Platform Explorer / Nuxeo Platform 6.0

Extension point authenticators

Documentation

Registry for Authentication Plugins. Authentication plugins are responsible for : - generating the authentication prompt (if needed) - get the user identity - set the LoginModule that will be used for Login

Authentication plugin must implement the NuxeoAuthenticationPlugin interface.

Default implementation of Authentication Plugins are : - Form based authentication - HTTP Basic Authentication

Contribution Descriptors

  • Class: org.nuxeo.ecm.platform.ui.web.auth.service.AuthenticationPluginDescriptor

Existing Contributions

Contributions are presented in the same order as the registration order on this extension point. This order is displayed before the contribution name, in brackets.

  • nuxeo-web-mobile-cap-6.0.jar
    <extension point="authenticators" target="org.nuxeo.ecm.platform.ui.web.auth.service.PluggableAuthenticationService">
        <authenticationPlugin class="org.nuxeo.ecm.platform.ui.web.auth.plugins.BasicAuthenticator" enabled="true" name="BASIC_AUTH_STATEFUL">
          <needStartingURLSaving>true</needStartingURLSaving>
          <stateful>true</stateful>
          <parameters>
            <parameter name="UsernameKey">username</parameter>
            <parameter name="PasswordKey">password</parameter>
          </parameters>
        </authenticationPlugin>
      </extension>
  • nuxeo-webengine-sites-6.0.jar
    <extension point="authenticators" target="org.nuxeo.ecm.platform.ui.web.auth.service.PluggableAuthenticationService">
        <authenticationPlugin class="org.nuxeo.ecm.platform.ui.web.auth.plugins.BasicAuthenticator" enabled="true" name="BASIC_AUTH">
          <parameters>
             <parameter name="ForcePromptURL_RSS_WEBENGINE_PAGE">
              site/sites/@rss
              </parameter>
          </parameters>
        </authenticationPlugin>
      </extension>
  • nuxeo-runtime-6.0.jar
    <extension point="authenticators" target="org.nuxeo.ecm.platform.ui.web.auth.service.PluggableAuthenticationService">
        <authenticationPlugin name="CAS2_AUTH">
          <needStartingURLSaving>true</needStartingURLSaving>
          <loginModulePlugin>Trusting_LM</loginModulePlugin>
          <parameters>
            <parameter name="appURL">http://localhost:8080/nuxeo/nxstartup.faces</parameter>
            <parameter name="serviceLoginURL">http://127.0.0.1:8080/cas/login</parameter>
            <parameter name="logoutURL">http://127.0.0.1:8080/cas/logout</parameter>
            <parameter name="serviceValidateURL">http://127.0.0.1:8080/cas/serviceValidate</parameter>
            <parameter name="serviceKey">service</parameter>
            <parameter name="ticketKey">ticket</parameter>
          </parameters>
        </authenticationPlugin>
    
        <authenticationPlugin class="org.nuxeo.ecm.platform.ui.web.auth.cas2.AnonymousAuthenticatorForCAS2" enabled="true" name="ANONYMOUS_AUTH_FOR_CAS2">
          <loginModulePlugin>Trusting_LM</loginModulePlugin>
        </authenticationPlugin>
      </extension>
  • nuxeo-platform-login-shibboleth-6.0.jar
    <extension point="authenticators" target="org.nuxeo.ecm.platform.ui.web.auth.service.PluggableAuthenticationService">
        <authenticationPlugin class="org.nuxeo.ecm.platform.shibboleth.auth.ShibbolethAuthenticationPlugin" enabled="true" name="SHIB_AUTH">
          <loginModulePlugin>Trusting_LM</loginModulePlugin>
        </authenticationPlugin>
      </extension>
  • nuxeo-opencmis-bindings-6.0.jar
    <extension point="authenticators" target="org.nuxeo.ecm.platform.ui.web.auth.service.PluggableAuthenticationService">
        <authenticationPlugin class="org.nuxeo.ecm.platform.ui.web.auth.plugins.BasicAuthenticator" enabled="true" name="BASIC_AUTH">
          <parameters>
            <parameter name="ForcePromptURL_CMISAtomPub">atom/cmis</parameter>
          </parameters>
        </authenticationPlugin>
      </extension>
  • nuxeo-webengine-blogs-6.0.jar
    <extension point="authenticators" target="org.nuxeo.ecm.platform.ui.web.auth.service.PluggableAuthenticationService">
        <authenticationPlugin class="org.nuxeo.ecm.platform.ui.web.auth.plugins.BasicAuthenticator" enabled="true" name="BASIC_AUTH">
          <parameters>
             <parameter name="ForcePromptURL_RSS_WEBENGINE_BLOG">
              site/blogs/@rss
              </parameter>
          </parameters>
        </authenticationPlugin>
      </extension>
  • nuxeo-webdav-6.0.jar
    <extension point="authenticators" target="org.nuxeo.ecm.platform.ui.web.auth.service.PluggableAuthenticationService">
        <authenticationPlugin class="org.nuxeo.ecm.platform.ui.web.auth.plugins.BasicAuthenticator" enabled="true" name="WEBDAV_BASIC_AUTH">
          <parameters>
            <parameter name="AutoPrompt">true</parameter>
            <parameter name="RealmName">Nuxeo WebDAV</parameter>
          </parameters>
        </authenticationPlugin>
      </extension>
  • nuxeo-platform-login-cas2-6.0.jar
    <extension point="authenticators" target="org.nuxeo.ecm.platform.ui.web.auth.service.PluggableAuthenticationService">
          <authenticationPlugin class="org.nuxeo.ecm.platform.ui.web.auth.cas2.Cas2Authenticator" enabled="true" name="CAS2_AUTH">
           <loginModulePlugin>Trusting_LM</loginModulePlugin>
           <needStartingURLSaving>true</needStartingURLSaving>
           <parameters>
             <parameter name="ticketKey">ticket</parameter>
             <parameter name="ticketKey">proxy</parameter>
             <parameter name="appURL">http://127.0.0.1:8080/nuxeo/nxstartup.faces</parameter>
             <parameter name="serviceLoginURL">http://127.0.0.1:8080/cas/login</parameter>
             <parameter name="serviceValidateURL">http://127.0.0.1:8080/cas/serviceValidate</parameter>
             <parameter name="proxyValidateURL">http://127.0.0.1:8080/cas/proxyValidate</parameter>
             <parameter name="serviceKey">service</parameter>
           </parameters>
          </authenticationPlugin>
      </extension>
  • nuxeo-automation-server-6.0.jar
    <extension point="authenticators" target="org.nuxeo.ecm.platform.ui.web.auth.service.PluggableAuthenticationService">
        <authenticationPlugin class="org.nuxeo.ecm.platform.ui.web.auth.plugins.BasicAuthenticator" enabled="true" name="AUTOMATION_BASIC_AUTH">
          <parameters>
            <parameter name="AutoPrompt">true</parameter>
            <parameter name="RealmName">Nuxeo Automation</parameter>
            <parameter name="ExcludeBAHeader_Token">X-Authentication-Token</parameter>
            <parameter name="ExcludeBAHeader_Token">X-No-Basic-Header</parameter>
          </parameters>
        </authenticationPlugin>
      </extension>
  • nuxeo-drive-jsf-6.0.jar
    <extension point="authenticators" target="org.nuxeo.ecm.platform.ui.web.auth.service.PluggableAuthenticationService">
    
        <authenticationPlugin class="org.nuxeo.ecm.platform.ui.web.auth.token.TokenAuthenticator" enabled="true" name="STATEFUL_TOKEN_AUTH">
          <loginModulePlugin>Trusting_LM</loginModulePlugin>
          <stateful>true</stateful>
        </authenticationPlugin>
    
      </extension>
  • nuxeo-opencmis-bindings-6.0.jar
    <extension point="authenticators" target="org.nuxeo.ecm.platform.ui.web.auth.service.PluggableAuthenticationService">
        <authenticationPlugin class="org.nuxeo.ecm.platform.ui.web.auth.plugins.BasicAuthenticator" enabled="true" name="BASIC_AUTH">
          <parameters>
            <parameter name="ForcePromptURL_CMISJSON">json/cmis</parameter>
          </parameters>
        </authenticationPlugin>
      </extension>
  • nuxeo-runtime-6.0.jar
    <extension point="authenticators" target="org.nuxeo.ecm.platform.ui.web.auth.service.PluggableAuthenticationService">
        <authenticationPlugin class="org.nuxeo.duoweb.authentication.DuoFactorsAuthenticator" enabled="true" name="DUO_TWO_FACTORS_AUTH">
          <loginModulePlugin>Trusting_LM</loginModulePlugin>
          <parameters>
            <parameter name="IKEY">YOUR_INTEGRATION_KEY</parameter>
            <parameter name="SKEY">YOUR_SECRET_KEY</parameter>
            <parameter name="AKEY">YOUR_APPLICATION_KEY</parameter>
            <parameter name="HOST">YOUR_API_HOSTNAME</parameter>
          </parameters>
        </authenticationPlugin>
      </extension>
  • nuxeo-platform-login-token-6.0.jar
    <extension point="authenticators" target="org.nuxeo.ecm.platform.ui.web.auth.service.PluggableAuthenticationService">
    
        <documentation>
          Authentication plugin using a token to validate
          identity. This token is sent as a HTTP request header.
    
          The user is
          retrieved looking into a directory mapping unique tokens to user
          names.
    
          This Authentication Plugin is configured to be
          used with the
          Trusting_LM LoginModule plugin
          =&gt; no password check will
          be done, a
          principal will be created
          from the userName if the user exists in
          the
          user directory.
    
          @author
          Antoine Taillefer (ataillefer@nuxeo.com)
        </documentation>
    
        <authenticationPlugin class="org.nuxeo.ecm.platform.ui.web.auth.token.TokenAuthenticator" enabled="true" name="TOKEN_AUTH">
          <loginModulePlugin>Trusting_LM</loginModulePlugin>
        </authenticationPlugin>
    
      </extension>
  • nuxeo-application-definition-6.0.jar
    <extension point="authenticators" target="org.nuxeo.ecm.platform.ui.web.auth.service.PluggableAuthenticationService">
    
        <authenticationPlugin class="org.nuxeo.ecm.mobile.filter.ApplicationFormAuthenticator" enabled="true" name="FORM_WEBENGINE_APPLICATION_AUTH">
          <needStartingURLSaving>true</needStartingURLSaving>
          <parameters>
            <parameter name="UsernameKey">user_name</parameter>
            <parameter name="PasswordKey">user_password</parameter>
          </parameters>
        </authenticationPlugin>
    
      </extension>
  • nuxeo-platform-login-digest-6.0.jar
    <extension point="authenticators" target="org.nuxeo.ecm.platform.ui.web.auth.service.PluggableAuthenticationService">
        <authenticationPlugin class="org.nuxeo.ecm.ui.web.auth.digest.DigestAuthenticator" enabled="true" name="DIGEST_AUTH">
          <stateful>false</stateful>
          <loginModulePlugin>DigestLoginPlugin</loginModulePlugin>
        </authenticationPlugin>
      </extension>
  • nuxeo-webengine-core-6.0.jar
    <extension point="authenticators" target="org.nuxeo.ecm.platform.ui.web.auth.service.PluggableAuthenticationService">
        <authenticationPlugin class="org.nuxeo.ecm.webengine.login.WebEngineFormAuthenticator" enabled="true" name="WEBENGINE_FORM_AUTH">
          <needStartingURLSaving>true</needStartingURLSaving>
          <parameters>
            <parameter name="UsernameKey">username</parameter>
            <parameter name="PasswordKey">password</parameter>
          </parameters>
          <stateful>false</stateful>
        </authenticationPlugin>
      </extension>
  • nuxeo-opensocial-container-6.0.jar
    <extension point="authenticators" target="org.nuxeo.ecm.platform.ui.web.auth.service.PluggableAuthenticationService">
        <authenticationPlugin class="org.nuxeo.ecm.platform.ui.web.auth.plugins.FormAuthenticator" enabled="true" name="OPENSOCIAL_FORM_AUTH">
          <needStartingURLSaving>true</needStartingURLSaving>
          <parameters>
            <parameter name="LoginPage">opensocial_login.jsp</parameter>
            <parameter name="UsernameKey">user_name</parameter>
            <parameter name="PasswordKey">user_password</parameter>
          </parameters>
        </authenticationPlugin>
      </extension>
  • nuxeo-platform-web-common-6.0.jar
    <extension point="authenticators" target="org.nuxeo.ecm.platform.ui.web.auth.service.PluggableAuthenticationService">
    
        <authenticationPlugin class="org.nuxeo.ecm.platform.ui.web.auth.plugins.FormAuthenticator" enabled="true" name="FORM_AUTH">
          <needStartingURLSaving>true</needStartingURLSaving>
          <parameters>
            <parameter name="LoginPage">login.jsp</parameter>
            <parameter name="UsernameKey">user_name</parameter>
            <parameter name="PasswordKey">user_password</parameter>
          </parameters>
        </authenticationPlugin>
    
        <authenticationPlugin class="org.nuxeo.ecm.platform.ui.web.auth.plugins.BasicAuthenticator" enabled="true" name="BASIC_AUTH">
          <needStartingURLSaving>false</needStartingURLSaving>
          <stateful>false</stateful>
          <parameters>
            <parameter name="RealmName">Nuxeo 5 EP</parameter>
            <parameter name="AutoPrompt">false</parameter>
            <parameter name="ForcePromptURL_RSS">
              getSyndicationDocument.faces
            </parameter>
            <parameter name="ForcePromptURL_RSS_SEARCH">
              getSyndicationSearch.faces
            </parameter>
            <parameter name="ForcePromptURL_Restlet">restAPI/</parameter>
            <parameter name="ForcePromptURL_WebEngineRest">site/api/</parameter>
            <parameter name="ForcePromptURL_WebEngineRSS">site/sites/@rss/</parameter>
            <parameter name="ForcePromptURL_WebEngineBlogsRSS">site/blogs/@rss/</parameter>
          </parameters>
        </authenticationPlugin>
    
        <authenticationPlugin class="org.nuxeo.ecm.platform.ui.web.auth.plugins.AnonymousAuthenticator" enabled="true" name="ANONYMOUS_AUTH">
          <loginModulePlugin>Trusting_LM</loginModulePlugin>
        </authenticationPlugin>
    
        <authenticationPlugin class="org.nuxeo.ecm.platform.ui.web.auth.plugins.WebServicesAuthenticator" enabled="true" name="WEBSERVICES_AUTH">
          <parameters>
            <parameter name="URLSkip">webservices/</parameter>
          </parameters>
        </authenticationPlugin>
      </extension>