The framework for supporting Web Scripts provides some configuration points. These are described below.
Alfresco is a secure server requiring authenticated access.
The Web Script framework defers authentication to a plug-in Authenticator. By default, Basic HTTP Authentication is activated. See Web Script Runtimes for information on how to change the authentication mechanism in each runtime.
Other forms of authentication will also be considered:
This authenticator supports HTTP Basic Authentication. The authorisation header must contain either:
username & password
For restricted environments that do not allow the setting of HTTP Request Headers, a ticket may be passed via the URL argument 'alf_ticket' or 'ticket'.
Alfresco Web Client Authentication
This authenticator relies on the authentication mechanism configured into the Alfresco Web Client. If login is required, a redirect to the Alfresco Web Client login page is made.
This authenticator relies on the user name setup by the JSR-168 runtime. It assumes the user has already been authenticated by the Portal. The Alfresco Repository executes in the context of the Portal user.
JSR-168 Authentication with Alfresco Web Client support
This authenticator ensures that the Alfresco Web Client user context is kept in sync with the Portal user. This allows Web Scripts that depend on Alfresco Web Client functionality to be used within the Portal.
Web Scripts framework logging is controlled by the following log4j entry:
HTTP Response Formats
All Web Script URLs support the format argument for specifying the response type.