementChain>
  </specificAuthenticationChain>
</extension>
</component>

Note that if you need REST API as well, you may need to add another extension in this file for REST API to use portal SSO authentication.

0 votes



do you happen to know which extension we need to add for the REST API
03/30/2017