Re: [Ecm] Anonymous User

Mon, 04 Apr 2011 01:15:12 -0700 

Have done it on 5.3.0, it should still work on 5.4.1. 
1. add a authentication pluggin:


 
<require>org.nuxeo.ecm.platform.ui.web.auth.defaultConfig</require>
  <require>org.nuxeo.ecm.platform.login.anonymous</require>
  <extension
   
target="org.nuxeo.ecm.platform.ui.web.auth.service.PluggableAuthenticationService"
    point="authenticators">
    <authenticationPlugin name="DISPACHER_AUTH"
enabled="true"
     
class="com.nuxeo.project.laposte.login.AnonymousDispatcherAuthenticator">
      <loginModulePlugin>Trusting_LM</loginModulePlugin>
    </authenticationPlugin>
  </extension>

  <extension
target="org.nuxeo.ecm.platform.usermanager.UserService"
    point="userManager">
    <userManager>
      <users>
        <anonymousUser id="Guest">
          <property name="firstName">Guest</property>
          <property name="lastName">User</property>
        </anonymousUser>
      </users>
    </userManager>
  </extension>

  <extension
   
target="org.nuxeo.ecm.platform.ui.web.auth.service.PluggableAuthenticationService"
    point="chain">
    <authenticationChain>
      <plugins>
        <plugin>BASIC_AUTH</plugin>
        <plugin>DISPACHER_AUTH</plugin>
        <plugin>FORM_AUTH</plugin>
        <plugin>WEBSERVICES_AUTH</plugin>
      </plugins>
    </authenticationChain>
  </extension>


2. code the authenticator:
Quote:
> public class AnonymousDispatcherAuthenticator extends
> AnonymousAuthenticator{
> 
>     @Override
>     public UserIdentificationInfo
> handleRetrieveIdentity(
>             HttpServletRequest httpRequest,
> HttpServletResponse httpResponse) {
>         if (!initialized) {
>             try {
>                 anonymousLogin = 
> Framework.getService(UserManager.class).getAnonymousUserId()
> ;
>             } catch (Exception e) {
>                 e.printStackTrace();
>             }
>             initialized = true;
>         }
>         if (anonymousLogin == null) {
>             return null;
>         }
>         
> if(!httpRequest.getHeader(Constants.IS_ANONYMOUS).equals(Con
> stants.TRUE)) {
>             return null;
>         }
>         HttpSession session =
> httpRequest.getSession(false);
>         if (session != null
>                 && 
> Boolean.TRUE.equals(session.getAttribute(BLOCK_ANONYMOUS_LOG
> IN_KEY))) {
>             // next logout will clear the session anyway
> !!
>             //
> session.setAttribute(BLOCK_ANONYMOUS_LOGIN_KEY, false);
>             return null;
>         }
>         return new
> UserIdentificationInfo(anonymousLogin, anonymousLogin);
>     }
> }


in this code we had the front apache adding a header
depending on the url
---
Mailing list: [email protected]
Forum: http://forum.nuxeo.org/f/1/

Reply via email to