Platform Explorer / Nuxeo Platform 2023.24

Component org.nuxeo.ecm.platform.shibboleth.service.ShibbolethAuthenticationService

Documentation

The Shibboleth Authentication Service handles the configuration to use when connecting to Shibboleth for the authentication in Nuxeo.

Resolution Order

411
The resolution order represents the order in which this component has been resolved by the Nuxeo Runtime framework.
You can influence this order by adding "require" tags in your component declaration, to make sure it is resolved after another component.

Start Order

876
The start order represents the order in which this component has been started by the Nuxeo Runtime framework.
This number is interesting to tweak if your Java component interacts with other components, and needs to be started before or after another one.
It can be changed by implementing the method "Component#getApplicationStartedOrder()" on your Java component: components are sorted according to this reference value, in increasing order.
The default value is 1000, and the repository initialization uses number 100. Negative values can also be used.

Implementation

Class: org.nuxeo.ecm.platform.shibboleth.service.ShibbolethAuthenticationServiceImpl

Services

Extension Points

XML Source

<?xml version="1.0"?>
<component
  name="org.nuxeo.ecm.platform.shibboleth.service.ShibbolethAuthenticationService">

  <documentation>
    The Shibboleth Authentication Service handles the configuration to use
    when connecting to Shibboleth for the authentication in Nuxeo.

    @author Quentin Lamerand (qlamerand@nuxeo.com)
  </documentation>

  <service>
    <provide
      interface="org.nuxeo.ecm.platform.shibboleth.service.ShibbolethAuthenticationService" />
  </service>

  <implementation
    class="org.nuxeo.ecm.platform.shibboleth.service.ShibbolethAuthenticationServiceImpl" />

  <extension-point name="config">
    <documentation>
      Hold configuration for the Shibboleth Authentication Service. Contains:
      * the mapping between request headers and user fields
      * which header is used as user Id depending of the chosen IdP
      * the login / logout URLs for Shibboleth

      A sample configuration could be:
      <code>
        <extension
          target="org.nuxeo.ecm.platform.shibboleth.service.ShibbolethAuthenticationService"
          point="config">
          <config headerEncoding="utf-8">
            <uidHeaders>
              <uidHeader idpUrl="https://specific.idp">differentUid</uidHeader>
              <default>uid</default>
            </uidHeaders>

            <loginURL>https://host/Shibboleth.sso/WAYF</loginURL>
            <logoutURL>https://host/Shibboleth.sso/Logout</logoutURL>

            <fieldMapping header="uid">username</fieldMapping>
            <fieldMapping header="mail">email</fieldMapping>
          </config>
        </extension>
      </code>
    </documentation>
    <object
      class="org.nuxeo.ecm.platform.shibboleth.service.ShibbolethAuthenticationConfig" />
  </extension-point>

</component>