我正在尝试在Wordpress和Alfresco之间配置单点登录,因此我在wordpress管理面板上添加了WordPress OAuth2提供程序插件。 WordPress插件
我创建了一个客户端并将重定向 uri 插入到我的 alfresco,插件给了我一个密钥和一个秘密。现在,登录wordpress后,我转到我的博客并单击链接以继续alfresco,但是带有url的页面:
http://localhost:8080/share/page/repository?oauth=authorize&response_type=code&client_id=**************&client_secret=**************&redirect_uri=http%3A%2F%2Flocalhost%2F%3Fauth%3Dssoe
露天登录
再次询问我的用户名和密码!我怎样才能配置Alfresco,以便它被记录在那些凭据中?感谢任何想帮助我的人,对不起我的英语不好。
Alfresco包括多个身份验证系统,包括Alfresco数据库,Active Directory,LDAP,Kerberos,External,并且可以设置为使用其中一个或它们的组合进行身份验证。通常,这些身份验证系统涵盖了所需的大多数身份验证组合和机制。
您也可以使用露天自定义认证子系统, 在这种情况下,您需要传递要对用户进行身份验证的条件, 这是用于身份验证的 Java 类的一些片段
package org.alfresco.tutorial.repo.security.authentication;
import net.sf.acegisecurity.Authentication;
import org.alfresco.error.AlfrescoRuntimeException;
import org.alfresco.repo.security.authentication.AbstractAuthenticationComponent;
import org.alfresco.repo.security.authentication.AuthenticationException;
import org.apache.commons.codec.binary.StringUtils;
import org.apache.commons.logging.Log;
import org.apache.commons.logging.LogFactory;
public class CustomAuthenticationComponentImpl extends AbstractAuthenticationComponent {
private static final Log LOG = LogFactory.getLog(CustomAuthenticationComponentImpl.class);
/**
* Some custom properties that could be used to inject a remote login server hostname and port.
* Not used at the moment but demonstrates property injection in custom authentication component.
*/
private String remoteAuthenticatorHostname;
private String remoteAuthenticatorPort;
public void setRemoteAuthenticatorHostname(String remoteAuthenticatorHostname) {
this.remoteAuthenticatorHostname = remoteAuthenticatorHostname;
}
public void setRemoteAuthenticatorPort(String remoteAuthenticatorPort) {
this.remoteAuthenticatorPort = remoteAuthenticatorPort;
}
public void authenticateImpl(String userName, char[] password) throws AuthenticationException {
if (LOG.isDebugEnabled()) {
LOG.debug("Login request(" + remoteAuthenticatorHostname + ":" + remoteAuthenticatorPort +
") : [userName=" + userName + "][password=" + String.valueOf(password) + "]");
}
// Do your custom authentication here, and then set the current user (in this example we are only allowing
// john to authenticate successfully, and we don't check pwd)
// You would typically connect to the remote authentication mechanism to verify username/pwd...
if (StringUtils.equals(userName, "john") || isGuestUserName(userName) ||
getDefaultAdministratorUserNames().contains(userName)) {
setCurrentUser(userName);
} else {
String msg = "Login request: username not recognized [userName=" + userName + "]";
LOG.error(msg);
throw new AuthenticationException(msg);
}
}
/**
* The default is not to support token base authentication
*/
public Authentication authenticate(Authentication token) throws AuthenticationException {
throw new AlfrescoRuntimeException("Authentication via token not supported");
}
/**
* This authentication component implementation allows guest login
* @return
*/
@Override
protected boolean implementationAllowsGuestLogin() {
return true;
}
}
有关更多详细信息,请参阅此文档
为外部身份验证配置Alfresco可能更容易,然后在Alfresco前面添加一个代理,可以处理你的OAuth2令牌。Alfresco本身不支持OAuth2。因此,除非您使用外部,否则您必须自己编写身份验证代码。