Platform Explorer / Nuxeo Platform LTS 2015 7.10

Extension point authenticators

Documentation

Registry for Authentication Plugins. Authentication plugins are responsible for : - generating the authentication prompt (if needed) - get the user identity - set the LoginModule that will be used for Login

Authentication plugin must implement the NuxeoAuthenticationPlugin interface.

Default implementation of Authentication Plugins are : - Form based authentication - HTTP Basic Authentication

Contribution Descriptors

Existing Contributions

Contributions are presented in the same order as the registration order on this extension point. This order is displayed before the contribution name, in brackets.

  • nuxeo-opencmis-bindings-7.10-HF07.jar /OSGI-INF/atom-contrib.xml
    <extension point="authenticators" target="org.nuxeo.ecm.platform.ui.web.auth.service.PluggableAuthenticationService">
        <authenticationPlugin class="org.nuxeo.ecm.platform.ui.web.auth.plugins.BasicAuthenticator" enabled="true" name="BASIC_AUTH">
          <parameters>
            <parameter name="ForcePromptURL_CMISAtomPub">atom/cmis</parameter>
            <parameter name="ForcePromptURL_CMIS10AtomPub">atom/cmis10</parameter>
          </parameters>
        </authenticationPlugin>
      </extension>
  • nuxeo-platform-web-common-7.10-HF07.jar /OSGI-INF/authentication-contrib.xml
    <extension point="authenticators" target="org.nuxeo.ecm.platform.ui.web.auth.service.PluggableAuthenticationService">
    
        <authenticationPlugin class="org.nuxeo.ecm.platform.ui.web.auth.plugins.FormAuthenticator" enabled="true" name="FORM_AUTH">
          <needStartingURLSaving>true</needStartingURLSaving>
          <parameters>
            <parameter name="LoginPage">login.jsp</parameter>
            <parameter name="UsernameKey">user_name</parameter>
            <parameter name="PasswordKey">user_password</parameter>
          </parameters>
        </authenticationPlugin>
    
        <authenticationPlugin class="org.nuxeo.ecm.platform.ui.web.auth.plugins.BasicAuthenticator" enabled="true" name="BASIC_AUTH">
          <needStartingURLSaving>false</needStartingURLSaving>
          <stateful>false</stateful>
          <parameters>
            <parameter name="RealmName">Nuxeo 5 EP</parameter>
            <parameter name="AutoPrompt">false</parameter>
            <parameter name="ForcePromptURL_RSS">
              getSyndicationDocument.faces
            </parameter>
            <parameter name="ForcePromptURL_RSS_SEARCH">
              getSyndicationSearch.faces
            </parameter>
            <parameter name="ForcePromptURL_Restlet">restAPI/</parameter>
            <parameter name="ForcePromptURL_WebEngineRest">site/api/</parameter>
            <parameter name="ForcePromptURL_WebEngineRSS">site/sites/@rss/</parameter>
            <parameter name="ForcePromptURL_WebEngineBlogsRSS">site/blogs/@rss/</parameter>
          </parameters>
        </authenticationPlugin>
    
        <authenticationPlugin class="org.nuxeo.ecm.platform.ui.web.auth.plugins.AnonymousAuthenticator" enabled="true" name="ANONYMOUS_AUTH">
          <loginModulePlugin>Trusting_LM</loginModulePlugin>
        </authenticationPlugin>
    
        <authenticationPlugin class="org.nuxeo.ecm.platform.ui.web.auth.plugins.WebServicesAuthenticator" enabled="true" name="WEBSERVICES_AUTH">
          <parameters>
            <parameter name="URLSkip">webservices/</parameter>
          </parameters>
        </authenticationPlugin>
      </extension>
  • nuxeo-application-definition-7.10.jar /OSGI-INF/application-authentication-contrib.xml
    <extension point="authenticators" target="org.nuxeo.ecm.platform.ui.web.auth.service.PluggableAuthenticationService">
    
        <authenticationPlugin class="org.nuxeo.ecm.mobile.filter.ApplicationFormAuthenticator" enabled="true" name="FORM_WEBENGINE_APPLICATION_AUTH">
          <needStartingURLSaving>true</needStartingURLSaving>
          <parameters>
            <parameter name="UsernameKey">user_name</parameter>
            <parameter name="PasswordKey">user_password</parameter>
          </parameters>
        </authenticationPlugin>
    
      </extension>
  • nuxeo-platform-login-shibboleth-7.10.jar /OSGI-INF/shibboleth-authenticators-contrib.xml
    <extension point="authenticators" target="org.nuxeo.ecm.platform.ui.web.auth.service.PluggableAuthenticationService">
        <authenticationPlugin class="org.nuxeo.ecm.platform.shibboleth.auth.ShibbolethAuthenticationPlugin" enabled="true" name="SHIB_AUTH">
          <loginModulePlugin>Trusting_LM</loginModulePlugin>
        </authenticationPlugin>
      </extension>
  • nuxeo-webengine-core-7.10-HF05.jar /OSGI-INF/authentication-contrib.xml
    <extension point="authenticators" target="org.nuxeo.ecm.platform.ui.web.auth.service.PluggableAuthenticationService">
        <authenticationPlugin class="org.nuxeo.ecm.webengine.login.WebEngineFormAuthenticator" enabled="true" name="WEBENGINE_FORM_AUTH">
          <needStartingURLSaving>true</needStartingURLSaving>
          <parameters>
            <parameter name="UsernameKey">username</parameter>
            <parameter name="PasswordKey">password</parameter>
          </parameters>
          <stateful>false</stateful>
        </authenticationPlugin>
      </extension>
  • nuxeo-platform-login-digest-7.10.jar /OSGI-INF/digest-authentication-contrib.xml
    <extension point="authenticators" target="org.nuxeo.ecm.platform.ui.web.auth.service.PluggableAuthenticationService">
        <authenticationPlugin class="org.nuxeo.ecm.ui.web.auth.digest.DigestAuthenticator" enabled="true" name="DIGEST_AUTH">
          <stateful>false</stateful>
          <loginModulePlugin>DigestLoginPlugin</loginModulePlugin>
        </authenticationPlugin>
      </extension>
  • nuxeo-drive-jsf-7.10.jar /OSGI-INF/nuxeodrive-token-authentication-contrib.xml
    <extension point="authenticators" target="org.nuxeo.ecm.platform.ui.web.auth.service.PluggableAuthenticationService">
    
        <authenticationPlugin class="org.nuxeo.ecm.platform.ui.web.auth.token.TokenAuthenticator" enabled="true" name="STATEFUL_TOKEN_AUTH">
          <loginModulePlugin>Trusting_LM</loginModulePlugin>
          <stateful>true</stateful>
        </authenticationPlugin>
    
      </extension>
  • nuxeo-platform-login-token-7.10-HF07.jar /OSGI-INF/token-authentication-contrib.xml
    <extension point="authenticators" target="org.nuxeo.ecm.platform.ui.web.auth.service.PluggableAuthenticationService">
    
        <documentation>
          Authentication plugin using a token to validate
          identity. This token is sent as a HTTP request header.
    
          The user is retrieved looking into a directory mapping unique tokens to user names.
    
          This Authentication Plugin is
          configured to be
          used with the Trusting_LM LoginModule plugin
          =&gt; no password check will be done, a
          principal will be
          created from the userName if the user exists in the user directory.
    
          Set the allowAnonymous parameter to true to
          allow token authentication for anonymous user.
    
          @author
          Antoine Taillefer (ataillefer@nuxeo.com)
        </documentation>
    
        <authenticationPlugin class="org.nuxeo.ecm.platform.ui.web.auth.token.TokenAuthenticator" enabled="true" name="TOKEN_AUTH">
          <loginModulePlugin>Trusting_LM</loginModulePlugin>
          <parameters>
            <parameter name="allowAnonymous">false</parameter>
          </parameters>
        </authenticationPlugin>
    
      </extension>
  • nuxeo-automation-server-7.10-HF07.jar /OSGI-INF/auth-contrib.xml
    <extension point="authenticators" target="org.nuxeo.ecm.platform.ui.web.auth.service.PluggableAuthenticationService">
        <authenticationPlugin class="org.nuxeo.ecm.platform.ui.web.auth.plugins.BasicAuthenticator" enabled="true" name="AUTOMATION_BASIC_AUTH">
          <parameters>
            <parameter name="AutoPrompt">true</parameter>
            <parameter name="RealmName">Nuxeo Automation</parameter>
            <parameter name="ExcludeBAHeader_Token">X-Authentication-Token</parameter>
            <parameter name="ExcludeBAHeader_Token">X-No-Basic-Header</parameter>
          </parameters>
        </authenticationPlugin>
      </extension>
  • nuxeo-web-mobile-cap-7.10.jar /OSGI-INF/web-mobile-authentification-chain-contrib.xml
    <extension point="authenticators" target="org.nuxeo.ecm.platform.ui.web.auth.service.PluggableAuthenticationService">
        <authenticationPlugin class="org.nuxeo.ecm.platform.ui.web.auth.plugins.BasicAuthenticator" enabled="true" name="BASIC_AUTH_STATEFUL">
          <needStartingURLSaving>true</needStartingURLSaving>
          <stateful>true</stateful>
          <parameters>
            <parameter name="UsernameKey">username</parameter>
            <parameter name="PasswordKey">password</parameter>
          </parameters>
        </authenticationPlugin>
      </extension>
  • nuxeo-opencmis-bindings-7.10-HF07.jar /OSGI-INF/json-contrib.xml
    <extension point="authenticators" target="org.nuxeo.ecm.platform.ui.web.auth.service.PluggableAuthenticationService">
        <authenticationPlugin class="org.nuxeo.ecm.platform.ui.web.auth.plugins.BasicAuthenticator" enabled="true" name="BASIC_AUTH">
          <parameters>
            <parameter name="ForcePromptURL_CMISJSON">json/cmis</parameter>
          </parameters>
        </authenticationPlugin>
      </extension>
  • nuxeo-runtime-7.10-HF06.jar /opt/tmp/tmp-explorer/nuxeo-cap-7.10-tomcat/nxserver/config/cas2-login-config.xml
    <extension point="authenticators" target="org.nuxeo.ecm.platform.ui.web.auth.service.PluggableAuthenticationService">
        <authenticationPlugin name="CAS2_AUTH">
          <needStartingURLSaving>true</needStartingURLSaving>
          <loginModulePlugin>Trusting_LM</loginModulePlugin>
          <parameters>
            <parameter name="appURL">http://localhost:8080/nuxeo/nxstartup.faces</parameter>
            <parameter name="serviceLoginURL">http://127.0.0.1:8080/cas/login</parameter>
            <parameter name="logoutURL">http://127.0.0.1:8080/cas/logout</parameter>
            <parameter name="serviceValidateURL">http://127.0.0.1:8080/cas/serviceValidate</parameter>
            <parameter name="serviceKey">service</parameter>
            <parameter name="ticketKey">ticket</parameter>
          </parameters>
        </authenticationPlugin>
    
        <authenticationPlugin class="org.nuxeo.ecm.platform.ui.web.auth.cas2.AnonymousAuthenticatorForCAS2" enabled="true" name="ANONYMOUS_AUTH_FOR_CAS2">
          <loginModulePlugin>Trusting_LM</loginModulePlugin>
        </authenticationPlugin>
      </extension>
  • nuxeo-platform-login-cas2-7.10.jar /OSGI-INF/CAS2-authenticator-contrib.xml
    <extension point="authenticators" target="org.nuxeo.ecm.platform.ui.web.auth.service.PluggableAuthenticationService">
          <authenticationPlugin class="org.nuxeo.ecm.platform.ui.web.auth.cas2.Cas2Authenticator" enabled="true" name="CAS2_AUTH">
           <loginModulePlugin>Trusting_LM</loginModulePlugin>
           <needStartingURLSaving>true</needStartingURLSaving>
           <parameters>
             <parameter name="ticketKey">ticket</parameter>
             <parameter name="ticketKey">proxy</parameter>
             <parameter name="appURL">http://127.0.0.1:8080/nuxeo/nxstartup.faces</parameter>
             <parameter name="serviceLoginURL">http://127.0.0.1:8080/cas/login</parameter>
             <parameter name="serviceValidateURL">http://127.0.0.1:8080/cas/serviceValidate</parameter>
             <parameter name="proxyValidateURL">http://127.0.0.1:8080/cas/proxyValidate</parameter>
             <parameter name="serviceKey">service</parameter>
           </parameters>
          </authenticationPlugin>
      </extension>
  • nuxeo-webdav-7.10.jar /OSGI-INF/auth-contrib.xml
    <extension point="authenticators" target="org.nuxeo.ecm.platform.ui.web.auth.service.PluggableAuthenticationService">
        <authenticationPlugin class="org.nuxeo.ecm.platform.ui.web.auth.plugins.BasicAuthenticator" enabled="true" name="WEBDAV_BASIC_AUTH">
          <parameters>
            <parameter name="AutoPrompt">true</parameter>
            <parameter name="RealmName">Nuxeo WebDAV</parameter>
          </parameters>
        </authenticationPlugin>
      </extension>