我们有一个自定义身份验证服务,它通过REST服务接受参数并提供json响应。根据响应,我们重定向用户。我希望将这个Web服务与我们新的Alfresco Box集成。
有没有办法进行自定义基本身份验证,而不是使用LDAP或内置的SSO插件?
答案 0 :(得分:1)
如果我理解正确......
实施自定义remote user mapper:
package best.package.ever;
import org.alfresco.repo.security.authentication.external.DefaultRemoteUserMapper;
public class CustomRemoteUserMapper extends DefaultRemoteUserMapper {
public boolean canHandle(HttpServletRequest request) {
return true; // TODO
}
public String getTrustedUserId(HttpServletRequest request) {
// TODO: validate & authorize... e.g. based on trusted Json Web Token
return "trusted.user.id"; // TODO
}
public String getRemoteUser(HttpServletRequest request) {
if (canHandle(request)) {
return getTrustedUserId(request);
} else {
return super.getRemoteUser(request);
}
}
}
将您的库best-package-ever.jar放入 tomcat \ webapps \ alfresco \ WEB-INF \ lib
声明您的自定义bean并将其注入RemoteUserMapper bean: tomcat \ shared \ classes \ alfresco \ extension \ authentication-custom-context.xml
<?xml version='1.0' encoding='UTF-8'?>
<!DOCTYPE beans PUBLIC '-//SPRING//DTD BEAN//EN' 'http://www.springframework.org/dtd/spring-beans.dtd'>
<beans>
<bean id="customRemoteUserMapper" class="best.package.ever.CustomRemoteUserMapper">
<property name="personService" ref="PersonService"/>
<property name="authorityService" ref="AuthorityService" />
</bean>
<bean id="RemoteUserMapper" class="org.alfresco.repo.management.subsystems.ChainingSubsystemProxyFactory">
<property name="applicationContextManager">
<ref bean="Authentication" />
</property>
<property name="interfaces">
<list>
<value>org.alfresco.repo.security.authentication.external.RemoteUserMapper</value>
<value>org.alfresco.repo.management.subsystems.ActivateableBean</value>
</list>
</property>
<property name="sourceBeanName">
<value>customRemoteUserMapper</value> <!-- extending remoteUserMapper -->
</property>
</bean>
</beans>