Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Allow for third-party reuse of Nuxeo authentication system #115

Open
mkalam-alami opened this issue Apr 30, 2012 · 4 comments
Open

Allow for third-party reuse of Nuxeo authentication system #115

mkalam-alami opened this issue Apr 30, 2012 · 4 comments

Comments

@mkalam-alami
Copy link
Contributor

  • Goal: Being able to access information on Nuxeo from distinct applications, by authenticating as a specific user.
  • Needs: Choose one or more authentication methods, and the technologies we can use for our different client applications
  • Use cases:
    • FraSCAti Studio (for EasySOA Light)
    • SOA monitoring subscription app (by @wilfried2006), a priori with Play Framework
    • Node app (for which features? prototypes?)

Nuxeo Authentication

Given the Nuxeo capabilities, the possibilities are:

  • Authentication via Nuxeo
    • Basic HTTP Auth. (with HTTPS reverse-proxy to ensure security)
    • Nuxeo as OAuth provider
    • Nuxeo SSO (see this page)
  • Authentication via a shared service
    • Shibboleth
    • CAS2
  • Host all the applications on Nuxeo
@mkalam-alami
Copy link
Contributor Author

Node.js + OAuth authentication

A minimal working example is available here.

@tiry
Copy link
Member

tiry commented May 3, 2012

You should have a look at portal_sso.

This is a plugin that is designed to have an external application (like a portal) calling Nuxeo on the behalf of a user.
This is based on a shared secret between the 2 apps, but on Nuxeo side the code is executed under the security context of the remote interactive user.
Of course, this requires all application to share the same user database/LDAP.

Is that what you are looking for ?

Tiry

@mkalam-alami
Copy link
Contributor Author

Yes this could fit our needs too, thanks for the info.

@tiry
Copy link
Member

tiry commented May 4, 2012

Just ping me if you need help.
This portal_sso system is already integrated in Nuxeo Automation Client java lib : so this should be completly transparent if remote apps calling Nuxeo uses Automation.

Of course, OAuth is also an option, but it requires a little bit more work.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Projects
None yet
Development

No branches or pull requests

2 participants