Platform Explorer / Nuxeo Platform 2023.10

Extension point authenticators

In component org.nuxeo.ecm.platform.ui.web.auth.service.PluggableAuthenticationService

Documentation

Registry for Authentication Plugins. Authentication plugins are responsible for : - generating the authentication prompt (if needed) - get the user identity - checking the user credentials if they're not login/password based

Authentication plugin must implement the NuxeoAuthenticationPlugin interface.

Default implementation of Authentication Plugins are : - Form based authentication - HTTP Basic Authentication

Contribution Descriptors

  • Class: org.nuxeo.ecm.platform.ui.web.auth.service.AuthenticationPluginDescriptor

Existing Contributions

Contributions are presented in the same order as the registration order on this extension point. This order is displayed before the contribution name, in brackets.

  • nuxeo-platform-login-cas2-2023.10.13.jar /OSGI-INF/CAS2-authenticator-contrib.xml 
    <extension point="authenticators" target="org.nuxeo.ecm.platform.ui.web.auth.service.PluggableAuthenticationService">
      <authenticationPlugin class="org.nuxeo.ecm.platform.ui.web.auth.cas2.Cas2Authenticator" enabled="true" name="CAS2_AUTH">
       <needStartingURLSaving>true</needStartingURLSaving>
       <parameters>
         <parameter name="ticketKey">ticket</parameter>
         <parameter name="ticketKey">proxy</parameter>
         <parameter name="appURL">http://127.0.0.1:8080/nuxeo/nxstartup.faces</parameter>
         <parameter name="serviceLoginURL">http://127.0.0.1:8080/cas/login</parameter>
         <parameter name="serviceValidateURL">http://127.0.0.1:8080/cas/serviceValidate</parameter>
         <parameter name="proxyValidateURL">http://127.0.0.1:8080/cas/proxyValidate</parameter>
         <parameter name="serviceKey">service</parameter>
       </parameters>
      </authenticationPlugin>
  </extension>
    (0) nuxeo-platform-login-cas2-2023.10.13.jar/OSGI-INF/CAS2-authenticator-contrib.xml   Override
  • nuxeo-platform-login-digest-2023.10.13.jar /OSGI-INF/digest-authentication-contrib.xml 
    <extension point="authenticators" target="org.nuxeo.ecm.platform.ui.web.auth.service.PluggableAuthenticationService">
    <authenticationPlugin class="org.nuxeo.ecm.ui.web.auth.digest.DigestAuthenticator" enabled="true" name="DIGEST_AUTH">
      <stateful>false</stateful>
    </authenticationPlugin>
  </extension>
    (1) nuxeo-platform-login-digest-2023.10.13.jar/OSGI-INF/digest-authentication-contrib.xml   Override
  • nuxeo-platform-login-jwt-2023.10.13.jar /OSGI-INF/jwt-auth-contrib.xml 
    <extension point="authenticators" target="org.nuxeo.ecm.platform.ui.web.auth.service.PluggableAuthenticationService">
    <authenticationPlugin class="org.nuxeo.ecm.jwt.JWTAuthenticator" enabled="true" name="JWT_AUTH">
    </authenticationPlugin>
  </extension>
    (2) nuxeo-platform-login-jwt-2023.10.13.jar/OSGI-INF/jwt-auth-contrib.xml   Override
  • nuxeo-platform-login-shibboleth-2023.10.13.jar /OSGI-INF/shibboleth-authenticators-contrib.xml 
    <extension point="authenticators" target="org.nuxeo.ecm.platform.ui.web.auth.service.PluggableAuthenticationService">
    <authenticationPlugin class="org.nuxeo.ecm.platform.shibboleth.auth.ShibbolethAuthenticationPlugin" enabled="true" name="SHIB_AUTH">
    </authenticationPlugin>
  </extension>
    (3) nuxeo-platform-login-shibboleth-2023.10.13.jar/OSGI-INF/shibboleth-authenticators-contrib.xml   Override
  • nuxeo-platform-oauth-2023.10.13.jar /OSGI-INF/authentication-contrib.xml 
    <extension point="authenticators" target="org.nuxeo.ecm.platform.ui.web.auth.service.PluggableAuthenticationService">
    <authenticationPlugin class="org.nuxeo.ecm.platform.oauth2.NuxeoOAuth2Authenticator" enabled="true" name="OAUTH2_AUTH">
    </authenticationPlugin>
  </extension>
    (4) nuxeo-platform-oauth-2023.10.13.jar/OSGI-INF/authentication-contrib.xml   Override
  • nuxeo-platform-oauth1-2023.10.13.jar /OSGI-INF/authentication-contrib.xml 
    <extension point="authenticators" target="org.nuxeo.ecm.platform.ui.web.auth.service.PluggableAuthenticationService">
    <authenticationPlugin class="org.nuxeo.ecm.platform.ui.web.auth.oauth.NuxeoOAuth1Authenticator" enabled="true" name="OAUTH1_AUTH">
    </authenticationPlugin>
  </extension>
    (5) nuxeo-platform-oauth1-2023.10.13.jar/OSGI-INF/authentication-contrib.xml   Override
  • nuxeo-platform-web-common-2023.10.13.jar /OSGI-INF/authentication-contrib.xml 
    <?xml version='1.0' encoding='UTF-8'?>
<extension point="authenticators" target="org.nuxeo.ecm.platform.ui.web.auth.service.PluggableAuthenticationService">

    <authenticationPlugin class="org.nuxeo.ecm.platform.ui.web.auth.plugins.FormAuthenticator" enabled="true" name="FORM_AUTH">
      <needStartingURLSaving>true</needStartingURLSaving>
      <parameters>
        <parameter name="LoginPage">login.jsp</parameter>
        <parameter name="UsernameKey">user_name</parameter>
        <parameter name="PasswordKey">********</parameter>
      </parameters>
    </authenticationPlugin>

    <authenticationPlugin class="org.nuxeo.ecm.platform.ui.web.auth.plugins.BasicAuthenticator" enabled="true" name="BASIC_AUTH">
      <needStartingURLSaving>false</needStartingURLSaving>
      <stateful>false</stateful>
      <parameters>
        <parameter name="RealmName">Nuxeo 5 EP</parameter>
        <parameter name="AutoPrompt">false</parameter>
        <parameter name="ForcePromptURL_RSS">
          getSyndicationDocument.faces
        </parameter>
        <parameter name="ForcePromptURL_RSS_SEARCH">
          getSyndicationSearch.faces
        </parameter>
        <parameter name="ForcePromptURL_Restlet">restAPI/</parameter>
        <parameter name="ForcePromptURL_WebEngineRest">site/api/</parameter>
        <parameter name="ForcePromptURL_WebEngineRSS">site/sites/@rss/</parameter>
        <parameter name="ForcePromptURL_WebEngineBlogsRSS">site/blogs/@rss/</parameter>
      </parameters>
    </authenticationPlugin>

    <authenticationPlugin class="org.nuxeo.ecm.platform.ui.web.auth.plugins.AnonymousAuthenticator" enabled="true" name="ANONYMOUS_AUTH">
    </authenticationPlugin>
  </extension>
    (6) nuxeo-platform-web-common-2023.10.13.jar/OSGI-INF/authentication-contrib.xml   Override
  • nuxeo-automation-server-2023.10.13.jar /OSGI-INF/auth-contrib.xml 
    <extension point="authenticators" target="org.nuxeo.ecm.platform.ui.web.auth.service.PluggableAuthenticationService">
    <authenticationPlugin class="org.nuxeo.ecm.platform.ui.web.auth.plugins.BasicAuthenticator" enabled="true" name="AUTOMATION_BASIC_AUTH">
      <parameters>
        <parameter name="AutoPrompt">true</parameter>
        <parameter name="RealmName">Nuxeo Automation</parameter>
        <parameter name="ExcludeBAHeader_Token">X-Authentication-Token</parameter>
        <parameter name="ExcludeBAHeader_Token">X-No-Basic-Header</parameter>
        <parameter name="ExcludeBAHeader_COOKIE">Cookie</parameter>
      </parameters>
    </authenticationPlugin>
  </extension>
    (7) nuxeo-automation-server-2023.10.13.jar/OSGI-INF/auth-contrib.xml   Override
  • nuxeo-platform-login-token-2023.10.13.jar /OSGI-INF/token-authentication-contrib.xml 
    <extension point="authenticators" target="org.nuxeo.ecm.platform.ui.web.auth.service.PluggableAuthenticationService">

    <documentation>
      Authentication plugin using a token to validate
      identity. This token is sent as a HTTP request header.

      The user is retrieved looking into a directory mapping unique tokens to user names.

      Set the allowAnonymous parameter to true to
      allow token authentication for anonymous user.

      @author
      Antoine Taillefer (ataillefer@nuxeo.com)
    </documentation>

    <authenticationPlugin class="org.nuxeo.ecm.platform.ui.web.auth.token.TokenAuthenticator" enabled="true" name="TOKEN_AUTH">
      <parameters>
        <parameter name="allowAnonymous">false</parameter>
      </parameters>
    </authenticationPlugin>

  </extension>
    (8) nuxeo-platform-login-token-2023.10.13.jar/OSGI-INF/token-authentication-contrib.xml   Override
  • nuxeo-webdav-2023.10.13.jar /OSGI-INF/auth-contrib.xml 
    <extension point="authenticators" target="org.nuxeo.ecm.platform.ui.web.auth.service.PluggableAuthenticationService">
    <authenticationPlugin class="org.nuxeo.ecm.platform.ui.web.auth.plugins.BasicAuthenticator" enabled="true" name="WEBDAV_BASIC_AUTH">
      <parameters>
        <parameter name="AutoPrompt">true</parameter>
        <parameter name="RealmName">Nuxeo WebDAV</parameter>
      </parameters>
    </authenticationPlugin>
  </extension>
    (9) nuxeo-webdav-2023.10.13.jar/OSGI-INF/auth-contrib.xml   Override
  • nuxeo-webengine-core-2023.10.13.jar /OSGI-INF/authentication-contrib.xml 
    <?xml version='1.0' encoding='UTF-8'?>
<extension point="authenticators" target="org.nuxeo.ecm.platform.ui.web.auth.service.PluggableAuthenticationService">
    <authenticationPlugin class="org.nuxeo.ecm.webengine.login.WebEngineFormAuthenticator" enabled="true" name="WEBENGINE_FORM_AUTH">
      <needStartingURLSaving>true</needStartingURLSaving>
      <parameters>
        <parameter name="UsernameKey">username</parameter>
        <parameter name="PasswordKey">********</parameter>
      </parameters>
      <stateful>false</stateful>
    </authenticationPlugin>
  </extension>
    (10) nuxeo-webengine-core-2023.10.13.jar/OSGI-INF/authentication-contrib.xml   Override