Plugin to handle identity propagation between an external application and Nuxeo CAS_AUTH and PORTAL_AUTH

Hello!

I have trouble to use the plugin CAS_AUTH and I have add PORTAL_AUTH with automation to propagate the identity between an external application and Nuxeo. But this mechanism doesn't work, I don't understand why. Nevertheless I followed the indications on the documentation Nuxeo as well as the various forums.

For headers sent to the http request, which are the ones to send for my case. Or where i can find the differents headers to send a http request for using CAS_AUTH abd PORTAL_AUTH.

Because when I test to send a http request via the addon RestClient of Firefox, I am automatically connect with the anonymous user. Here is my configuration for the plugin

<?xml version="1.0"?>
<component name="org.esup.ecm.login">
<!-- certains composants doivent être chargés avant que ce fichier soit
       lu car ils contiennent des points d'extension sur l'authentification -->
<require>org.nuxeo.ecm.platform.ui.web.auth.defaultConfig</require>
<require>org.nuxeo.ecm.platform.login.Cas2SSO</require>

<extension
target="org.nuxeo.ecm.platform.ui.web.auth.service.PluggableAuthenticationService"
    point="authenticators">
    <authenticationPlugin name="CAS2_AUTH">
       <needStartingURLSaving>true</needStartingURLSaving>
       <loginModulePlugin>Trusting_LM</loginModulePlugin>
        <parameters>
            <!-- variable contenant le ticket dans l'url -->
            <parameter name="ticketKey">ticket</parameter>
            <!-- si utilisation du mode proxy -->
            <!--<parameter name="proxyKey">ticket</parameter>-->
            <parameter name="appURL">http://localhost:8080/nuxeo/</parameter>
            <!-- URL de login du serveur CAS -->
            <parameter name="serviceLoginURL">https://localhost/cas/login</parameter>
            <!-- URL de validation du ticket du serveur CAS -->
            <parameter name="serviceValidateURL">https://localhost/cas/serviceValidate</parameter>
            <!-- variable contenant le nom du service dans l'URL -->
            <parameter name="serviceKey">service</parameter>
            <!-- URL de logout de CAS -->
            <parameter name="logoutURL">https://localhost/cas/logout?service=http://localhost:8080/nuxeo/</parameter>
        </parameters>
    </authenticationPlugin>
</extension>
<!-- chainage de l'authentification : on garde une authentification de type
     BASIC pour les accès particuliers (RSS/cmis/contentAutomation) -->
<extension
    target="org.nuxeo.ecm.platform.ui.web.auth.service.PluggableAuthenticationService"
    point="chain">
    <authenticationChain>
        <plugins>
            <plugin>BASIC_AUTH</plugin>
            <plugin>CAS2_AUTH</plugin>
        </plugins>
    </authenticationChain>
</extension>
<extension point="specificChains" target="org.nuxeo.ecm.platform.ui.web.auth.service.PluggableAuthenticationService">

    <specificAuthenticationChain name="Automation">
        <urlPatterns>
            <url>(.*)/automation.*</url>
        </urlPatterns>

        <replacementChain>
            <plugin>AUTOMATION_BASIC_AUTH</plugin>
            <plugin>PORTAL_AUTH</plugin>
            <plugin>ANONYMOUS_AUTH</plugin>
        </replacementChain>
    </specificAuthenticationChain>
</extension>
</component>

Thank you for your help.

0 votes

0 answers

1037 views

ANSWER

hello, did you find a solution ?
12/10/2013