Component org.nuxeo.ecm.platform.ui.web.auth.service.PluggableAuthenticationService
In bundle org.nuxeo.ecm.platform.web.common
Documentation
The pluggable authentication service defines a plugin API for the Nuxeo Authentication Filter. This service let you : - define new Authentication Plugins - define authentication chains
Resolution Order
629
The resolution order represents the order in which this component has been resolved by the Nuxeo Runtime
framework.
You can influence this order by adding "require" tags in your component declaration, to make sure it is resolved after another component.
Start Order
932
The start order represents the order in which this component has been started by the Nuxeo Runtime framework.
This number is interesting to tweak if your Java component interacts with other components, and needs to be started before or after another one.
It can be changed by implementing the method "Component#getApplicationStartedOrder()" on your Java component: components are sorted according to this reference value, in increasing order.
The default value is 1000, and the repository initialization uses number 100. Negative values can also be used.
Implementation
Class:
org.nuxeo.ecm.platform.ui.web.auth.service.PluggableAuthenticationService
Extension Points
- authenticators
- chain
- startURL
- propagator
- callBackHandlerFactory
- sessionManager
- openUrl
- specificChains
- loginScreen
Contributions
XML Source
<?xml version="1.0"?>
<component name="org.nuxeo.ecm.platform.ui.web.auth.service.PluggableAuthenticationService">
<implementation
class="org.nuxeo.ecm.platform.ui.web.auth.service.PluggableAuthenticationService" />
<documentation>
The pluggable authentication service defines a plugin API for the Nuxeo Authentication Filter.
This service let you :
- define new Authentication Plugins
- define authentication chains
@author Thierry Delprat (td@nuxeo.com)
</documentation>
<extension target="org.nuxeo.runtime.LoginAsComponent" point="implementation">
<implementation class="org.nuxeo.ecm.platform.ui.web.auth.service.LoginAsImpl" />
</extension>
<extension-point name="authenticators">
<documentation>
Registry for Authentication Plugins.
Authentication plugins are responsible for :
- generating the authentication prompt (if needed)
- get the user identity
- set the LoginModule that will be used for Login
Authentication plugin must implement the NuxeoAuthenticationPlugin interface.
Default implementation of Authentication Plugins are :
- Form based authentication
- HTTP Basic Authentication
@author Thierry Delprat (td@nuxeo.com)
</documentation>
<object
class="org.nuxeo.ecm.platform.ui.web.auth.service.AuthenticationPluginDescriptor" />
</extension-point>
<extension-point name="chain">
<documentation>
Defines the chain of AuthenticationPlugin to use when trying to authenticate.
= The authentication Plugins are tried in the chain order.
@author Thierry Delprat (td@nuxeo.com)
</documentation>
<object
class="org.nuxeo.ecm.platform.ui.web.auth.service.AuthenticationChainDescriptor" />
</extension-point>
<extension-point name="startURL">
<documentation>
Defines a list of URL prefix that is considered safe to start a new session.
Typically, in default webapp you will have :
- GET url patterns
- nxstartup.faces
- RSS/ATOM get URL
@author Thierry Delprat (td@nuxeo.com)
</documentation>
<object
class="org.nuxeo.ecm.platform.ui.web.auth.service.StartURLPatternDescriptor" />
</extension-point>
<extension-point name="propagator">
<documentation>
Contribute a App Server specific security propagation handler.
Usefull to externalize dependencies on JBossSX
@author Thierry Delprat (td@nuxeo.com)
</documentation>
<object
class="org.nuxeo.ecm.platform.ui.web.auth.service.AuthenticationPropagatorDescriptor" />
</extension-point>
<extension-point name="callBackHandlerFactory">
<documentation>
Contribute a App Server specific JAAS CallBackHandler Factory
Usefull to externalize dependencies on JBossSX
@author Thierry Delprat (td@nuxeo.com)
</documentation>
<object
class="org.nuxeo.ecm.platform.ui.web.auth.service.CallbackHandlerFactoryDescriptor" />
</extension-point>
<extension-point name="sessionManager">
<documentation>
Contribute a SessionManager to handle Session and url manipulation
@author Thierry Delprat (td@nuxeo.com)
</documentation>
<object
class="org.nuxeo.ecm.platform.ui.web.auth.service.SessionManagerDescriptor" />
</extension-point>
<extension-point name="openUrl">
<documentation>
Contribute pattern to define urls that can be accessed without authentication
@author Thierry Delprat (td@nuxeo.com)
</documentation>
<object
class="org.nuxeo.ecm.platform.ui.web.auth.service.OpenUrlDescriptor" />
</extension-point>
<extension-point name="specificChains">
<documentation>
Contribute specific authentication chain for specific urls or request headers.
This is usefull to be able to change the authentication plugins used for a dedicated protocol (WSS, WebDav ...)
@author Thierry Delprat (td@nuxeo.com)
</documentation>
<object
class="org.nuxeo.ecm.platform.ui.web.auth.service.SpecificAuthChainDescriptor" />
</extension-point>
<extension-point name="loginScreen">
<documentation>
Configure the Login Screen : header, footer, styles, openid providers ...
<p>
The variable ${org.nuxeo.ecm.contextPath} can be used to avoid
hardcoding the default application path (/nuxeo)
</p>
@author Thierry Delprat (td@nuxeo.com)
</documentation>
<object class="org.nuxeo.ecm.platform.ui.web.auth.service.LoginScreenConfig" />
</extension-point>
</component>