Platform Explorer / Nuxeo Platform 2023.9

Component org.nuxeo.ecm.login.token.authentication.contrib

In bundle org.nuxeo.ecm.platform.login.token

Requirements

Resolution Order

609
The resolution order represents the order in which this component has been resolved by the Nuxeo Runtime framework.
You can influence this order by adding "require" tags in your component declaration, to make sure it is resolved after another component.

Contributions

XML Source

<?xml version="1.0"?>
<component name="org.nuxeo.ecm.login.token.authentication.contrib">

  <!-- Replace Automation specific authentication chain -->
  <require>org.nuxeo.ecm.automation.server.auth.config</require>

  <extension target="org.nuxeo.ecm.platform.ui.web.auth.service.PluggableAuthenticationService" point="authenticators">

    <documentation>
      Authentication plugin using a token to validate
      identity. This token is sent as a HTTP request header.

      The user is retrieved looking into a directory mapping unique tokens to user names.

      Set the allowAnonymous parameter to true to
      allow token authentication for anonymous user.

      @author
      Antoine Taillefer (ataillefer@nuxeo.com)
    </documentation>

    <authenticationPlugin name="TOKEN_AUTH" enabled="true"
      class="org.nuxeo.ecm.platform.ui.web.auth.token.TokenAuthenticator">
      <parameters>
        <parameter name="allowAnonymous">false</parameter>
      </parameters>
    </authenticationPlugin>

  </extension>

  <extension target="org.nuxeo.ecm.platform.ui.web.auth.service.PluggableAuthenticationService" point="specificChains">

    <documentation>
      Override Automation specific authentication chain to
      use token authentication just after basic one.
    </documentation>

    <specificAuthenticationChain name="Automation">

      <urlPatterns>
        <url>(.*)/automation.*</url>
      </urlPatterns>
      <replacementChain>
        <plugin>AUTOMATION_BASIC_AUTH</plugin>
        <plugin>TOKEN_AUTH</plugin>
        <plugin>OAUTH2_AUTH</plugin>
        <plugin>JWT_AUTH</plugin>
      </replacementChain>
    </specificAuthenticationChain>

    <specificAuthenticationChain name="RestAPI">
      <urlPatterns>
        <url>(.*)/api/v.*</url>
      </urlPatterns>
      <replacementChain>
        <plugin>AUTOMATION_BASIC_AUTH</plugin>
        <plugin>TOKEN_AUTH</plugin>
        <plugin>OAUTH2_AUTH</plugin>
        <plugin>JWT_AUTH</plugin>
      </replacementChain>
    </specificAuthenticationChain>



    <documentation>
      Use token authentication if the related request
      header is sent.
    </documentation>

    <specificAuthenticationChain name="TokenAuth">
      <headers>
        <header name="X-Authentication-Token">.*</header>
      </headers>
      <replacementChain>
        <plugin>TOKEN_AUTH</plugin>
      </replacementChain>
    </specificAuthenticationChain>

  </extension>

  <extension target="org.nuxeo.ecm.platform.ui.web.auth.service.PluggableAuthenticationService" point="startURL">

    <startURLPattern>
      <patterns>
        <pattern>acquire_token.jsp</pattern>
      </patterns>
    </startURLPattern>

  </extension>

</component>