|Support Status||Full Support|
|Architecture Information||Platform Architecture|
|Description||Authentication is required at various access points into the repository. For
example web scripts, CMIS, CIFS, FTP, WebDAV, and web clients represent access points
where authentication needs to take place. Authentication can be via a ticket, a
username and password pair, or some other mechanism.
The authentication service provides an API to:
Not all implementations will support creating, updating and deleting authentication information.
The authenticated username is used as the key to obtain other security information such as group membership, the details about the person, to record a user as the owner of an object. It is one of the identifiers against which permissions may be assigned.
The authentication service does not provide any details about a user other than authentication.
The authentication service stores authentication information on the calling thread. Application developers should ensure that this information is cleared.
The authentication service brings together three components:
The authentication component supports authentication only. The authentication DAO provides an API to create, delete and update authentication information. The ticket component is resposible for managing and storing tickets that may be obtained after authentication and used in place of authentication.
|Deployment - App Server||Deploy as AMP or Simple Module (JAR) package.|
|Deployment - SDK Project||Use SDK archetypes to produce AMP or Simple Module.|
|Java API||Java API documentation|
// Get service registry ServiceRegistry serviceRegistry = (ServiceRegistry) beanFactory.getBean(ServiceRegistry.SERVICE_REGISTRY); // Get services AuthenticationService authService = (AuthenticationService)serviceRegistry.getAuthenticationService(); PersonService personService = (PersonService)serviceRegistry.getPersonService(); // Get current user NodeRef person = personService.getPerson(authService.getCurrentUserName());