You are here

Authenticating web scripts

You can invoke a web script without first authenticating, that is, without specifying a user name and password as identification. This is rare when interacting with the Alfresco Community Edition server as access to or management of content in the repository is usually restricted to particular people or groups of people.

To support restricted access, a web script can specify its authentication requirements. There are four levels of required authentication:

None
The web script does not require any authentication to be invoked.
Guest
The web script can be invoked by a guest user of the Alfresco Community Edition server.
User
The web script must be invoked by a named user known to the Alfresco Community Edition server.
Admin
The web script must be invoked by a named user who is an administrator of the Alfresco Community Edition server.

An authenticated web script has access to all the services of the Alfresco Community Edition server and thus can perform any operation, although it still adheres to the permissions of the authenticated user.

JSR-168 Authenticator

JSR-168 Authenticator only works if running on the repository tier, and it does not work for web scripts running in the Share tier. Surf has support for JSR-168 portlets built-in.

Sending feedback to the Alfresco documentation team

You don't appear to have JavaScript enabled in your browser. With JavaScript enabled, you can provide feedback to us using our simple form. Here are some instructions on how to enable JavaScript in your web browser.