How can I allow Authorization - Bearer token in alfresco rest requests?

cancel
Showing results for 
Search instead for 
Did you mean: 
fastdev
Member II

How can I allow Authorization - Bearer token in alfresco rest requests?

It's possible to allow Authorization Bearer token in alfresco requests? how can I do that?

When I try to reach any endpoint, ex: curl --header "Authorization: Bearer xxx.xxxx" http://localhost/alfresco/s/... I get this error:

"status" :
         {
            "code" : 401,
            "name" : "Unauthorized",
            "description" : "The request requires HTTP authentication."
         },
         "message" : "05170011 Authorization 'Bearer' not supported.",
         "exception" : "",
         "callstack" : [ ],
         "server" : "Community v6.0.7 (r2ba893dd-b113) schema 10,201",
         "time" : "Jun 17, 2019 1:20:03 PM"

Thanks.

4 Replies
alxgomz
Alfresco Employee

Re: How can I allow Authorization - Bearer token in alfresco rest requests?

Hi T Dias‌,

To me this means your clients requests land on the alfresco servlet container with an HTTP "Authorization" header of type "Bearer".

This type is not recognized by Alfresco out-of-the-box, hence the message.

You may have this authentication type set either by your client or by a reverse proxy in between?

Maybe can you clarify how you installed Alfresco and how is it integrated with other services?

Regards,

fastdev
Member II

Re: How can I allow Authorization - Bearer token in alfresco rest requests?

Hi Alexandre Chapellon,

Thanks for your answer. 

I found that you added a topic about "Collaborative Edition on Alfresco using LibreOffice Online", that is more or less what I'm trying to accomplish.

The problem that I found is that libreoffice add an Authorization header of type bearer in the request send to alfresco.

My environment:

  • dockerized alfresco without alfresco share
  • libreoffice module installed in alfresco
  • alfresco in multi-tenant environment

Any idea about this?

Regards

4535992
Established Member II

Re: How can I allow Authorization - Bearer token in alfresco rest requests?

Have you found a solution?

arjunmony
Active Member II

Re: How can I allow Authorization - Bearer token in alfresco rest requests?

Hello,

Instaed Bearer you should use the alf_ticket param in your curl call. First thing you do is call the login web script to get a ticket.

curl -v "http://localhost:8080/alfresco/service/api/login?u=admin&pw=yourpassword"

Alfresco will respond with something like:

TICKET_e46107058fdd2760441b44481a22e7498e7ddfsf

Now you can take that ticket and append it to your subsequent web script calls.

Then post it to the web script using curl, like this:

curl -v -X POST "http://localhost:8080/alfresco/service/someco/someScript?alf_ticket=TICKET_e46107058fdd2760441b44481a22e7498e7dbf66" -H "Content-Type: application/json" -d @/Users/arjunm/test.json