Hi all, Please see : https://jira.nuxeo.org/browse/NXP-4643
I'll try to work on that ASAP. But I don't want to handle only the WSS / Anonymous issue : - there are other login plugins that can be problematic with WSS (CAS or any web based SSO will have the same issue) - other connectors than WSS will have the same kind of issue (CMIS, WebDav ....) => I'll try to find a generic solution since I don't want to hard code any url pattern every single auth plugin. Best regards, Tiry 2010/1/28 Sean Radford <[email protected]> > To keep others 'in the loop'. > > Christophe has sent me the code that circumvents this issue. It consists > of a modification to the AnonymousAuthenticator#handleRetrieveIdentity(...) > method: > > public UserIdentificationInfo handleRetrieveIdentity( > HttpServletRequest httpRequest, HttpServletResponse httpResponse) > { > // START OF NEW CODE > if (httpRequest.getServletPath().contains("vti")) { > return null; > } > // END OF NEW CODE if (!initialized) { > ... > } > > I would then guess this could then be deployed in 2 ways: > > 1. Change the original source and install in the nuxeo.war/system directory > as a new replacement nuxeo-platform-web-common.jar > 2. In a custom plugin create a subclass of AnonymousAuthenticator, override > the handleRetrieveIdentity method, add in the new code and delegate to super > if the case is not satisfied. Then re-declare the ANONYMOUS_AUTH > authenticationPlugin to get this new class used instead of the original > Nuxeo one. > > Out of the two options I would go with 2 as it means no changes to original > Nuxeo code - much better. > > I also note that the tip source code for AnonymousAuthenticator.java does > not have this modification. Does anyone think it will/should be applied? > > Thanks, > > Sean > > P.S. Of course a simple alternative solution is to place a servlet filter > in front of the Nuxeo AuthenticationFilter and add the HttpRequest attribute > 'org.nuxeo.ecm.platform.ui.web.auth.anonymous.block' > (AnonymousAuthenticator.BLOCK_ANONYMOUS_LOGIN_KEY) to TRUE so the current > Nuxeo AnonymousAuthenticator will not perform login. > > > > Sean Radford wrote: > >> Hi Christophe, >> >> That would be excellent. >> >> (I've looked in mercurial but can't see anything that could be the plugin >> you mention) >> >> Thanks and regards, >> >> Sean >> >> Christophe Capon wrote: >> >>> Hi Sean, as far as I remember, my team has developed a plugin >>> correcting this behaviour, during a training session with nuxeo. I >>> just have to check this, 'cause I am out of the office. Regards, >>> Christophe. >>> >>> 2010/1/26, Sean Radford <[email protected]>: >>> >>> >>>> Hi, >>>> >>>> I have a 5.3 server setup and can configure and run a Network/Web >>>> Location from a Windows box ok. >>>> >>>> However, if I configure the server with an anonymous user I do not get >>>> the option to enter a username/password and so can only navigate guest >>>> workspaces. >>>> >>>> Is this an issue/deficiency with Nuxeo, or is there a way somehow to >>>> tell windows I WANT to login with MY DETAILS? >>>> >>>> Looking forward to peoples responses and views. >>>> >>>> Thanks, >>>> >>>> Sean >>>> >>>> -- >>>> Dr. Sean Radford, MBBS, MSc >>>> http://www.tacola.com/ >>>> t: +44 (0)845 KEY HELP >>>> t: +44 (0)845 539 4357 >>>> m: +44 (0)7802 24 24 86 >>>> >>>> _______________________________________________ >>>> ECM mailing list >>>> [email protected] >>>> http://lists.nuxeo.com/mailman/listinfo/ecm >>>> To unsubscribe, go to http://lists.nuxeo.com/mailman/options/ecm >>>> >>>> >>>> >>> >>> >>> >> >> >> > > -- > Dr. Sean Radford, MBBS, MSc > http://www.tacola.com/ > t: +44 (0)845 KEY HELP > t: +44 (0)845 539 4357 > m: +44 (0)7802 24 24 86 > >
_______________________________________________ ECM mailing list [email protected] http://lists.nuxeo.com/mailman/listinfo/ecm To unsubscribe, go to http://lists.nuxeo.com/mailman/options/ecm
