Extension point specificChains
Documentation
Contribute specific authentication chain for specific urls or request headers. This is usefull to be able to change the authentication plugins used for a dedicated protocol (WSS, WebDav ...)
Contribution Descriptors
- Class: org.nuxeo.ecm.platform.ui.web.auth.service.SpecificAuthChainDescriptor
Existing Contributions
Contributions are presented in the same order as the registration order on this extension point. This order is displayed before the contribution name, in brackets.
-
<extension point="specificChains" target="org.nuxeo.ecm.platform.ui.web.auth.service.PluggableAuthenticationService"> <specificAuthenticationChain name="WebDAV"> <urlPatterns> <url>(.*)/site/dav.*</url> </urlPatterns> <replacementChain> <plugin>DIGEST_AUTH</plugin> <plugin>WEBDAV_BASIC_AUTH</plugin> <plugin>ANONYMOUS_AUTH</plugin> </replacementChain> </specificAuthenticationChain> <specificAuthenticationChain name="WebDAV_Root"> <headers> <header name="User-Agent">(Microsoft-WebDAV-MiniRedir|DavClnt|litmus|gvfs|gnome-vfs|davfs|WebDAV|cadaver|BitKinex|GoodReader|DataAccess|iWorkHTTPKit).*</header> </headers> <replacementChain> <plugin>DIGEST_AUTH</plugin> <plugin>WEBDAV_BASIC_AUTH</plugin> </replacementChain> </specificAuthenticationChain> </extension>
-
<extension point="specificChains" target="org.nuxeo.ecm.platform.ui.web.auth.service.PluggableAuthenticationService"> <documentation> Override Automation specific authentication chain to use token authentication just after basic one. </documentation> <specificAuthenticationChain name="Automation"> <urlPatterns> <url>(.*)/automation.*</url> </urlPatterns> <replacementChain> <plugin>AUTOMATION_BASIC_AUTH</plugin> <plugin>TOKEN_AUTH</plugin> </replacementChain> </specificAuthenticationChain> <specificAuthenticationChain name="RestAPI"> <urlPatterns> <url>(.*)/api/v.*</url> </urlPatterns> <replacementChain> <plugin>AUTOMATION_BASIC_AUTH</plugin> <plugin>TOKEN_AUTH</plugin> </replacementChain> </specificAuthenticationChain> <documentation> Use token authentication if the related request header is sent. </documentation> <specificAuthenticationChain name="TokenAuth"> <headers> <header name="X-Authentication-Token">.*</header> </headers> <replacementChain> <plugin>TOKEN_AUTH</plugin> </replacementChain> </specificAuthenticationChain> </extension>
-
<extension point="specificChains" target="org.nuxeo.ecm.platform.ui.web.auth.service.PluggableAuthenticationService"> <specificAuthenticationChain name="RestAPI"> <urlPatterns> <url>(.*)/api/v.*</url> </urlPatterns> <replacementChain> <plugin>AUTOMATION_BASIC_AUTH</plugin> <plugin>TOKEN_AUTH</plugin> </replacementChain> </specificAuthenticationChain> </extension>
-
<extension point="specificChains" target="org.nuxeo.ecm.platform.ui.web.auth.service.PluggableAuthenticationService"> <specificAuthenticationChain name="Automation"> <urlPatterns> <url>(.*)/automation.*</url> </urlPatterns> <replacementChain> <plugin>AUTOMATION_BASIC_AUTH</plugin> </replacementChain> </specificAuthenticationChain> </extension>
-
<extension point="specificChains" target="org.nuxeo.ecm.platform.ui.web.auth.service.PluggableAuthenticationService"> <specificAuthenticationChain name="DriveMetadata"> <urlPatterns> <url>(.*)/view_drive_metadata.*</url> </urlPatterns> <replacementChain> <plugin>STATEFUL_TOKEN_AUTH</plugin> </replacementChain> </specificAuthenticationChain> </extension>