Versions Compared

Old Version 6

changes.mady.by.user Fabian Nola

Saved on

compared with

New Version Current

changes.mady.by.user Fabian Seifert

Saved on

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.

...

Note

Please make sure that the issued access token provides the claim "preferred_username" at the authentication server. This is required for authentication against the CMIS interface.

token

If you have decided to use the token authentication you have to configure an .audience and a .discovery.url parameter in the repositoy.cfg.

...

Code Block
<Repo>.authentication.cmis.type                   = token
<Repo>.authentication.cmis.idprovider             = openid
<Repo>.authentication.cmis.openid.audience        = api://cmis
<Repo>.authentication.cmis.openid.discovery.url   = http://localhost:8080/realms/test/.well-known/openid-configuration

basic

The configurations described under token must also be made for basic.

...

Code Block
<Repo>.authentication.cmis.type                   = basic
<Repo>.authentication.cmis.idprovider             = openid
<Repo>.authentication.cmis.openid.audience        = api://cmis
<Repo>.authentication.cmis.openid.discovery.url   = http://localhost:8080/realms/test/.well-known/openid-configuration
<Repo>.authentication.cmis.openid.scope           = openid
<Repo>.authentication.cmis.openid.client          = test
<Repo>.authentication.cmis.openid.clientsecret    = ETOCuq6c7RjEBwVqrGSDJ2LU4pH4iQbC

role mapping

Both variants support the mapping of roles, i.e. mapping the currently three internal role names to the actually used roles names in the auth system.

Code Block
<Repo>.authentication.cmis.openid.roles.admin = tia-cloud.core-fullaccess
<Repo>.authentication.cmis.openid.roles.writer = tia-cloud.core-readwrite
<Repo>.authentication.cmis.openid.roles.reader = tia-cloud.core-readonly