Platform Explorer / Nuxeo Platform 8.1

Extension point specificChains

In component org.nuxeo.ecm.platform.ui.web.auth.service.PluggableAuthenticationService

Documentation

Contribute specific authentication chain for specific urls or request headers. This is usefull to be able to change the authentication plugins used for a dedicated protocol (WSS, WebDav ...)

Contribution Descriptors

Existing Contributions

Contributions are presented in the same order as the registration order on this extension point. This order is displayed before the contribution name, in brackets.

  • nuxeo-drive-jsf-8.1.jar /OSGI-INF/nuxeodrive-token-authentication-contrib.xml 
    <extension point="specificChains" target="org.nuxeo.ecm.platform.ui.web.auth.service.PluggableAuthenticationService">

    <specificAuthenticationChain name="DriveMetadata">
      <urlPatterns>
        <url>(.*)/view_drive_metadata.*</url>
      </urlPatterns>
      <replacementChain>
        <plugin>STATEFUL_TOKEN_AUTH</plugin>
      </replacementChain>
    </specificAuthenticationChain>

  </extension>
    (?) nuxeo-drive-jsf-8.1.jar/OSGI-INF/nuxeodrive-token-authentication-contrib.xml   Override
  • nuxeo-rest-api-server-8.1.jar /OSGI-INF/auth-contrib.xml 
    <extension point="specificChains" target="org.nuxeo.ecm.platform.ui.web.auth.service.PluggableAuthenticationService">

    <specificAuthenticationChain name="RestAPI">
        <urlPatterns>
            <url>(.*)/api/v.*</url>
        </urlPatterns>

        <replacementChain>
            <plugin>AUTOMATION_BASIC_AUTH</plugin>
            <plugin>TOKEN_AUTH</plugin>
        </replacementChain>
    </specificAuthenticationChain>

  </extension>
    (?) nuxeo-rest-api-server-8.1.jar/OSGI-INF/auth-contrib.xml   Override
  • nuxeo-platform-login-token-8.1.jar /OSGI-INF/token-authentication-contrib.xml 
    <extension point="specificChains" target="org.nuxeo.ecm.platform.ui.web.auth.service.PluggableAuthenticationService">

    <documentation>
      Override Automation specific authentication chain to
      use token authentication just after basic one.
    </documentation>

    <specificAuthenticationChain name="Automation">

      <urlPatterns>
        <url>(.*)/automation.*</url>
      </urlPatterns>
      <replacementChain>
        <plugin>AUTOMATION_BASIC_AUTH</plugin>
        <plugin>TOKEN_AUTH</plugin>
      </replacementChain>
    </specificAuthenticationChain>

    <specificAuthenticationChain name="RestAPI">
      <urlPatterns>
        <url>(.*)/api/v.*</url>
      </urlPatterns>
      <replacementChain>
        <plugin>AUTOMATION_BASIC_AUTH</plugin>
        <plugin>TOKEN_AUTH</plugin>
      </replacementChain>
    </specificAuthenticationChain>



    <documentation>
      Use token authentication if the related request
      header is sent.
    </documentation>

    <specificAuthenticationChain name="TokenAuth">
      <headers>
        <header name="X-Authentication-Token">.*</header>
      </headers>
      <replacementChain>
        <plugin>TOKEN_AUTH</plugin>
      </replacementChain>
    </specificAuthenticationChain>

  </extension>
    (?) nuxeo-platform-login-token-8.1.jar/OSGI-INF/token-authentication-contrib.xml   Override
  • nuxeo-web-mobile-cap-8.1.jar /OSGI-INF/web-mobile-authentification-chain-contrib.xml 
    <extension point="specificChains" target="org.nuxeo.ecm.platform.ui.web.auth.service.PluggableAuthenticationService">
    <specificAuthenticationChain name="mobile-app">
      <urlPatterns>
        <url>/.+/site/mobile[./]*</url>
      </urlPatterns>

      <replacementChain>
        <plugin>BASIC_AUTH_STATEFUL</plugin>
        <plugin>FORM_WEBENGINE_APPLICATION_AUTH</plugin>
        <plugin>FORM_AUTH</plugin>
        <plugin>ANONYMOUS_AUTH</plugin>
        <plugin>WEBSERVICES_AUTH</plugin>
      </replacementChain>
    </specificAuthenticationChain>
  </extension>
    (?) nuxeo-web-mobile-cap-8.1.jar/OSGI-INF/web-mobile-authentification-chain-contrib.xml   Override
  • nuxeo-webdav-8.1.jar /OSGI-INF/auth-contrib.xml 
    <extension point="specificChains" target="org.nuxeo.ecm.platform.ui.web.auth.service.PluggableAuthenticationService">
    <specificAuthenticationChain name="WebDAV">
        <urlPatterns>
            <url>(.*)/site/dav.*</url>
        </urlPatterns>
        <replacementChain>
            <plugin>DIGEST_AUTH</plugin>
            <plugin>WEBDAV_BASIC_AUTH</plugin>
            <plugin>ANONYMOUS_AUTH</plugin>
        </replacementChain>
    </specificAuthenticationChain>
    <specificAuthenticationChain name="WebDAV_Root">
      <headers>
        <header name="User-Agent">(Microsoft-WebDAV-MiniRedir|DavClnt|litmus|gvfs|gnome-vfs|davfs|WebDAV|cadaver|BitKinex|GoodReader|DataAccess|iWorkHTTPKit).*</header>
      </headers>

      <replacementChain>
        <plugin>DIGEST_AUTH</plugin>
        <plugin>WEBDAV_BASIC_AUTH</plugin>
      </replacementChain>
    </specificAuthenticationChain>
  </extension>
    (?) nuxeo-webdav-8.1.jar/OSGI-INF/auth-contrib.xml   Override
  • nuxeo-automation-server-8.1.jar /OSGI-INF/auth-contrib.xml 
    <extension point="specificChains" target="org.nuxeo.ecm.platform.ui.web.auth.service.PluggableAuthenticationService">

    <specificAuthenticationChain name="Automation">
        <urlPatterns>
            <url>(.*)/automation.*</url>
        </urlPatterns>

        <replacementChain>
            <plugin>AUTOMATION_BASIC_AUTH</plugin>
        </replacementChain>
    </specificAuthenticationChain>

  </extension>
    (?) nuxeo-automation-server-8.1.jar/OSGI-INF/auth-contrib.xml   Override