Platform Explorer / Nuxeo Platform LTS 2015 7.10

Contribution org.nuxeo.ecm.login.token.authentication.contrib--specificChains

This contribution is part of XML component org.nuxeo.ecm.login.token.authentication.contrib inside nuxeo-platform-login-token-7.10-HF07.jar /OSGI-INF/token-authentication-contrib.xml

Override Automation specific authentication chain to use token authentication just after basic one.

Extension point

Extension point specificChains of component PluggableAuthenticationService.

Contributed items

  • <specificAuthenticationChain handlePrompt="false" name="Automation">
    
          <urlPatterns>
            <url>(.*)/automation.*</url>
          </urlPatterns>
          <replacementChain>
            <plugin>AUTOMATION_BASIC_AUTH</plugin>
            <plugin>TOKEN_AUTH</plugin>
          </replacementChain>
        </specificAuthenticationChain>
  • <specificAuthenticationChain name="RestAPI">
          <urlPatterns>
            <url>(.*)/api/v.*</url>
          </urlPatterns>
          <replacementChain>
            <plugin>AUTOMATION_BASIC_AUTH</plugin>
            <plugin>TOKEN_AUTH</plugin>
          </replacementChain>
        </specificAuthenticationChain>
  • <specificAuthenticationChain name="TokenAuth">
          <headers>
            <header name="X-Authentication-Token">.*</header>
          </headers>
          <replacementChain>
            <plugin>TOKEN_AUTH</plugin>
          </replacementChain>
        </specificAuthenticationChain>

XML source

<extension point="specificChains" target="org.nuxeo.ecm.platform.ui.web.auth.service.PluggableAuthenticationService">

    <documentation>
      Override Automation specific authentication chain to
      use token authentication just after basic one.
    </documentation>

    <specificAuthenticationChain handlePrompt="false" name="Automation">

      <urlPatterns>
        <url>(.*)/automation.*</url>
      </urlPatterns>
      <replacementChain>
        <plugin>AUTOMATION_BASIC_AUTH</plugin>
        <plugin>TOKEN_AUTH</plugin>
      </replacementChain>
    </specificAuthenticationChain>

    <specificAuthenticationChain name="RestAPI">
      <urlPatterns>
        <url>(.*)/api/v.*</url>
      </urlPatterns>
      <replacementChain>
        <plugin>AUTOMATION_BASIC_AUTH</plugin>
        <plugin>TOKEN_AUTH</plugin>
      </replacementChain>
    </specificAuthenticationChain>



    <documentation>
      Use token authentication if the related request
      header is sent.
    </documentation>

    <specificAuthenticationChain name="TokenAuth">
      <headers>
        <header name="X-Authentication-Token">.*</header>
      </headers>
      <replacementChain>
        <plugin>TOKEN_AUTH</plugin>
      </replacementChain>
    </specificAuthenticationChain>

  </extension>