21 Jan

SSO Setting - CAS and Alfresco

Prerequisite:

  • Alfresco and CAS should use the HTTPS protocol
  • Let's say, CAS used port 433 and Alfresco 9443
  • Set Alfresco so it can redirect from port 8080 tobe 9443
  • Make sure Alfresco and CAS can be accessed with domain name (not recomended with IP Address), in this tutorial use:
    • Alfresco = http://alfresco.local
    • CAS = http://cas.softbless.local
Form Login CAS

1.       Add this configuration in alfresco-global.properties file:

#CAS

authentication.chain=cas:external

2.       Copy service.xml to C:\Alfresco\tomcat\shared\classes\alfresco\extension

3.       Copy commonValues.properties to C:\Alfresco\tomcat\shared\classes\alfresco\extension\messages

# CAS

      cas_url=https://cas.softbless.local:443

      cas_alfresco_url=https://alfresco.local:9443/alfresco

4.       Copy mycompany folder into C:\Alfresco\tomcat\shared\classes\alfresco\extension\templates\webscripts\org

5.       Copy custom-slingshot-application-context.xml to C:\Alfresco\tomcat\shared\classes\alfresco\web-extension folder. Make sure same with below configurations:

<!-- Override Logout Controller - to expire Alfresco tickets -->

<bean id="logoutController" class="org.wwarn.cms.authentication.servlet.CASSlingshotLogoutController">

       <property name="cacheSeconds" value="-1" />

       <property name="useExpiresHeader"><value>true</value></property>

       <property name="useCacheControlHeader"><value>true</value></property>

       <property name="connectorService" ref="connector.service" />

       <!-- if blank assumes the same as Share -->

 

       <property name="casHost"><value>https://cas.softbless.local:443</value></property>

       <property name="casPath"><value>logout</value></property>

   </bean>

6.       Edit share-config-custom.xml file from C:\Alfresco\tomcat\shared\classes\alfresco\web-extension :

<config evaluator="string-compare" condition="Server">

        <server>

<!-- Enable and adjust the following settings to allow for external access URLs to the

WebScript Framework - to return an externally accessible address for absolute url generation.-->

              <scheme>https</scheme>

              <hostname>alfresco.local</hostname>

              <port>9443</port>

        </server>

    </config>

    <!--Overriding endpoints to reference a remote Alfresco server &ndash;&gt;-->

    <config evaluator="string-compare" condition="Remote">

        <remote>

            <!-- Authenticator implementation used in CAS authentication scenario,

                overrides the default alfresco-ticket authenticator

                <class>org.alfresco.connector.AlfrescoAuthenticator</class> -->

            <authenticator>

                <id>alfresco-ticket</id>

                <name>Alfresco Authenticator</name>

                <description>Alfresco Authenticator</description>

                <class>org.mycompany.cms.authentication.CasAlfrescoAuthenticator</class>

            </authenticator>

            <!-- Connects to an Alfresco instance using ticket-based authentication,

                overrides the default alfresco connector to use ticket authenticator-->

            <connector>

                <id>alfresco</id>

                <name>Alfresco Connector</name>

                <description>Connects to an Alfresco instance using ticket-based authentication</description>

                <class>org.springframework.extensions.webscripts.connector.AlfrescoConnector</class>

                <authenticator-id>alfresco-ticket</authenticator-id>

            </connector>

            <!-- Endpoint using external authentication via CAS-->

            <endpoint>

                <id>alfresco</id>

                <name>Alfresco - user access</name>

                <description>Access to Alfresco Repository WebScripts that require external user authentication

                </description>

                <connector-id>alfresco</connector-id>

                <endpoint-url>https://alfresco.local:9443/alfresco/s</endpoint-url>

                <identity>user</identity>

                <external-auth>true</external-auth>

            </endpoint>

        </remote>

    </config>

7.       Edit webscript-framework-config-custom.xml file from C:\Alfresco\tomcat\shared\classes\alfresco\web-extension :

<config evaluator="string-compare" condition="Remote">

<remote>

<endpoint>

              <id>alfresco-noauth</id>

              <name>Alfresco - unauthenticated access</name>

<description>Access to Alfresco Repository WebScripts that do not require authentication</description>

              <connector-id>alfresco</connector-id>

              <endpoint-url>https://alfresco.local:9443/alfresco/s</endpoint-url>

              <identity>none</identity>

       </endpoint>

       <endpoint>

              <id>alfresco</id>

              <name>Alfresco - user access</name>

<description>Access to Alfresco Repository WebScripts that require user authentication</description>

              <connector-id>alfresco</connector-id>

              <endpoint-url>https://alfresco.local:9443/alfresco/s</endpoint-url>

              <identity>user</identity>

       </endpoint>

       <endpoint>

              <id>alfresco-feed</id>

              <name>Alfresco Feed</name>

<description>Alfresco Feed - supports basic HTTP authentication</description>

              <connector-id>http</connector-id>

              <endpoint-url>https://alfresco.local:9443/alfresco/s</endpoint-url>

              <basic-auth>true</basic-auth>

              <identity>user</identity>

       </endpoint>              

       </remote>

</config>

<config evaluator="string-compare" condition="Remote">

<remote>

            <keystore>

                <path>alfresco/web-extension/alfresco-system.p12</path>

                <type>pkcs12</type>

                <password>alfresco-system</password>

            </keystore>

            <endpoint>

                <id>alfresco</id>

                <name>Alfresco - user access</name>

<description>Access to Alfresco Repository WebScripts that require user authentication</description>

                <connector-id>alfresco</connector-id>

                <endpoint-url>https://alfresco.local:9443/alfresco/wcs</endpoint-url>

                <identity>user</identity>

                <external-auth>true</external-auth>

                <authenticator-id>alfresco-ticket</authenticator-id>

            </endpoint>

        </remote>

    </config>

8.       Edit relogin.jsp file from C:\Alfresco\tomcat\webapps\alfresco\jsp, tambahkan code di bawah sebelum tanda %> response.addCookie(authCookie);

// deconnection CAS

response.sendRedirect("https://cas.softbless.local:443/logout");

9.       Copy alfresco-cas.jar and cas-client-core-3.1.12.jar library into C:\Alfresco\tomcat\webapps\alfresco\WEB-INF\lib folder

10.   Copy web.xml file into C:\Alfresco\tomcat\webapps\alfresco\WEB-INF, make sure CAS code same with below configurations:

<!-- Adding CAS Authentication filters and replacing Alfresco's default one -->

   <filter>

      <filter-name>Authentication Filter</filter-name>

      <filter-class>org.jasig.cas.client.authentication.AuthenticationFilter</filter-class>

      <init-param>

         <param-name>casServerLoginUrl</param-name>

         <param-value>https://cas.softbless.local:443/login</param-value>

      </init-param>

      <init-param>

         <param-name>serverName</param-name>

         <param-value>https://alfresco.local:9443</param-value>

      </init-param>

   </filter>

   <filter>

      <filter-name>CAS Validation Filter</filter-name>

      <filter-class>org.jasig.cas.client.validation.Cas20ProxyReceivingTicketValidationFilter</filter-class>

      <init-param>

         <param-name>casServerUrlPrefix</param-name>

         <param-value>https://alfresco.local:443</param-value>

      </init-param>

      <init-param>

         <param-name>serverName</param-name>

         <param-value>https://alfresco.local:9443</param-value>

      </init-param>

   </filter>

   <filter>

      <filter-name>Alfresco CAS Authentication Filter</filter-name>

      <filter-class>org.mycompany.cms.authentication.CasAuthenticationFilter</filter-class>

   </filter>

   <!-- End adding CAS authentication filters -->

11.   Copy cas-client-core-3.1.12.jar, logoutCAS.jar, and share-CAS.jar library into C:\Alfresco\tomcat\webapps\share\WEB-INF\lib folder

12.   Copy web.xml file into C:\Alfresco\tomcat\webapps\share\WEB-INFmake sure CAS code same with below configurations :

<!-- Adding CAS Authentication filters -->

   <filter>

      <filter-name>CAS Authentication Filter</filter-name>

      <filter-class>org.jasig.cas.client.authentication.AuthenticationFilter</filter-class>

      <init-param>

         <param-name>casServerLoginUrl</param-name>

          <param-value>https://cas.softbless.local:443/login</param-value>

      </init-param>

      <init-param>

         <param-name>serverName</param-name>

         <param-value>https://alfresco.local:9443</param-value>

      </init-param>

   </filter>

   <filter>

      <filter-name>CAS Validation Filter</filter-name>

      <filter-class>org.jasig.cas.client.validation.Cas20ProxyReceivingTicketValidationFilter</filter-class>

      <init-param>

         <param-name>casServerUrlPrefix</param-name>

          <param-value>https://cas.softbless.local:443</param-value>

      </init-param>

      <init-param>

         <param-name>serverName</param-name>

         <param-value>https://alfresco.local:9443</param-value>

      </init-param>

      <init-param>

         <param-name>allowAnyProxy</param-name>

         <param-value>true</param-value>

      </init-param>

      <init-param>

         <param-name>proxyCallbackUrl</param-name>

         <param-value>https://alfresco.local:9443/share/proxyCallback</param-value>

      </init-param>

      <init-param>

         <param-name>proxyReceptorUrl</param-name>

         <param-value>/proxyCallback</param-value>

      </init-param>

   </filter>

   <filter>

      <filter-name>Alfresco CAS Authentication Filter</filter-name>

      <filter-class>org.mycompany.cms.authentication.CasAuthenticationFilter</filter-class>

   </filter>

   <!-- End adding CAS authentication filters -->

13.   Now you can access Alfresco used Internet Explorer http://alfresco.local:8080/share, it will redirect to CAS form login.

Reference:

configuring-alfresco-for-sso-with-cas | ecmstuff.blogspot.com

Web-SSO between Liferay and Alfresco with CAS and Penrose (part 2/2) | holisticsecurity.wordpress.com

cas-sso-for-alfresco-33-and-share | akselsarchitecture.blogspot.com

SSO between Share and Alfresco | blog.atolcd.com

By
, , , , , ,
Read More...

20 Jan

New Features in Alfresco Ver.4.2a

In the second week of October 2012, Alfresco launched the new Alfresco Community Edition, Alfresco 4.2a. Some new features available in Alfresco 4.2a, which are:

1. Multi-File zip file processing and quick sharing
This feature will help the user use “share” command and sharing their file which are being preview. In this process, this feature will create a short link to sharing files automatically. The users are also used multiple selection of their file to process downloading. This process also supported by single zipped package.

2. Enhancing in Share Dashlets
Some new features in this facility are improvement in liquid layouts which are more attractive, illustration of selection file address in image subcategory, and improvement in lightbox facility layout.

Dashlets New Layout
Dashlets New Layout
A New Dashlets Tasks:
A new task in dashlets “filter all” previously, now in Alfresco 4.2a, this tasks is dived into two categories, “active” and “completed” category. Additional task is adding the number of page.

Editing the content:
Instead of filtering task, there is dashlet conversion feature. These features will split loading process, in order to increase displaying speed of dashboard initial process.

3. Better integration to google docs
Now the user in Alfresco 4.2a are able to create and edit their google docs document in google docs service, easier and better integrated. The user will used directly this system in real time and user activity in google docs will be recorded.

4. Springsurf 1.2
This feature will help the user clearing their internet cache. The user no needs to clear their recorded activity after they have internet browsing (using “clear internet cache”). Alfresco 4.2a users directly get this feature when they have installed this new Alfresco edition. Therefore, the user no needs to busy clearing internet temporary cache regularly.

In addition, this feature is also help the user saving their drive resources more capacity in their hardware. Some files are recorded as temporary files in their hardware when they perform browsing the internet, a great way of saving resources reducing.

Furthermore, having RemoteClient feature configuration, some complete configuration are able to perform. Some of these complete configurations are: timeouts, buffer sizes, setting on http proxy, tcp configuration, setting on white/black list of unsecure HTML when editing wiki page, and inline preview of html. 

5. The new dashboard dashlets
Site searching:
This site searching feature of dashlets allows the user to find fts-Alfersco search and directly can see a previewing page in the result of site searching. The users are also able to configure previewing only related sites. The picture below is a preview of the result site searching features

Dashlets of Site Search

Dashlets of Site Search

Search collection:
This feature is similar to site search, however query in this features of saved search previously only addressed to site manager. Only site manager is able to access this dashlet control panel. Where, filtering process which only able performs by site manager, support in report organizing. Therefore, fts-alfresco search syntax is fully supported the user, especially to site manager. Dashlets title is also changed into specific title from control panel, and then the user will easily recognize what dashlet is reporting on.


Sample preview of saved search feature
Sample preview of saved search feature

My Discussion:
Dashlet dashboard is also able to display recent posting in the forum. Consequently, the user will able to discuss, create, and reply the posting quickly. 

My Discussion dashlets
My Discussion dashlets

6. More variations in media galley or document library
The earlier version of image preview for gallery view features, now available in document preview for document library. This new feature is more interesting and attractive. This new view is support standard feature for document library, such as multi file selection, uploading process by drag and drop technique, and also additional new feature, which is setting on document size view directly, thus the view is dynamically view, especially in image size changing view in document library. 


Preview of Media Gallery
Preview of Media Gallery

7. Desktop dropbox synchronization or your enterprises
Alfresco is not only release their new feature for community user, but also release Desktop Sync Client in Alfresco Community 4.2a, Alfresco Enterprise or Alfresco cloud. Configuration in dropbox service will be easily recognized by Alfresco user, mainly the new feature of Alfresco Desktop Sync. 
By
, ,
Read More...

19 Jan

Indonesian Language Pack for Alfresco 4.0D

Softbless has released Indonesian Language Pack for Enterprise Content Management solution: Alfresco version 4.0D. 
To download and try it, access: https://www.softbless.com/public-downloads/Alfresco-4.0D-Language-pack-Bahasa-Indonesia-Softbless.zip
In the zip file, there is also a manual for installation and usage.
If you find bugs or want to contribute to this translation, please contact us at info@softbless.com.
By
, , , ,
Read More...

07 August 2025   By    Alfresco, Alfresco Tutorial in Indonesian Language, Alfresco Tutorial Video Indonesian Language, CAS (EN), Document Management, Enterprise Content Management System, Video Tutorial Alfresco