Platform Explorer / Nuxeo Platform 6.0

Extension point specificChains

Documentation

Contribute specific authentication chain for specific urls or request headers. This is usefull to be able to change the authentication plugins used for a dedicated protocol (WSS, WebDav ...)

Contribution Descriptors

  • Class: org.nuxeo.ecm.platform.ui.web.auth.service.SpecificAuthChainDescriptor

Existing Contributions

Contributions are presented in the same order as the registration order on this extension point. This order is displayed before the contribution name, in brackets.

  • nuxeo-wss-6.0.jar
    <extension point="specificChains" target="org.nuxeo.ecm.platform.ui.web.auth.service.PluggableAuthenticationService">
    
        <specificAuthenticationChain name="WSS">
          <urlPatterns>
            <url>(.*)/_vti_.*</url>
          </urlPatterns>
          <headers>
            <header name="User-Agent">MSFrontPage.*</header>
          </headers>
    
          <replacementChain>
            <plugin>DIGEST_AUTH</plugin>
            <plugin>WEBDAV_BASIC_AUTH</plugin>
          </replacementChain>
        </specificAuthenticationChain>
    
      </extension>
  • nuxeo-platform-login-token-6.0.jar
    <extension point="specificChains" target="org.nuxeo.ecm.platform.ui.web.auth.service.PluggableAuthenticationService">
    
        <documentation>
          Override Automation specific authentication chain to
          use token authentication just after basic one.
        </documentation>
    
        <specificAuthenticationChain name="Automation">
    
          <urlPatterns>
            <url>(.*)/automation.*</url>
          </urlPatterns>
          <replacementChain>
            <plugin>AUTOMATION_BASIC_AUTH</plugin>
            <plugin>TOKEN_AUTH</plugin>
            <plugin>ANONYMOUS_AUTH</plugin>
          </replacementChain>
        </specificAuthenticationChain>
    
        <specificAuthenticationChain name="RestAPI">
          <urlPatterns>
            <url>(.*)/api/v.*</url>
          </urlPatterns>
          <replacementChain>
            <plugin>AUTOMATION_BASIC_AUTH</plugin>
            <plugin>TOKEN_AUTH</plugin>
            <plugin>ANONYMOUS_AUTH</plugin>
          </replacementChain>
        </specificAuthenticationChain>
    
    
    
        <documentation>
          Use token authentication if the related request
          header is sent.
        </documentation>
    
        <specificAuthenticationChain name="TokenAuth">
          <headers>
            <header name="X-Authentication-Token">.*</header>
          </headers>
          <replacementChain>
            <plugin>TOKEN_AUTH</plugin>
          </replacementChain>
        </specificAuthenticationChain>
    
      </extension>
  • nuxeo-webdav-6.0.jar
    <extension point="specificChains" target="org.nuxeo.ecm.platform.ui.web.auth.service.PluggableAuthenticationService">
        <specificAuthenticationChain name="WebDAV">
            <urlPatterns>
                <url>(.*)/site/dav.*</url>
            </urlPatterns>
            <replacementChain>
                <plugin>DIGEST_AUTH</plugin>
                <plugin>WEBDAV_BASIC_AUTH</plugin>
                <plugin>ANONYMOUS_AUTH</plugin>
            </replacementChain>
        </specificAuthenticationChain>
        <specificAuthenticationChain name="WebDAV_Root">
          <headers>
            <header name="User-Agent">(Microsoft-WebDAV-MiniRedir|DavClnt|litmus|gvfs|gnome-vfs|davfs|WebDAV|cadaver|BitKinex|GoodReader|DataAccess|iWorkHTTPKit).*</header>
          </headers>
    
          <replacementChain>
            <plugin>DIGEST_AUTH</plugin>
            <plugin>WEBDAV_BASIC_AUTH</plugin>
          </replacementChain>
        </specificAuthenticationChain>
      </extension>
  • nuxeo-automation-server-6.0.jar
    <extension point="specificChains" target="org.nuxeo.ecm.platform.ui.web.auth.service.PluggableAuthenticationService">
    
        <specificAuthenticationChain name="Automation">
            <urlPatterns>
                <url>(.*)/automation.*</url>
            </urlPatterns>
    
            <replacementChain>
                <plugin>AUTOMATION_BASIC_AUTH</plugin>
                <plugin>ANONYMOUS_AUTH</plugin>
            </replacementChain>
        </specificAuthenticationChain>
    
      </extension>
  • nuxeo-rest-api-server-6.0.jar
    <extension point="specificChains" target="org.nuxeo.ecm.platform.ui.web.auth.service.PluggableAuthenticationService">
    
        <specificAuthenticationChain name="RestAPI">
            <urlPatterns>
                <url>(.*)/api/v.*</url>
            </urlPatterns>
    
            <replacementChain>
                <plugin>AUTOMATION_BASIC_AUTH</plugin>
                <plugin>TOKEN_AUTH</plugin>
                <plugin>ANONYMOUS_AUTH</plugin>
            </replacementChain>
        </specificAuthenticationChain>
    
      </extension>
  • nuxeo-opensocial-container-6.0.jar
    <extension point="specificChains" target="org.nuxeo.ecm.platform.ui.web.auth.service.PluggableAuthenticationService">
        <specificAuthenticationChain name="Opensocial">
            <urlPatterns>
                <url>/nuxeo/opensocial/gadgets/ifr.*</url>
            </urlPatterns>
            <replacementChain>
                <plugin>OPENSOCIAL_FORM_AUTH</plugin>
            </replacementChain>
        </specificAuthenticationChain>
      </extension>
  • nuxeo-drive-jsf-6.0.jar
    <extension point="specificChains" target="org.nuxeo.ecm.platform.ui.web.auth.service.PluggableAuthenticationService">
    
        <specificAuthenticationChain name="DriveMetadata">
          <urlPatterns>
            <url>(.*)/view_drive_metadata.*</url>
          </urlPatterns>
          <replacementChain>
            <plugin>STATEFUL_TOKEN_AUTH</plugin>
          </replacementChain>
        </specificAuthenticationChain>
    
      </extension>
  • nuxeo-web-mobile-cap-6.0.jar
    <extension point="specificChains" target="org.nuxeo.ecm.platform.ui.web.auth.service.PluggableAuthenticationService">
        <specificAuthenticationChain name="mobile-app">
          <urlPatterns>
            <url>/.+/site/mobile[./]*</url>
          </urlPatterns>
    
          <replacementChain>
            <plugin>BASIC_AUTH_STATEFUL</plugin>
            <plugin>FORM_WEBENGINE_APPLICATION_AUTH</plugin>
            <plugin>FORM_AUTH</plugin>
            <plugin>ANONYMOUS_AUTH</plugin>
            <plugin>WEBSERVICES_AUTH</plugin>
          </replacementChain>
        </specificAuthenticationChain>
      </extension>