inteligr8/alfresco-community-repo
1
0
Fork 0
mirror of https://github.com/Alfresco/alfresco-community-repo.git synced 2025-08-07 17:49:17 +00:00
Code Issues Packages Projects Releases Wiki Activity

Merged V3.2 to HEAD

Browse Source 
16062: ETHREEOH-2792: Support login via external SSO systems (such as CAS) in Alfresco Share
      - In Alfresco, new "external" authentication subsystem maps user identity from HttpServletRequest.getRemoteUser() or configured header
      - In Share, the UserFactory also recognizes HttpServletRequest.getRemoteUser() - no special filters required
      - User ID propagated to Alfresco through X-Alfresco-Remote-User HTTP header
      - This can be done securely via the use of an SSL client certificate that identifies the Share application to Alfresco as a special 'proxy' user
      - New <keystore> section added to webscript-framework-config that allows specification of the keystore holding the client certificate and trusted CAs
      - Support for SSL authentication and propagation of Cookies through redirects added to RemoteClient so that initial redirects through sign on pages are supported
      - TODO: Wiki


git-svn-id: https://svn.alfresco.com/repos/alfresco-enterprise/alfresco/HEAD/root@16065 c4b6b30b-aa2e-2d43-bbcb-ca4b014f7261
This commit is contained in:
Dave Ward
2009-09-03 11:16:02 +00:00
parent 44e72700aa
commit 9c9c31ca83
7 changed files with 304 additions and 9 deletions
Download Patch File Download Diff File Expand all files Collapse all files

44
source/java/org/alfresco/web/app/servlet/RemoteUserMapper.java Normal file
View File

@@ -0,0 +1,44 @@
/*
* Copyright (C) 2005-2009 Alfresco Software Limited.
*
* This program is free software; you can redistribute it and/or
* modify it under the terms of the GNU General Public License
* as published by the Free Software Foundation; either version 2
* of the License, or (at your option) any later version.
* This program is distributed in the hope that it will be useful,
* but WITHOUT ANY WARRANTY; without even the implied warranty of
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
* GNU General Public License for more details.
* You should have received a copy of the GNU General Public License
* along with this program; if not, write to the Free Software
* Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA.
* As a special exception to the terms and conditions of version 2.0 of
* the GPL, you may redistribute this Program in connection with Free/Libre
* and Open Source Software ("FLOSS") applications as described in Alfresco's
* FLOSS exception. You should have received a copy of the text describing
* the FLOSS exception, and it is also available here:
* http://www.alfresco.com/legal/licensing"
*/
package org.alfresco.web.app.servlet;
import javax.servlet.http.HttpServletRequest;
/**
* An interface for objects capable of extracting an externally authenticated user ID from an HTTP request.
*
* @author dward
*/
public interface RemoteUserMapper
{
/**
* Gets an externally authenticated user ID from an HTTP request.
*
* @param request
* the request
* @return the user ID or <code>null</code> if the user is unauthenticated
*/
public String getRemoteUser(HttpServletRequest request);
}