Search icon Close icon
Search icon
Subscription
0
Cart icon
Close icon
You have no products in your basket yet
Arrow left icon
All Products
Best Sellers
New Releases
Books
Videos
Audiobooks
Learning Hub
Newsletters
Free Learning
Arrow right icon
Alfresco One 5.x Developer???s Guide - Second Edition

You're reading from  Alfresco One 5.x Developer???s Guide - Second Edition

Product type Book
Published in Feb 2017
Publisher Packt
ISBN-13 9781787128163
Pages 528 pages
Edition 2nd Edition
Languages
Concepts
Authors (2):
Benjamin Chevallereau Benjamin Chevallereau
Profile icon Benjamin Chevallereau
LinkedIn
Benjamin Chevallereau is a French software architect, based in London, who has been working on Alfresco projects for the last 8 years and Ephesoft projects for the last 3 years. He implemented solutions for small companies and global organizations in different domains such as transport, finance, and government. He has worked for different Alfresco-recognized partners in France, the UK, and USA, including Armedia LLC, Zaizi, Michelin / Wipro, and BlueXML. He is also one of the committers and PMC members of the Apache CMIS Chemistry project.
See other products by Benjamin Chevallereau
Jeff Potts Jeff Potts
Profile icon Jeff Potts
LinkedIn
Jeff Potts is the founder of Metaversant Group, Inc., a consulting firm focused on content management, search, and workflow. Jeff brings over 20 years of Enterprise Content Management implementation experience to organizations of all sizes including the Fortune 500. Throughout his consulting career he has worked on a number of projects for clients across the media and entertainment, airline, consumer packaged goods, and retail sectors. Jeff began working with and blogging about Alfresco in November of 2005. In 2006 and 2007, he published a series of Alfresco tutorials and published them on his blog, ecmarchitect.com. That work, together with other Community activity in Alfresco's forum, Wiki site, and JIRA earned him Alfresco's 2007 Community Contributor of the Year Award. In the past, Mr. Potts has worked for Alfresco Software, Inc. as Chief Community Officer, Optaros as Senior Practice Director, and Hitachi Consulting as Vice President where he ran the ECM practice.
See other products by Jeff Potts
View More author details

Table of Contents (17) Chapters

Alfresco One 5.x Developer’s Guide - Second Edition
Credits
About the Authors
About the Reviewer
www.PacktPub.com
Customer Feedback
Preface
1. The Alfresco Platform 2. Getting Started with Alfresco 3. Working with Content Models 4. Handling Content Automatically with Actions, Behaviors, Transformers, and Extractors 5. Customizing Alfresco Share 6. Creating an Angular Application 7. Exposing Content through a RESTful API with Web Scripts 8. Advanced Workflow 9. Amazing Extensions 10. Security

Chapter 10. Security

This chapter is all about security from both an authentication and an authorization perspective. By the end of this chapter, you'll know how to configure Alfresco to authenticate against LDAP, how to set up Single Sign-On (SSO), and how to work with Alfresco's security services. Specifically, you are going to learn how to:

  • Install a basic OpenLDAP implementation

  • Configure Alfresco to authenticate against LDAP, including "chaining" LDAP with Alfresco authentication

  • Configure LDAP synchronization

  • Install and configure a popular open source SSO solution from JA-SIG called CAS

  • Establish SSO between Alfresco and two of Tomcat's sample servlets

  • Create users and groups with the Alfresco API

  • Understand the out-of-the-box permissions

  • Define a custom permission group or role, which you will then leverage to refactor how the SomeCo Web Enable/Disable links work

Authenticating and synchronizing with LDAP

Most production Alfresco implementations use something other than Alfresco to authenticate. That's because many enterprises already have a central user directory, and it makes a lot of sense to have Alfresco take advantage of that. There are almost as many different approaches to authentication as there are applications. Microsoft shops will often run NTLM or Kerberos authentication, both of which are supported by Alfresco. Most of the time, though, companies store users in one or more LDAP directories and then configure applications to authenticate against those directories.

In this chapter, the directions refer to OpenLDAP. There are other open source LDAP servers available such as Fedora Directory Server and Apache Directory. Proprietary directory servers also work with Alfresco. The most common one is Microsoft Active Directory, but others such as Sun ONE Directory Server and Novell eDirectory are known to work with Alfresco as well.

Step-by-step...

Setting up Single Sign-On (SSO)

If multiple applications in the enterprise use the same LDAP server to authenticate, why force your users to re-enter the same username and password just because they are moving from one application to another? The answer, as usual, is time and money. However, implementing a Single Sign-On (SSO) solution and configuring Alfresco to leverage it may be easier than you think.

There are many SSO providers available and specific implementations can vary dramatically from company to company. In the next exercise, you'll install an open source SSO server called CAS from JA-SIG, and then configure Alfresco to use it. This should give you just enough of a taste of SSO to determine if it makes sense in your organization and what might be involved for a full production rollout, whether using CAS or some other SSO package.

Step-by-step - implementing SSO

This exercise involves downloading, installing, and configuring a base install of CAS, then installing and configuring...

Working with security services

The first part of this chapter was about authentication, or knowing who the user is. This section is about authorization, which is about specifying what the user can do once he/she is authenticated. First, you'll see how to secure the admin user and give additional users admin rights. Then you'll learn how to use Alfresco's security services classes to create users and groups with the API. And finally, you'll see how to declare your own custom permission groups when the out-of-the-box permission groups don't meet your needs.

Securing the admin user

As you and everyone else in the world knows, the default password for Alfresco's admin account is admin. If you use the installer, it will prompt you for a password. If you are using Alfresco for authentication (and even if you aren't), you should change the password for the admin user after you set up your Alfresco instance. If you use LDAP or some other source for authentication and create an entry in the directory...

Summary

When you started out the chapter, you had an Alfresco server that only knew about the users stored in its repository. By now, your server is not only authenticating against an external LDAP directory, but can also share a session with other web applications through the magic of Single Sign-On (SSO).

You saw some sample code for working with three of Alfresco's security services classes (AuthenticationService, AuthorityService, and PersonService) and also learned where Alfresco keeps its permission definitions (and how to extend them).

Specifically, you learned how to:

  • Install a basic OpenLDAP implementation

  • Configure Alfresco to authenticate against LDAP, including "chaining" LDAP with Alfresco authentication

  • Configure LDAP synchronization

  • Install and configure a popular open source SSO solution from JA-SIG called CAS

  • Establish SSO between Alfresco and two of Tomcat's sample servlets

  • Create users and groups with the Alfresco API

  • Understand the out-of-the-box permissions

  • Define a custom permission...

lock icon The rest of the chapter is locked
arrow left Previous Chapter
Chapter 1 of 17
You have been reading a chapter from
Alfresco One 5.x Developer???s Guide - Second Edition
Published in: Feb 2017 Publisher: Packt ISBN-13: 9781787128163
© 2017 Packt Publishing Limited All Rights Reserved
Register for a free Packt account to unlock a world of extra content!
A free Packt account unlocks extra newsletters, articles, discounted offers, and much more. Start advancing your knowledge today.
Sign up now
Unlock this book and the full library FREE for 7 days
Get unlimited access to 7000+ expert-authored eBooks and videos courses covering every tech area you can think of
Start free trial
Renews at $15.99/month. Cancel anytime}

Authors (2)

Left arrow icon
Profile icon Benjamin Chevallereau
LinkedIn
Benjamin Chevallereau is a French software architect, based in London, who has been working on Alfresco projects for the last 8 years and Ephesoft projects for the last 3 years. He implemented solutions for small companies and global organizations in different domains such as transport, finance, and government. He has worked for different Alfresco-recognized partners in France, the UK, and USA, including Armedia LLC, Zaizi, Michelin / Wipro, and BlueXML. He is also one of the committers and PMC members of the Apache CMIS Chemistry project.
See other products by Benjamin Chevallereau
Profile icon Jeff Potts
LinkedIn
Jeff Potts is the founder of Metaversant Group, Inc., a consulting firm focused on content management, search, and workflow. Jeff brings over 20 years of Enterprise Content Management implementation experience to organizations of all sizes including the Fortune 500. Throughout his consulting career he has worked on a number of projects for clients across the media and entertainment, airline, consumer packaged goods, and retail sectors. Jeff began working with and blogging about Alfresco in November of 2005. In 2006 and 2007, he published a series of Alfresco tutorials and published them on his blog, ecmarchitect.com. That work, together with other Community activity in Alfresco's forum, Wiki site, and JIRA earned him Alfresco's 2007 Community Contributor of the Year Award. In the past, Mr. Potts has worked for Alfresco Software, Inc. as Chief Community Officer, Optaros as Senior Practice Director, and Hitachi Consulting as Vice President where he ran the ECM practice.
Read more
See other products by Jeff Potts
Right arrow icon

Personalised recommendations for you

Based on your interests and search pattern
Left arrow icon
Modernizing Drupal 10 Theme Development
Modernizing Drupal 10 Theme Development
Modernizing Drupal 10 Theme Development covers everything a frontend developer or a Drupal developer needs to know about the Drupal 10 theme layer. Using real-world examples, this book will help you to build up from an empty theme to a fast, responsive, maintainable, and accessible Drupal website in both monolithic and decoupled ways.
Aug 2023 12 hours 0 minutes
Full Stack Development with Spring Boot 3 and React
Full Stack Development with Spring Boot 3 and React
Full Stack Development with Spring Boot 3 and React contains a wealth of practical guidance for picking up full stack development. The step-by-step exploration of everything from dependency injection, ORM with Hibernate, and JWTs to RESTful APIs, UI styling, and TypeScript will help you to develop the Spring Boot and React skills you need.
Oct 2023 15 hours 8 minutes
Modern API Development with Spring 6 and Spring Boot 3
Modern API Development with Spring 6 and Spring Boot 3
This practical guide teaches inexperienced Java programmers and web developers how to design, develop, test, and deploy highly scalable and maintainable APIs using REST, gRPC, GraphQL, and reactive programming paradigms with Java and Spring Boot. Complete with real-world examples, it will guide you to build enterprise-level APIs and services.
Sep 2023 16 hours 28 minutes
Hands-On Web Scraping with Python
Hands-On Web Scraping with Python
This book guides you to discover and extract quality data from the web using Python libraries such as requests, lxml, pyquery, scrapy, and to use effective scraping techniques. It’ll help you master the fundamentals and advanced concepts of web scraping and apply your skills to real-world data extraction tasks, with analysis and visualization.
Oct 2023 10 hours 48 minutes
Mastering Blazor WebAssembly
Mastering Blazor WebAssembly
Mastering Blazor WebAssembly is a comprehensive, practical guide that’ll help you to develop advanced web applications. By combining real-world experience with the thorough knowledge needed to build Blazor apps in a masterful fashion, this book enables you to efficiently manage cross-platform mobile development with .NET MAUI and Blazor.
Aug 2023 12 hours 20 minutes
Mastering Blazor WebAssembly
Mastering Blazor WebAssembly
Mastering Blazor WebAssembly is a comprehensive, practical guide that’ll help you to develop advanced web applications. By combining real-world experience with the thorough knowledge needed to build Blazor apps in a masterful fashion, this book enables you to efficiently manage cross-platform mobile development with .NET MAUI and Blazor.
Aug 2023 12 hours 20 minutes
Full Stack Web Development with Remix
Full Stack Web Development with Remix
Unlock the power of the web platform and cutting-edge technologies for your React applications using Remix to take advantage of the full stack to create a great user experience. This book is a complete resource covering the conventions, levers, and primitives of Remix and illustrates concepts through a real-world project.
Nov 2023 10 hours 36 minutes
Real-World Svelte
Real-World Svelte
This book is a must-have guide to unlocking Svelte's true potential. You’ll learn about advanced component development, efficient coding, and powerful UI patterns using actions. With a focus on state management, custom stores, and renderless components, this book equips you to build exceptional web apps with lightning-fast performance.
Dec 2023 9 hours 24 minutes
Building Micro Frontends with React 18
Building Micro Frontends with React 18
This book is a step-by-step guide to building production-grade, highly scalable, and performant web apps using multi-SPA and micro apps patterns, where you’ll learn to deal with complexities related to micro frontends. The book is a full life cycle guide to building, deploying, and managing micro frontends in a cloud-native environment.
Oct 2023 7 hours 16 minutes
Drupal 10 Masterclass
Drupal 10 Masterclass
This all-in-one guide helps you get up and running with building Drupal applications using the latest Drupal 10 features. You’ll develop a complete practical understanding of Drupal frontend, backend, architecture, content management, themes, and modules to deliver a rich user experience by creating custom Drupal apps.
Dec 2023 10 hours 20 minutes
Full-Stack Flask and React
Full-Stack Flask and React
This book teaches you how to build simple yet efficient production-ready web applications. Starting with an introduction to React, this book will equip you with deeper knowledge of Flask and React technology stacks to undertake web application development with confidence.
Oct 2023 13 hours 36 minutes
Full-Stack Flask and React
Full-Stack Flask and React
This book teaches you how to build simple yet efficient production-ready web applications. Starting with an introduction to React, this book will equip you with deeper knowledge of Flask and React technology stacks to undertake web application development with confidence.
Oct 2023 13 hours 36 minutes
Right arrow icon