Alfresco share authentication

Question

I need to modify the Share authentication mechanism. When a user attempts to login from the share page, I need to add a check that checks for the user's tenant domain with the prefix of the web address. If username's tenant address matches with the prefix of the web address then the user is allowed to log in otherwise the authentication is rejected.

For examples:

user logs in as username@mydomain.com from mydomain.alfresco.com/share

In the above case the user would be allowed to login because ...@mydomain.com matches with the web address prefix mydomain.alfresco.com/share.

I am not sure where to begin and would appreciate any help on accomplishing this.

Answer 1

I would implement it overriding the loginController Spring bean. Make a copy of org.springframework.extensions.surf.mvc.LoginController.java and add your your custom logic to handleRequestInternal. request.getParameter("username") and request.getHeader("Host") should provide the values for the comparision.

One way to override the default implementation by placing the bean definition in a file alfresco/web-extension/custom-context.xml in the classpath.

<bean id="loginController" class="CustomLoginController">
    <property name="cacheSeconds" value="-1" />
    <property name="useExpiresHeader"><value>true</value></property>
    <property name="useCacheControlHeader"><value>true</value></property>
    <property name="userFactory" ref="user.factory"></property>
    <property name="connectorService" ref="connector.service" />
</bean>