21 Jan

SSO Setting - CAS and Alfresco

Prerequisite:

  • Alfresco and CAS should use the HTTPS protocol
  • Let's say, CAS used port 433 and Alfresco 9443
  • Set Alfresco so it can redirect from port 8080 tobe 9443
  • Make sure Alfresco and CAS can be accessed with domain name (not recomended with IP Address), in this tutorial use:
    • Alfresco = http://alfresco.local
    • CAS = http://cas.softbless.local
Form Login CAS

1.       Add this configuration in alfresco-global.properties file:

#CAS

authentication.chain=cas:external

2.       Copy service.xml to C:\Alfresco\tomcat\shared\classes\alfresco\extension

3.       Copy commonValues.properties to C:\Alfresco\tomcat\shared\classes\alfresco\extension\messages

# CAS

      cas_url=https://cas.softbless.local:443

      cas_alfresco_url=https://alfresco.local:9443/alfresco

4.       Copy mycompany folder into C:\Alfresco\tomcat\shared\classes\alfresco\extension\templates\webscripts\org

5.       Copy custom-slingshot-application-context.xml to C:\Alfresco\tomcat\shared\classes\alfresco\web-extension folder. Make sure same with below configurations:

<!-- Override Logout Controller - to expire Alfresco tickets -->

<bean id="logoutController" class="org.wwarn.cms.authentication.servlet.CASSlingshotLogoutController">

       <property name="cacheSeconds" value="-1" />

       <property name="useExpiresHeader"><value>true</value></property>

       <property name="useCacheControlHeader"><value>true</value></property>

       <property name="connectorService" ref="connector.service" />

       <!-- if blank assumes the same as Share -->

 

       <property name="casHost"><value>https://cas.softbless.local:443</value></property>

       <property name="casPath"><value>logout</value></property>

   </bean>

6.       Edit share-config-custom.xml file from C:\Alfresco\tomcat\shared\classes\alfresco\web-extension :

<config evaluator="string-compare" condition="Server">

        <server>

<!-- Enable and adjust the following settings to allow for external access URLs to the

WebScript Framework - to return an externally accessible address for absolute url generation.-->

              <scheme>https</scheme>

              <hostname>alfresco.local</hostname>

              <port>9443</port>

        </server>

    </config>

    <!--Overriding endpoints to reference a remote Alfresco server &ndash;&gt;-->

    <config evaluator="string-compare" condition="Remote">

        <remote>

            <!-- Authenticator implementation used in CAS authentication scenario,

                overrides the default alfresco-ticket authenticator

                <class>org.alfresco.connector.AlfrescoAuthenticator</class> -->

            <authenticator>

                <id>alfresco-ticket</id>

                <name>Alfresco Authenticator</name>

                <description>Alfresco Authenticator</description>

                <class>org.mycompany.cms.authentication.CasAlfrescoAuthenticator</class>

            </authenticator>

            <!-- Connects to an Alfresco instance using ticket-based authentication,

                overrides the default alfresco connector to use ticket authenticator-->

            <connector>

                <id>alfresco</id>

                <name>Alfresco Connector</name>

                <description>Connects to an Alfresco instance using ticket-based authentication</description>

                <class>org.springframework.extensions.webscripts.connector.AlfrescoConnector</class>

                <authenticator-id>alfresco-ticket</authenticator-id>

            </connector>

            <!-- Endpoint using external authentication via CAS-->

            <endpoint>

                <id>alfresco</id>

                <name>Alfresco - user access</name>

                <description>Access to Alfresco Repository WebScripts that require external user authentication

                </description>

                <connector-id>alfresco</connector-id>

                <endpoint-url>https://alfresco.local:9443/alfresco/s</endpoint-url>

                <identity>user</identity>

                <external-auth>true</external-auth>

            </endpoint>

        </remote>

    </config>

7.       Edit webscript-framework-config-custom.xml file from C:\Alfresco\tomcat\shared\classes\alfresco\web-extension :

<config evaluator="string-compare" condition="Remote">

<remote>

<endpoint>

              <id>alfresco-noauth</id>

              <name>Alfresco - unauthenticated access</name>

<description>Access to Alfresco Repository WebScripts that do not require authentication</description>

              <connector-id>alfresco</connector-id>

              <endpoint-url>https://alfresco.local:9443/alfresco/s</endpoint-url>

              <identity>none</identity>

       </endpoint>

       <endpoint>

              <id>alfresco</id>

              <name>Alfresco - user access</name>

<description>Access to Alfresco Repository WebScripts that require user authentication</description>

              <connector-id>alfresco</connector-id>

              <endpoint-url>https://alfresco.local:9443/alfresco/s</endpoint-url>

              <identity>user</identity>

       </endpoint>

       <endpoint>

              <id>alfresco-feed</id>

              <name>Alfresco Feed</name>

<description>Alfresco Feed - supports basic HTTP authentication</description>

              <connector-id>http</connector-id>

              <endpoint-url>https://alfresco.local:9443/alfresco/s</endpoint-url>

              <basic-auth>true</basic-auth>

              <identity>user</identity>

       </endpoint>              

       </remote>

</config>

<config evaluator="string-compare" condition="Remote">

<remote>

            <keystore>

                <path>alfresco/web-extension/alfresco-system.p12</path>

                <type>pkcs12</type>

                <password>alfresco-system</password>

            </keystore>

            <endpoint>

                <id>alfresco</id>

                <name>Alfresco - user access</name>

<description>Access to Alfresco Repository WebScripts that require user authentication</description>

                <connector-id>alfresco</connector-id>

                <endpoint-url>https://alfresco.local:9443/alfresco/wcs</endpoint-url>

                <identity>user</identity>

                <external-auth>true</external-auth>

                <authenticator-id>alfresco-ticket</authenticator-id>

            </endpoint>

        </remote>

    </config>

8.       Edit relogin.jsp file from C:\Alfresco\tomcat\webapps\alfresco\jsp, tambahkan code di bawah sebelum tanda %> response.addCookie(authCookie);

// deconnection CAS

response.sendRedirect("https://cas.softbless.local:443/logout");

9.       Copy alfresco-cas.jar and cas-client-core-3.1.12.jar library into C:\Alfresco\tomcat\webapps\alfresco\WEB-INF\lib folder

10.   Copy web.xml file into C:\Alfresco\tomcat\webapps\alfresco\WEB-INF, make sure CAS code same with below configurations:

<!-- Adding CAS Authentication filters and replacing Alfresco's default one -->

   <filter>

      <filter-name>Authentication Filter</filter-name>

      <filter-class>org.jasig.cas.client.authentication.AuthenticationFilter</filter-class>

      <init-param>

         <param-name>casServerLoginUrl</param-name>

         <param-value>https://cas.softbless.local:443/login</param-value>

      </init-param>

      <init-param>

         <param-name>serverName</param-name>

         <param-value>https://alfresco.local:9443</param-value>

      </init-param>

   </filter>

   <filter>

      <filter-name>CAS Validation Filter</filter-name>

      <filter-class>org.jasig.cas.client.validation.Cas20ProxyReceivingTicketValidationFilter</filter-class>

      <init-param>

         <param-name>casServerUrlPrefix</param-name>

         <param-value>https://alfresco.local:443</param-value>

      </init-param>

      <init-param>

         <param-name>serverName</param-name>

         <param-value>https://alfresco.local:9443</param-value>

      </init-param>

   </filter>

   <filter>

      <filter-name>Alfresco CAS Authentication Filter</filter-name>

      <filter-class>org.mycompany.cms.authentication.CasAuthenticationFilter</filter-class>

   </filter>

   <!-- End adding CAS authentication filters -->

11.   Copy cas-client-core-3.1.12.jar, logoutCAS.jar, and share-CAS.jar library into C:\Alfresco\tomcat\webapps\share\WEB-INF\lib folder

12.   Copy web.xml file into C:\Alfresco\tomcat\webapps\share\WEB-INFmake sure CAS code same with below configurations :

<!-- Adding CAS Authentication filters -->

   <filter>

      <filter-name>CAS Authentication Filter</filter-name>

      <filter-class>org.jasig.cas.client.authentication.AuthenticationFilter</filter-class>

      <init-param>

         <param-name>casServerLoginUrl</param-name>

          <param-value>https://cas.softbless.local:443/login</param-value>

      </init-param>

      <init-param>

         <param-name>serverName</param-name>

         <param-value>https://alfresco.local:9443</param-value>

      </init-param>

   </filter>

   <filter>

      <filter-name>CAS Validation Filter</filter-name>

      <filter-class>org.jasig.cas.client.validation.Cas20ProxyReceivingTicketValidationFilter</filter-class>

      <init-param>

         <param-name>casServerUrlPrefix</param-name>

          <param-value>https://cas.softbless.local:443</param-value>

      </init-param>

      <init-param>

         <param-name>serverName</param-name>

         <param-value>https://alfresco.local:9443</param-value>

      </init-param>

      <init-param>

         <param-name>allowAnyProxy</param-name>

         <param-value>true</param-value>

      </init-param>

      <init-param>

         <param-name>proxyCallbackUrl</param-name>

         <param-value>https://alfresco.local:9443/share/proxyCallback</param-value>

      </init-param>

      <init-param>

         <param-name>proxyReceptorUrl</param-name>

         <param-value>/proxyCallback</param-value>

      </init-param>

   </filter>

   <filter>

      <filter-name>Alfresco CAS Authentication Filter</filter-name>

      <filter-class>org.mycompany.cms.authentication.CasAuthenticationFilter</filter-class>

   </filter>

   <!-- End adding CAS authentication filters -->

13.   Now you can access Alfresco used Internet Explorer http://alfresco.local:8080/share, it will redirect to CAS form login.

Reference:

configuring-alfresco-for-sso-with-cas | ecmstuff.blogspot.com

Web-SSO between Liferay and Alfresco with CAS and Penrose (part 2/2) | holisticsecurity.wordpress.com

cas-sso-for-alfresco-33-and-share | akselsarchitecture.blogspot.com

SSO between Share and Alfresco | blog.atolcd.com

By
, , , , , ,
Read More...

11 Jan

Alfresco 4.2.b Installation Tutorial on Linux

Alfresco 4.2.b Installation Tutorial on Linux
For alfresco installation process on Linux and Windows are the same.
Here's a screenshot of the installation process on Linux Alfresco 4.2 b:

1. Language selection

Alfresco in Cloud

2. Alfresco Community Setup

Alfresco in Cloud

3. Installation type
Chose Advance-Configures server ports and services properties
Alfresco in Cloud

4. Select the application
Alfresco in Cloud

5. Select where to save the patch to be installed alfresco folder
Alfresco in Cloud

6. Enter port for the database server
Alfresco in Cloud

7. Enter the IP address and port for tomcat The example below is the ip address for localhost
Alfresco in Cloud

8. Enter port for the FTP server
Alfresco in Cloud

9. Enter port for remote commands
Alfresco in Cloud

10. Enter the password for the application Alfresco
Alfresco in Cloud

11. Enter port for SharePoint
Alfresco in Cloud

12 Install alfresco as a service?
Alfresco in Cloud

13. Enter port for LibreOffice
Alfresco in Cloud

14. Preparation for installation of Alfresco
Alfresco in Cloud

15. Alfresco installation process
Alfresco in Cloud

16. Alfresco installation has been completed
Alfresco in Cloud

17. Starting servers
Alfresco in Cloud

18. After that it leads directly to the browser application
Enter the username and password you created at installation stage Alfresco
Username is admin

Alfresco in Cloud

19. Alfresco display in the browser
Alfresco in Cloud

By
, , , ,
Read More...

10 Jan

Alfresco 4.2.b Installation Tutorial on Windows

Alfresco 4.2.b Installation Tutorial on Windows
For alfresco installation process on Linux and Windows are the same.
Here's a screenshot of the installation process on Windows Alfresco 4.2 b:
1. Language selection

Alfresco in Cloud

2. Alfresco Community Setup

Alfresco in Cloud

3. Installation type Chose Advance-Configures server ports and services properties
Alfresco in Cloud

4. Select the application
Alfresco in Cloud

5. Select where to save the patch to be installed alfresco folder
Alfresco in Cloud

6. Enter port for the database server
Alfresco in Cloud

7. Enter the IP address and port for tomcat The example below is the ip address for localhost

Alfresco in Cloud

8. Enter port for the FTP server
Alfresco in Cloud

9. Enter port for remote commands
Alfresco in Cloud

10. Enter the password for the application Alfresco
Alfresco in Cloud

11. Enter port for SharePoint
Alfresco in Cloud

12. Enter port for LibreOffice
Alfresco in Cloud

13. Select the type of configuration to the startup tomcat and database
Alfresco in Cloud

14. Preparation for installation of Alfresco
Alfresco in Cloud

15. Alfresco installation process
Alfresco in Cloud

16. Database installation process
Alfresco in Cloud

17. Alfresco module Installation Process
Alfresco in Cloud

18. Alfresco installation has been completed
Alfresco in Cloud

19. After that it leads directly to the browser application
Enter the username and password you created at installation stage Alfresco
Username is admin
Password according to the time of the installation alfresco
Then click login


Alfresco in Cloud

20. Alfresco display in the browser
Alfresco in Cloud

By
, , , ,
Read More...

07 August 2025   By    Alfresco, Alfresco Tutorial in Indonesian Language, Alfresco Tutorial Video Indonesian Language, CAS (EN), Document Management, Enterprise Content Management System, Video Tutorial Alfresco