Ask Question
« General Questions on Nuxeo

nuxeo-platform-login-portal-sso 401 Server Error?

Hello,

New user to Nuxeo and trying to follow the steps of using the nuxeo-platform-login-portal-sso plugin, using the steps outlined here: http://answers.nuxeo.com/questions/1002/how-do-i-integrate-with-nuxeo-platform-login-portal-sso-in-my-portal We are trying to use the Nuxeo Automation Client (Java) to authenticate using the portal-sso plugin. Here's the Java code in the automation client:

HttpAutomationClient client = new HttpAutomationClient("http://localhost:8080/nuxeo/site/automation"
client.setRequestInterceptor(new PortalSSOAuthInterceptor("nuxeo5secretkey", "myUser"));
Session session = client.getSession();

At the point that 'getSession()' is called we get the following error from Tomcat: 401 - Server Error “This request requires HTTP authentication.”

We are using a standard tomcat deployment and have put in our own portalsso-config.xml file per the documentation.

Any ideas on why we would still be getting the 401 Server Error?

Any help is appreciated.

Thanks.

NuxeoNate
Member (90)   1   2   1 		05/11/2015 ( History)
0 votes
1 answers
4373 views
ANSWER
ANSWERS

[SOLVED] The issue for us was that we needed to add an extension in the *-config.xml to the specificAuthenticationChain using “Automation”.

An example file that worked for us looks like this:

<component name="MyAPP.Mod_sso">
<require>org.nuxeo.ecm.platform.ui.web.auth.defaultConfig</require>
<require>org.nuxeo.ecm.platform.login.Portal</require>
<extension
  target="org.nuxeo.ecm.platform.ui.web.auth.service.PluggableAuthenticationService"
  point="authenticators">
  <authenticationPlugin
          name="PORTAL_AUTH">
   <loginModulePlugin>Trusting_LM</loginModulePlugin>
   <parameters>
     <parameter name="secret">nuxeo5secretkey</parameter>
     <parameter name="maxAge">3600</parameter>
   </parameters>
  </authenticationPlugin>
</extension>

<!-- Include Portal Auth into authentication chain -->
<extension
  target="org.nuxeo.ecm.platform.ui.web.auth.service.PluggableAuthenticationService"
  point="chain">
  <authenticationChain>
    <plugins>
      <!--  Keep basic Auth at top of Auth chain to support RSS access via BasicAuth -->
      <plugin>BASIC_AUTH</plugin>
      <plugin>PORTAL_AUTH</plugin>
      <plugin>FORM_AUTH</plugin>
    </plugins>
  </authenticationChain>
</extension>

<extension
  target="org.nuxeo.ecm.platform.ui.web.auth.service.PluggableAuthenticationService"
  point="specificChains">
  <!-- Setup Automation client to use the Portal SSO plugin -->
  <specificAuthenticationChain name="Automation">
    <urlPatterns>
      <url>(.*)/automation.*</url>
    </urlPatterns>

    <replacementChain>
      <plugin>BASIC_AUTH</plugin>
      <plugin>PORTAL_AUTH</plugin>
      <plugin>FORM_AUTH</plugin>
    </replacementChain>
  </specificAuthenticationChain>
</extension>
</component>

Note that if you need REST API as well, you may need to add another extension in this file for REST API to use portal SSO authentication.

NuxeoNate
Member (90)   1   2   1 		05/11/2015 ( History)
0 votes
Eduardo Rodrigues
do you happen to know which extension we need to add for the REST API
03/30/2017
Follow
Tags
Linked Questions
Related Questions
Creating Nuxeo Automation client sessions using users other than Administrator
Problem with nuxeo java automation client 6.0
SSO with Portal NUXEO LTS 2019
Problem opening a automation session
Exception while communicating with Nuxeo Automation Server
Getting CoreSession from Remote Session?
JS Client Portal authentication (bug?)
Java Automation Client over SSL
Custom Authentication not working as expected with Java Client SDK