nuxeo-platform-login-portal-sso 401 Server Error?
Hello,
New user to Nuxeo and trying to follow the steps of using the nuxeo-platform-login-portal-sso plugin, using the steps outlined here: http://answers.nuxeo.com/questions/1002/how-do-i-integrate-with-nuxeo-platform-login-portal-sso-in-my-portal We are trying to use the Nuxeo Automation Client (Java) to authenticate using the portal-sso plugin. Here's the Java code in the automation client:
HttpAutomationClient client = new HttpAutomationClient("http://localhost:8080/nuxeo/site/automation"
client.setRequestInterceptor(new PortalSSOAuthInterceptor("nuxeo5secretkey", "myUser"));
Session session = client.getSession();
At the point that 'getSession()' is called we get the following error from Tomcat: 401 - Server Error “This request requires HTTP authentication.”
We are using a standard tomcat deployment and have put in our own portalsso-config.xml file per the documentation.
Any ideas on why we would still be getting the 401 Server Error?
Any help is appreciated.
Thanks.
[SOLVED] The issue for us was that we needed to add an extension in the *-config.xml to the specificAuthenticationChain using “Automation”.
An example file that worked for us looks like this:
<component name="MyAPP.Mod_sso">
<require>org.nuxeo.ecm.platform.ui.web.auth.defaultConfig</require>
<require>org.nuxeo.ecm.platform.login.Portal</require>
<extension
target="org.nuxeo.ecm.platform.ui.web.auth.service.PluggableAuthenticationService"
point="authenticators">
<authenticationPlugin
name="PORTAL_AUTH">
<loginModulePlugin>Trusting_LM</loginModulePlugin>
<parameters>
<parameter name="secret">nuxeo5secretkey</parameter>
<parameter name="maxAge">3600</parameter>
</parameters>
</authenticationPlugin>
</extension>
<!-- Include Portal Auth into authentication chain -->
<extension
target="org.nuxeo.ecm.platform.ui.web.auth.service.PluggableAuthenticationService"
point="chain">
<authenticationChain>
<plugins>
<!-- Keep basic Auth at top of Auth chain to support RSS access via BasicAuth -->
<plugin>BASIC_AUTH</plugin>
<plugin>PORTAL_AUTH</plugin>
<plugin>FORM_AUTH</plugin>
</plugins>
</authenticationChain>
</extension>
<extension
target="org.nuxeo.ecm.platform.ui.web.auth.service.PluggableAuthenticationService"
point="specificChains">
<!-- Setup Automation client to use the Portal SSO plugin -->
<specificAuthenticationChain name="Automation">
<urlPatterns>
<url>(.*)/automation.*</url>
</urlPatterns>
<replacementChain>
<plugin>BASIC_AUTH</plugin>
<plugin>PORTAL_AUTH</plugin>
<plugin>FORM_AUTH</plugin>
</replacementChain>
</specificAuthenticationChain>
</extension>
</component>
Note that if you need REST API as well, you may need to add another extension in this file for REST API to use portal SSO authentication.