To keep others 'in the loop'.
Christophe has sent me the code that circumvents this issue. It
consists of a modification to the
AnonymousAuthenticator#handleRetrieveIdentity(...) method:
public UserIdentificationInfo handleRetrieveIdentity(
HttpServletRequest httpRequest, HttpServletResponse
httpResponse) {
// START OF NEW CODE
if (httpRequest.getServletPath().contains("vti")) {
return null;
}
// END OF NEW CODE
if (!initialized) {
...
}
I would then guess this could then be deployed in 2 ways:
1. Change the original source and install in the nuxeo.war/system
directory as a new replacement nuxeo-platform-web-common.jar
2. In a custom plugin create a subclass of AnonymousAuthenticator,
override the handleRetrieveIdentity method, add in the new code and
delegate to super if the case is not satisfied. Then re-declare the
ANONYMOUS_AUTH authenticationPlugin to get this new class used instead
of the original Nuxeo one.
Out of the two options I would go with 2 as it means no changes to
original Nuxeo code - much better.
I also note that the tip source code for AnonymousAuthenticator.java
does not have this modification. Does anyone think it will/should be
applied?
Thanks,
Sean
P.S. Of course a simple alternative solution is to place a servlet
filter in front of the Nuxeo AuthenticationFilter and add the
HttpRequest attribute
'org.nuxeo.ecm.platform.ui.web.auth.anonymous.block'
(AnonymousAuthenticator.BLOCK_ANONYMOUS_LOGIN_KEY) to TRUE so the
current Nuxeo AnonymousAuthenticator will not perform login.
Sean Radford wrote:
Hi Christophe,
That would be excellent.
(I've looked in mercurial but can't see anything that could be the
plugin you mention)
Thanks and regards,
Sean
Christophe Capon wrote:
Hi Sean, as far as I remember, my team has developed a plugin
correcting this behaviour, during a training session with nuxeo. I
just have to check this, 'cause I am out of the office. Regards,
Christophe.
2010/1/26, Sean Radford <[email protected]>:
Hi,
I have a 5.3 server setup and can configure and run a Network/Web
Location from a Windows box ok.
However, if I configure the server with an anonymous user I do not get
the option to enter a username/password and so can only navigate guest
workspaces.
Is this an issue/deficiency with Nuxeo, or is there a way somehow to
tell windows I WANT to login with MY DETAILS?
Looking forward to peoples responses and views.
Thanks,
Sean
--
Dr. Sean Radford, MBBS, MSc
http://www.tacola.com/
t: +44 (0)845 KEY HELP
t: +44 (0)845 539 4357
m: +44 (0)7802 24 24 86
_______________________________________________
ECM mailing list
[email protected]
http://lists.nuxeo.com/mailman/listinfo/ecm
To unsubscribe, go to http://lists.nuxeo.com/mailman/options/ecm
--
Dr. Sean Radford, MBBS, MSc
http://www.tacola.com/
t: +44 (0)845 KEY HELP
t: +44 (0)845 539 4357
m: +44 (0)7802 24 24 86
_______________________________________________
ECM mailing list
[email protected]
http://lists.nuxeo.com/mailman/listinfo/ecm
To unsubscribe, go to http://lists.nuxeo.com/mailman/options/ecm
