Platform Explorer / Nuxeo Platform 11.3

Extension point authenticators

Documentation

Registry for Authentication Plugins. Authentication plugins are responsible for : - generating the authentication prompt (if needed) - get the user identity - checking the user credentials if they're not login/password based

Authentication plugin must implement the NuxeoAuthenticationPlugin interface.

Default implementation of Authentication Plugins are : - Form based authentication - HTTP Basic Authentication

Contribution Descriptors

Existing Contributions

Contributions are presented in the same order as the registration order on this extension point. This order is displayed before the contribution name, in brackets.

  • nuxeo-platform-login-cas2-11.3.56.jar /OSGI-INF/CAS2-authenticator-contrib.xml
    <extension point="authenticators" target="org.nuxeo.ecm.platform.ui.web.auth.service.PluggableAuthenticationService">
          <authenticationPlugin class="org.nuxeo.ecm.platform.ui.web.auth.cas2.Cas2Authenticator" enabled="true" name="CAS2_AUTH">
           <needStartingURLSaving>true</needStartingURLSaving>
           <parameters>
             <parameter name="ticketKey">ticket</parameter>
             <parameter name="ticketKey">proxy</parameter>
             <parameter name="appURL">http://127.0.0.1:8080/nuxeo/nxstartup.faces</parameter>
             <parameter name="serviceLoginURL">http://127.0.0.1:8080/cas/login</parameter>
             <parameter name="serviceValidateURL">http://127.0.0.1:8080/cas/serviceValidate</parameter>
             <parameter name="proxyValidateURL">http://127.0.0.1:8080/cas/proxyValidate</parameter>
             <parameter name="serviceKey">service</parameter>
           </parameters>
          </authenticationPlugin>
      </extension>
  • nuxeo-platform-login-digest-11.3.56.jar /OSGI-INF/digest-authentication-contrib.xml
    <extension point="authenticators" target="org.nuxeo.ecm.platform.ui.web.auth.service.PluggableAuthenticationService">
        <authenticationPlugin class="org.nuxeo.ecm.ui.web.auth.digest.DigestAuthenticator" enabled="true" name="DIGEST_AUTH">
          <stateful>false</stateful>
        </authenticationPlugin>
      </extension>
  • nuxeo-platform-login-jwt-11.3.56.jar /OSGI-INF/jwt-auth-contrib.xml
    <extension point="authenticators" target="org.nuxeo.ecm.platform.ui.web.auth.service.PluggableAuthenticationService">
        <authenticationPlugin class="org.nuxeo.ecm.jwt.JWTAuthenticator" enabled="true" name="JWT_AUTH">
        </authenticationPlugin>
      </extension>
  • nuxeo-platform-login-shibboleth-11.3.56.jar /OSGI-INF/shibboleth-authenticators-contrib.xml
    <extension point="authenticators" target="org.nuxeo.ecm.platform.ui.web.auth.service.PluggableAuthenticationService">
        <authenticationPlugin class="org.nuxeo.ecm.platform.shibboleth.auth.ShibbolethAuthenticationPlugin" enabled="true" name="SHIB_AUTH">
        </authenticationPlugin>
      </extension>
  • nuxeo-platform-oauth-11.3.56.jar /OSGI-INF/authentication-contrib.xml
    <extension point="authenticators" target="org.nuxeo.ecm.platform.ui.web.auth.service.PluggableAuthenticationService">
        <authenticationPlugin class="org.nuxeo.ecm.platform.oauth2.NuxeoOAuth2Authenticator" enabled="true" name="OAUTH2_AUTH">
        </authenticationPlugin>
      </extension>
  • nuxeo-platform-oauth1-11.3.56.jar /OSGI-INF/authentication-contrib.xml
    <extension point="authenticators" target="org.nuxeo.ecm.platform.ui.web.auth.service.PluggableAuthenticationService">
        <authenticationPlugin class="org.nuxeo.ecm.platform.ui.web.auth.oauth.NuxeoOAuth1Authenticator" enabled="true" name="OAUTH1_AUTH">
        </authenticationPlugin>
      </extension>
  • nuxeo-platform-web-common-11.3.56.jar /OSGI-INF/authentication-contrib.xml
    <?xml version='1.0' encoding='UTF-8'?>
    <extension point="authenticators" target="org.nuxeo.ecm.platform.ui.web.auth.service.PluggableAuthenticationService">
    
        <authenticationPlugin class="org.nuxeo.ecm.platform.ui.web.auth.plugins.FormAuthenticator" enabled="true" name="FORM_AUTH">
          <needStartingURLSaving>true</needStartingURLSaving>
          <parameters>
            <parameter name="LoginPage">login.jsp</parameter>
            <parameter name="UsernameKey">user_name</parameter>
            <parameter name="PasswordKey">********</parameter>
          </parameters>
        </authenticationPlugin>
    
        <authenticationPlugin class="org.nuxeo.ecm.platform.ui.web.auth.plugins.BasicAuthenticator" enabled="true" name="BASIC_AUTH">
          <needStartingURLSaving>false</needStartingURLSaving>
          <stateful>false</stateful>
          <parameters>
            <parameter name="RealmName">Nuxeo 5 EP</parameter>
            <parameter name="AutoPrompt">false</parameter>
            <parameter name="ForcePromptURL_RSS">
              getSyndicationDocument.faces
            </parameter>
            <parameter name="ForcePromptURL_RSS_SEARCH">
              getSyndicationSearch.faces
            </parameter>
            <parameter name="ForcePromptURL_Restlet">restAPI/</parameter>
            <parameter name="ForcePromptURL_WebEngineRest">site/api/</parameter>
            <parameter name="ForcePromptURL_WebEngineRSS">site/sites/@rss/</parameter>
            <parameter name="ForcePromptURL_WebEngineBlogsRSS">site/blogs/@rss/</parameter>
          </parameters>
        </authenticationPlugin>
    
        <authenticationPlugin class="org.nuxeo.ecm.platform.ui.web.auth.plugins.AnonymousAuthenticator" enabled="true" name="ANONYMOUS_AUTH">
        </authenticationPlugin>
      </extension>
  • nuxeo-automation-server-11.3.56.jar /OSGI-INF/auth-contrib.xml
    <extension point="authenticators" target="org.nuxeo.ecm.platform.ui.web.auth.service.PluggableAuthenticationService">
        <authenticationPlugin class="org.nuxeo.ecm.platform.ui.web.auth.plugins.BasicAuthenticator" enabled="true" name="AUTOMATION_BASIC_AUTH">
          <parameters>
            <parameter name="AutoPrompt">true</parameter>
            <parameter name="RealmName">Nuxeo Automation</parameter>
            <parameter name="ExcludeBAHeader_Token">X-Authentication-Token</parameter>
            <parameter name="ExcludeBAHeader_Token">X-No-Basic-Header</parameter>
            <parameter name="ExcludeBAHeader_COOKIE">Cookie</parameter>
          </parameters>
        </authenticationPlugin>
      </extension>
  • nuxeo-platform-login-token-11.3.56.jar /OSGI-INF/token-authentication-contrib.xml
    <extension point="authenticators" target="org.nuxeo.ecm.platform.ui.web.auth.service.PluggableAuthenticationService">
    
        <documentation>
          Authentication plugin using a token to validate
          identity. This token is sent as a HTTP request header.
    
          The user is retrieved looking into a directory mapping unique tokens to user names.
    
          Set the allowAnonymous parameter to true to
          allow token authentication for anonymous user.
    
          @author
          Antoine Taillefer (ataillefer@nuxeo.com)
        </documentation>
    
        <authenticationPlugin class="org.nuxeo.ecm.platform.ui.web.auth.token.TokenAuthenticator" enabled="true" name="TOKEN_AUTH">
          <parameters>
            <parameter name="allowAnonymous">false</parameter>
          </parameters>
        </authenticationPlugin>
    
      </extension>
  • nuxeo-webdav-11.3.56.jar /OSGI-INF/auth-contrib.xml
    <extension point="authenticators" target="org.nuxeo.ecm.platform.ui.web.auth.service.PluggableAuthenticationService">
        <authenticationPlugin class="org.nuxeo.ecm.platform.ui.web.auth.plugins.BasicAuthenticator" enabled="true" name="WEBDAV_BASIC_AUTH">
          <parameters>
            <parameter name="AutoPrompt">true</parameter>
            <parameter name="RealmName">Nuxeo WebDAV</parameter>
          </parameters>
        </authenticationPlugin>
      </extension>
  • nuxeo-webengine-core-11.3.56.jar /OSGI-INF/authentication-contrib.xml
    <?xml version='1.0' encoding='UTF-8'?>
    <extension point="authenticators" target="org.nuxeo.ecm.platform.ui.web.auth.service.PluggableAuthenticationService">
        <authenticationPlugin class="org.nuxeo.ecm.webengine.login.WebEngineFormAuthenticator" enabled="true" name="WEBENGINE_FORM_AUTH">
          <needStartingURLSaving>true</needStartingURLSaving>
          <parameters>
            <parameter name="UsernameKey">username</parameter>
            <parameter name="PasswordKey">********</parameter>
          </parameters>
          <stateful>false</stateful>
        </authenticationPlugin>
      </extension>