Multi-tenancy authentication error - integration with LibreOffice-Online

cancel
Showing results for 
Search instead for 
Did you mean: 
fastdev
Member II

Multi-tenancy authentication error - integration with LibreOffice-Online

Hi,

I'm using Alfresco Community - 5.2.0 with an AMP module (WOPI host capabilities to Alfresco) to integrate with LibreOffice-Online.

The requests from LibreOffice-Online are using an access_token and when alfresco multi-tenancy is activated and  I tried to perform the requests, alfresco return this exception:

alfresco_1_3bb94ade36e7 | 2018-12-20 17:12:46,580 ERROR [extensions.webscripts.AbstractRuntime] [http-apr-8080-exec-4] Exception from executeScript: 11200006 Authorization 'Bearer' not supported.
alfresco_1_3bb94ade36e7 | org.springframework.extensions.webscripts.WebScriptException: 11200006 Authorization 'Bearer' not supported.
alfresco_1_3bb94ade36e7 | at org.alfresco.repo.web.scripts.servlet.BasicHttpAuthenticatorFactory$BasicHttpAuthenticator.authenticate(BasicHttpAuthenticatorFactory.java:200)
alfresco_1_3bb94ade36e7 | at org.alfresco.repo.web.scripts.servlet.RemoteUserAuthenticatorFactory$RemoteUserAuthenticator.authenticate(RemoteUserAuthenticatorFactory.java:140)
alfresco_1_3bb94ade36e7 | at org.alfresco.repo.web.scripts.RepositoryContainer.authenticate(RepositoryContainer.java:721)
alfresco_1_3bb94ade36e7 | at org.springframework.extensions.webscripts.AbstractRuntime.executeScript(AbstractRuntime.java:157)
alfresco_1_3bb94ade36e7 | at org.springframework.extensions.webscripts.servlet.WebScriptServlet.service(WebScriptServlet.java:132)
alfresco_1_3bb94ade36e7 | at javax.servlet.http.HttpServlet.service(HttpServlet.java:727)
alfresco_1_3bb94ade36e7 | at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:303)
alfresco_1_3bb94ade36e7 | at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:208)
alfresco_1_3bb94ade36e7 | at org.apache.tomcat.websocket.server.WsFilter.doFilter(WsFilter.java:52)
alfresco_1_3bb94ade36e7 | at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:241)
alfresco_1_3bb94ade36e7 | at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:208)
alfresco_1_3bb94ade36e7 | at org.alfresco.module.aosmodule.service.ContextRootFilter.doFilter(ContextRootFilter.java:93)
alfresco_1_3bb94ade36e7 | at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:241)
alfresco_1_3bb94ade36e7 | at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:208)
alfresco_1_3bb94ade36e7 | at org.alfresco.web.app.servlet.GlobalLocalizationFilter.doFilter(GlobalLocalizationFilter.java:68)
alfresco_1_3bb94ade36e7 | at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:241)
alfresco_1_3bb94ade36e7 | at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:208)
alfresco_1_3bb94ade36e7 | at org.apache.catalina.core.StandardWrapperValve.invoke(StandardWrapperValve.java:220)
alfresco_1_3bb94ade36e7 | at org.apache.catalina.core.StandardContextValve.invoke(StandardContextValve.java:122)
alfresco_1_3bb94ade36e7 | at org.apache.catalina.authenticator.AuthenticatorBase.invoke(AuthenticatorBase.java:504)
alfresco_1_3bb94ade36e7 | at org.apache.catalina.core.StandardHostValve.invoke(StandardHostValve.java:170)
alfresco_1_3bb94ade36e7 | at org.apache.catalina.valves.ErrorReportValve.invoke(ErrorReportValve.java:103)
alfresco_1_3bb94ade36e7 | at org.apache.catalina.valves.AccessLogValve.invoke(AccessLogValve.java:950)
alfresco_1_3bb94ade36e7 | at org.apache.catalina.core.StandardEngineValve.invoke(StandardEngineValve.java:116)
alfresco_1_3bb94ade36e7 | at org.apache.catalina.connector.CoyoteAdapter.service(CoyoteAdapter.java:421)
alfresco_1_3bb94ade36e7 | at org.apache.coyote.http11.AbstractHttp11Processor.process(AbstractHttp11Processor.java:1074)
alfresco_1_3bb94ade36e7 | at org.apache.coyote.AbstractProtocol$AbstractConnectionHandler.process(AbstractProtocol.java:611)
alfresco_1_3bb94ade36e7 | at org.apache.tomcat.util.net.AprEndpoint$SocketProcessor.doRun(AprEndpoint.java:2466)
alfresco_1_3bb94ade36e7 | at org.apache.tomcat.util.net.AprEndpoint$SocketProcessor.run(AprEndpoint.java:2455)
alfresco_1_3bb94ade36e7 | at java.util.concurrent.ThreadPoolExecutor.runWorker(ThreadPoolExecutor.java:1142)
alfresco_1_3bb94ade36e7 | at java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:617)
alfresco_1_3bb94ade36e7 | at org.apache.tomcat.util.threads.TaskThread$WrappingRunnable.run(TaskThread.java:61)
alfresco_1_3bb94ade36e7 | at java.lang.Thread.run(Thread.java:745)

If multi-tenancy is not activated works well and the file is returned - no exception returned.

Anyone know how can I fix this? 

Thanks

2 Replies
afaust
Master

Re: Multi-tenancy authentication error - integration with LibreOffice-Online

There are various features that are not fully supported in multi tenancy configuration. To my knowledge, this also affects some of the authentication variants. From your stacktrace it seems that whatever OAuth2 component you were using in single tenancy mode has been replaced with Basic HTTP support in multi tenancy.

If you could provide your alfresco-global.properties (with necessary removal of sensitive data) and also other details about the authentication setup not visible in the configuration, we could potentially help with more details...

fastdev
Member II

Re: Multi-tenancy authentication error - integration with LibreOffice-Online

Axel Faust

alfresco-global.properties:


###############################
## Common Alfresco Properties #
###############################

dir.root=/opt/alfresco/alf_data

alfresco.context=alfresco
alfresco.host=127.0.0.1
alfresco.port=8443
alfresco.protocol=https

share.context=share
share.host=127.0.0.1
share.port=8443
share.protocol=https

### database connection properties ###
db.driver=org.postgresql.Driver
db.username=*****
db.password=*****
db.name=alfresco
db.url=jdbcSmiley Tongueostgresql://db:5432/alfresco
# Note: your database must also be able to accept at least this many connections. Please see your database documentation for instructions on how to configure this.
db.pool.max=275
db.pool.validate.query=SELECT 1

# The server mode. Set value here
# UNKNOWN | TEST | BACKUP | PRODUCTION
system.serverMode=PRODUCTION

### FTP Server Configuration ###
ftp.port=21

### RMI registry port for JMX ###
alfresco.rmi.services.port=50500

### External executable locations ###
ooo.exe=/opt/alfresco/libreoffice/program/soffice.bin
ooo.enabled=true
ooo.port=8100
img.root=/opt/alfresco/common
img.dyn=${img.root}/lib
img.exe=${img.root}/bin/convert

jodconverter.enabled=false
jodconverter.officeHome=/opt/alfresco/libreoffice
jodconverter.portNumbers=8100

### Initial admin password ###
alfresco_user_store.adminpassword=*******************

### E-mail site invitation setting ###
notification.email.siteinvite=false

### License location ###
dir.license.external=/opt/alfresco

### Solr indexing ###
index.subsystem.name=solr4
dir.keystore=${dir.root}/keystore
solr.host=localhost
solr.port.ssl=8443

### Allow extended ResultSet processing
security.anyDenyDenies=false

### Smart Folders Config Properties ###
smart.folders.enabled=false

### Remote JMX (Default: disabled) ###
alfresco.jmx.connector.enabled=falsemail.host=localhost
mail.port=25
mail.from.default=*****
mail.protocol=smtp
mail.smtp.auth=false
mail.smtp.starttls.enable=false
mail.smtps.auth=false
mail.smtps.starttls.enable=false
cifs.enabled=true
cifs.Server.Name=localhost
cifs.domain=WORKGROUP
cifs.hostannounce=true
cifs.broadcast=0.0.0.255
cifs.ipv6.enabled=false

nfs.enabled=true

authentication.chain=alfinst:alfrescoNtlm

dir.contentstore=/content/contentstore
dir.contentstore.deleted=/content/contentstore.deleted

#Wopi
lool.wopi.url=http://libreoffice.docker.localhost
lool.wopi.url.discovery=http://libreoffice.docker.localhost/hosting/discovery
lool.wopi.alfresco.host=http://docker.localhost/alfresco

LibreOffice-Online add a "Bearer token" to use in the protocol calls like PutFile, GetFile or CheckFileInfo. 

This is the repo module that was installed in Alfresco: 

GitHub - ArawaFr/libreoffice-online-repo: LibreOffice Online module for Alfresco repository