Using this API, I can get the token to do some stuff:
https://mydomain/alfresco/service/api/login?u=myusername&pw=mypassword
But when I go to my Alfresco, I still be prompt for login:
I need a way (iframe cannot since cross domain) to auto login into my Alfresco. My web apps has a download button for files (stored in Alfresco) using this URL:
https://mydomain/share/proxy/alfresco/slingshot/node/content/workspace/SpacesStore/9684c587-d068-4af...
Without a live session, the download URL will return 401. This is the main reason why I need the session to be alived.
I've also tried this but fail (I got the idea when inspecting Alfresco login). I got error "Something's wrong with this page..."
<form action="https://mydomain/share/page/dologin" method="post">
<input type="text" name="username" value="myusername">
<input type="text" name="password" value="mypassword">
<input type="text" name="success" value="/share/page/">
<input type="text" name="failure" value="/share/page/?error=true">
</form>
These also give fail result:
https://mydomain/share/proxy/alfresco/slingshot/node/content/workspace/SpacesStore/9684c587-d068-4af...ticket=TICKET_587d4559521fcb37846f580c24529a3e81bc1f55
https://mydomain/share/proxy/alfresco/slingshot/node/content/workspace/SpacesStore/9684c587-d068-4af...alf_ticket=TICKET_587d4559521fcb37846f580c24529a3e81bc1f55
Solved! Go to Solution.
If you have obtained a ticket from /alfresco you can use other ReST APIs on /alfresco to interact with the content of the system using the ticket as your authentication token. You can also use the ticket via CMIS using the special user name "ROLE_TICKET" and the ticket as the password.
You cannot use tickets obtained from /alfresco to authenticate against /share. Alfresco Share does by default not support ticket based authentication.
If you need some form of auto-login, you should look into setting up external authentication via CAS or similar.
Thank you for your clarification. Actually I'm trying to avoid that route (CAS, SSO, LDAP) but it seems I have no other option
BTW, you did say "cannot use tickets obtained from /alfresco to authenticate against /share". Does this means, beside "share", I can put content into normal Alfresco so that I can get it using ticket?
If you have obtained a ticket from /alfresco you can use other ReST APIs on /alfresco to interact with the content of the system using the ticket as your authentication token. You can also use the ticket via CMIS using the special user name "ROLE_TICKET" and the ticket as the password.
Sorry sir I'm lost here when you said "ReST APIs on /alfresco". What is this called if its not REST API? It does contain the word "/alfresco"
https://mydomain/share/proxy/alfresco/slingshot/node/content/workspace/SpacesStore
Oh I think I got what you mean. "/alfresco" right after the domain name. Right?
Correct. The /share/proxy/alfresco is just a redirect via the Share application using the Share authentication (which does not support tickets itself).
Ask for and offer help to other Alfresco Content Services Users and members of the Alfresco team.
Related links:
By using this site, you are agreeing to allow us to collect and use cookies as outlined in Alfresco’s Cookie Statement and Terms of Use (and you have a legitimate interest in Alfresco and our products, authorizing us to contact you in such methods). If you are not ok with these terms, please do not use this website.