Security Provider
Developer information for OpenKM authentication thru custom Authentication provider (vía patch) and custom Prinpipal adapter (via plugin).
To learn more about OpenKM authentication providers, please visit Configuring openkm.xml.
To learn more about OpenKM plugins, please visit Register a new plugin.
You can download the application (code-samples.x.x.zip) from OpenKM Download center.
General description
Properties file
You have to modify your called openkm.properties inside $CATALINA_HOME folder.
These properties have to be added/modified in this way:
| Property | Value |
|---|---|
| okm.authentication.database | false |
| okm.authentication.supervisor | false |
| okm.authentication.ldap | false |
| okm.authentication.config | file:/home/openkm/tomcat-8.5.69/openkm.xml
This is the path where is your tomcat. |
Custom Principal Adapter
You must read the following steps in order to configure this piece correctly:
Step 1: Download
Download the application from OpenKM Download center.
This will downlaod a zip file contaning a Maven project. For more information about Maven: https://maven.apache.org/guides/getting-started/maven-in-five-minutes.html
Step 2: OpenKM configuration
Go to the configuration thru the OpenKM administration ui and search by this property principal.adapter and modify its value by com.openkm.plugin.principal.CustomPrincipalAdapter
Step 3: Install the plugin
Once you build the maven project (security-provider), you have to copy security-provider-jar-with-dependencies.jar into the path: $CATALINA_HOME/plugins
You can add/update more users and roles modifying the class com.openkm.security.utils.Users.java
Authentication Provider
You must read the following steps in order to configure this piece correctly:
Step 1: Download
The application is the same you downloaded from OpenKM Download center.
Step 2: Install the patch
Once you build the maven project (security-provider) copy these two classes:
- You have to copy the class com.openkm.security.provider.TestCustomAuthProvider.class from security-provider.jar into the path: $CATALINA_HOME/webapps/openkm/WEB-INF/classes/com/openkm/security/provider
- And copy com.openkm.security.utils.Users.class from security-provider.jar into the path: $CATALINA_HOME/webapps/openkm/WEB-INF/classes/com/openkm/security/utils
If you added/updated more users and roles, you also have to modify that class com.openkm.security.provider.TestCustomAuthProvider.java
In addition, you have to configure a patch to preserve that classes across future OpenKM updates. To do this, create a folder called $TOMCAT_HOME/patch. Create an script called prepare.sh with this content:
#!/bin/bash
if [ -f "openkm.war" ]; then
echo "Patching WAR..."
jar uf openkm.war WEB-INF/classes/com/openkm/security/provider/TestCustomAuthProvider.class
jar uf openkm.war WEB-INF/classes/com/openkm/security/utils/Users.class
echo "Done!"
else
echo "Not able to patch file"
fi
Remember to check executable permissions of the prepare.sh script.
Step 3: OpenKM configuration
You need this content into your openkm.xml
<?xml version="1.0" encoding="UTF-8"?>
<beans:beans xmlns:beans="http://www.springframework.org/schema/beans"
xmlns:security="http://www.springframework.org/schema/security"
xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
xsi:schemaLocation="http://www.springframework.org/schema/beans
http://www.springframework.org/schema/beans/spring-beans.xsd
http://www.springframework.org/schema/security
http://www.springframework.org/schema/security/spring-security.xsd">
<!-- Security delegated to classes -->
<security:authentication-manager alias="authenticationManager">
<security:authentication-provider ref="testAuthProvider" />
</security:authentication-manager>
<beans:bean id="testAuthProvider" class="com.openkm.security.provider.TestAuthProvider">
</beans:bean>
</beans:beans>
