-
Type:
Service Pack Request
-
Status: Closed
-
Resolution: Fixed
-
Affects Version/s: 4.0.2
-
Fix Version/s: 4.1.4
-
Component/s: Repository Authentication and SSO
-
Labels:None
-
Environment:Ubuntu 10.04 + postgres9 + tomcat 6.0.35
-
Bug Priority:
-
Build Location:
When trying to access RSS feeds through share dashlet link (/share/page/feed/components/dashlets/activities/list?format=atomfeed&mode=user&site=&dateFilter=7&userFilter=all&activityFilter=), an authentication prmpt appear, asking for username and password even if you have a working SSO setup.
In the same session (same SSO crednetials) trying to access the feeds via Alfresco works OK.
Steps to reproduce:
1 - Setup an Alfresco instance
2 - Enable an external authentication in the authentication chain (Jasig CAS server + apache/mod_auth_cas is quite straight forward to setup):
external.authentication.proxyUserName=
external.authentication.proxyHeader=CAS-User
external.authentication.enabled=true
Setup is like this:
Client => Apache Proxy AJP => Share => Alfresco
3 - Configure Share for SSO propagating user through HTTP header.
4 - Modify alfresco-feed end-point to use an SSO aware connector (alfrescoHeader in this case) in share-config-custom.xml:
4 - Test SSO by logging in Share
5 - Click on the RSS link in the My Activities dashlet (or any other RSS link)
Expected behaviour:
Share should trust the HTTP header found in the request and pass it over to Alfresco. Then, Rss feeds should be displayed in the browser using atomfeed format
Actual behaviour:
Share send 401 HTTP status code and the user is prompted for a login and and password. After validating credentials Share passes the request to Alfresco using the SSO HTTP header, without the basic-auth ones.
Additionnal notes:
Same behaviour has been observed using external authentication based on cookies.
- is related to by
-
MNT-6115 Incorrect behaviour of RSS Feed
- Closed
-
MNT-437 RSS Dashlet cannot display RSS feed produced by Share’s blog
- Closed
-
MNT-743 CLONE - Authenticating Share RSS feed using cookies rather than basic auth
- Closed
-
MNT-2141 RSS Dashlet won't load Share Blog feed
- Closed
-
MNT-8475 Incorrect behaviour of RSS Feed on Alfresco + SSO
- Closed
- relates to
-
MNT-2708 module deployment /share/page/modules/deploy broken when using external SSO: blank page or 'Could not save module: "Alfresco Portlet Extension"' error
- Closed