Extension point authenticators
Documentation
Registry for Authentication Plugins. Authentication plugins are responsible for : - generating the authentication prompt (if needed) - get the user identity - set the LoginModule that will be used for Login
Authentication plugin must implement the NuxeoAuthenticationPlugin interface.
Default implementation of Authentication Plugins are : - Form based authentication - HTTP Basic Authentication
Contribution Descriptors
- Class: org.nuxeo.ecm.platform.ui.web.auth.service.AuthenticationPluginDescriptor
Existing Contributions
Contributions are presented in the same order as the registration order on this extension point. This order is displayed before the contribution name, in brackets.
-
<extension point="authenticators" target="org.nuxeo.ecm.platform.ui.web.auth.service.PluggableAuthenticationService"> <authenticationPlugin class="org.nuxeo.ecm.platform.ui.web.auth.cas2.Cas2Authenticator" enabled="true" name="CAS2_AUTH"> <loginModulePlugin>Trusting_LM</loginModulePlugin> <needStartingURLSaving>true</needStartingURLSaving> <parameters> <parameter name="ticketKey">ticket</parameter> <parameter name="ticketKey">proxy</parameter> <parameter name="appURL">http://127.0.0.1:8080/nuxeo/nxstartup.faces</parameter> <parameter name="serviceLoginURL">http://127.0.0.1:8080/cas/login</parameter> <parameter name="serviceValidateURL">http://127.0.0.1:8080/cas/serviceValidate</parameter> <parameter name="proxyValidateURL">http://127.0.0.1:8080/cas/proxyValidate</parameter> <parameter name="serviceKey">service</parameter> </parameters> </authenticationPlugin> </extension>
-
<extension point="authenticators" target="org.nuxeo.ecm.platform.ui.web.auth.service.PluggableAuthenticationService"> <authenticationPlugin class="org.nuxeo.ecm.platform.shibboleth.auth.ShibbolethAuthenticationPlugin" enabled="true" name="SHIB_AUTH"> <loginModulePlugin>Trusting_LM</loginModulePlugin> </authenticationPlugin> </extension>
-
<extension point="authenticators" target="org.nuxeo.ecm.platform.ui.web.auth.service.PluggableAuthenticationService"> <authenticationPlugin name="CAS2_AUTH"> <needStartingURLSaving>true</needStartingURLSaving> <loginModulePlugin>Trusting_LM</loginModulePlugin> <parameters> <parameter name="appURL">http://localhost:8080/nuxeo/nxstartup.faces</parameter> <parameter name="serviceLoginURL">http://127.0.0.1:8080/cas/login</parameter> <parameter name="logoutURL">http://127.0.0.1:8080/cas/logout</parameter> <parameter name="serviceValidateURL">http://127.0.0.1:8080/cas/serviceValidate</parameter> <parameter name="serviceKey">service</parameter> <parameter name="ticketKey">ticket</parameter> </parameters> </authenticationPlugin> <authenticationPlugin class="org.nuxeo.ecm.platform.ui.web.auth.cas2.AnonymousAuthenticatorForCAS2" enabled="true" name="ANONYMOUS_AUTH_FOR_CAS2"> <loginModulePlugin>Trusting_LM</loginModulePlugin> </authenticationPlugin> </extension>
-
<extension point="authenticators" target="org.nuxeo.ecm.platform.ui.web.auth.service.PluggableAuthenticationService"> <authenticationPlugin class="org.nuxeo.ecm.webengine.login.WebEngineFormAuthenticator" enabled="true" name="WEBENGINE_FORM_AUTH"> <needStartingURLSaving>true</needStartingURLSaving> <parameters> <parameter name="UsernameKey">username</parameter> <parameter name="PasswordKey">password</parameter> </parameters> <stateful>false</stateful> </authenticationPlugin> </extension>
-
<extension point="authenticators" target="org.nuxeo.ecm.platform.ui.web.auth.service.PluggableAuthenticationService"> <authenticationPlugin class="org.nuxeo.ecm.platform.ui.web.auth.plugins.BasicAuthenticator" enabled="true" name="AUTOMATION_BASIC_AUTH"> <parameters> <parameter name="AutoPrompt">true</parameter> <parameter name="RealmName">Nuxeo Automation</parameter> <parameter name="ExcludeBAHeader_Token">X-Authentication-Token</parameter> <parameter name="ExcludeBAHeader_Token">X-No-Basic-Header</parameter> </parameters> </authenticationPlugin> </extension>
-
<extension point="authenticators" target="org.nuxeo.ecm.platform.ui.web.auth.service.PluggableAuthenticationService"> <authenticationPlugin class="org.nuxeo.ecm.platform.ui.web.auth.plugins.FormAuthenticator" enabled="true" name="FORM_AUTH"> <needStartingURLSaving>true</needStartingURLSaving> <parameters> <parameter name="LoginPage">login.jsp</parameter> <parameter name="UsernameKey">user_name</parameter> <parameter name="PasswordKey">user_password</parameter> </parameters> </authenticationPlugin> <authenticationPlugin class="org.nuxeo.ecm.platform.ui.web.auth.plugins.BasicAuthenticator" enabled="true" name="BASIC_AUTH"> <needStartingURLSaving>false</needStartingURLSaving> <stateful>false</stateful> <parameters> <parameter name="RealmName">Nuxeo 5 EP</parameter> <parameter name="AutoPrompt">false</parameter> <parameter name="ForcePromptURL_RSS"> getSyndicationDocument.faces </parameter> <parameter name="ForcePromptURL_RSS_SEARCH"> getSyndicationSearch.faces </parameter> <parameter name="ForcePromptURL_Restlet">restAPI/</parameter> <parameter name="ForcePromptURL_WebEngineRest">site/api/</parameter> <parameter name="ForcePromptURL_WebEngineRSS">site/sites/@rss/</parameter> <parameter name="ForcePromptURL_WebEngineBlogsRSS">site/blogs/@rss/</parameter> </parameters> </authenticationPlugin> <authenticationPlugin class="org.nuxeo.ecm.platform.ui.web.auth.plugins.AnonymousAuthenticator" enabled="true" name="ANONYMOUS_AUTH"> <loginModulePlugin>Trusting_LM</loginModulePlugin> </authenticationPlugin> <authenticationPlugin class="org.nuxeo.ecm.platform.ui.web.auth.plugins.WebServicesAuthenticator" enabled="true" name="WEBSERVICES_AUTH"> <parameters> <parameter name="URLSkip">webservices/</parameter> </parameters> </authenticationPlugin> </extension>
-
<extension point="authenticators" target="org.nuxeo.ecm.platform.ui.web.auth.service.PluggableAuthenticationService"> <authenticationPlugin class="org.nuxeo.ecm.ui.web.auth.digest.DigestAuthenticator" enabled="true" name="DIGEST_AUTH"> <stateful>false</stateful> <loginModulePlugin>DigestLoginPlugin</loginModulePlugin> </authenticationPlugin> </extension>
-
<extension point="authenticators" target="org.nuxeo.ecm.platform.ui.web.auth.service.PluggableAuthenticationService"> <documentation> Authentication plugin using a token to validate identity. This token is sent as a HTTP request header. The user is retrieved looking into a directory mapping unique tokens to user names. This Authentication Plugin is configured to be used with the Trusting_LM LoginModule plugin => no password check will be done, a principal will be created from the userName if the user exists in the user directory. Set the allowAnonymous parameter to true to allow token authentication for anonymous user. @author Antoine Taillefer (ataillefer@nuxeo.com) </documentation> <authenticationPlugin class="org.nuxeo.ecm.platform.ui.web.auth.token.TokenAuthenticator" enabled="true" name="TOKEN_AUTH"> <loginModulePlugin>Trusting_LM</loginModulePlugin> <parameters> <parameter name="allowAnonymous">false</parameter> </parameters> </authenticationPlugin> </extension>
-
<extension point="authenticators" target="org.nuxeo.ecm.platform.ui.web.auth.service.PluggableAuthenticationService"> <authenticationPlugin class="org.nuxeo.ecm.platform.ui.web.auth.token.TokenAuthenticator" enabled="true" name="STATEFUL_TOKEN_AUTH"> <loginModulePlugin>Trusting_LM</loginModulePlugin> <stateful>true</stateful> </authenticationPlugin> </extension>
-
<extension point="authenticators" target="org.nuxeo.ecm.platform.ui.web.auth.service.PluggableAuthenticationService"> <authenticationPlugin class="org.nuxeo.ecm.platform.ui.web.auth.plugins.BasicAuthenticator" enabled="true" name="WEBDAV_BASIC_AUTH"> <parameters> <parameter name="AutoPrompt">true</parameter> <parameter name="RealmName">Nuxeo WebDAV</parameter> </parameters> </authenticationPlugin> </extension>