Security Provider
This section is deprecated as of version 8.1.12
Developer information for OpenKM authentication through a custom authentication provider (vía patch) and a custom Principal adapter (via plugin).
To learn more about OpenKM authentication providers, please visit Configuring openkm.xml.
To learn more about OpenKM plugins, please visit Register a new plugin.
You can download the application (code-samples.x.x.zip) from OpenKM Download center.
General description
Properties file
You have to modify your openkm.properties file inside the $CATALINA_HOME folder.
These properties have to be added/modified in this way:
| Property | Value |
|---|---|
| okm.authentication.database | false |
| okm.authentication.supervisor | false |
| okm.authentication.ldap | false |
| okm.authentication.config | file:/home/openkm/tomcat-8.5.69/openkm.xml
This is the path to your Tomcat. |
Custom Principal Adapter
You must follow the steps below to configure this component correctly:
Step 1: Download
Download the application from OpenKM Download center.
This will download a zip file containing a Maven project. For more information about Maven: https://maven.apache.org/guides/getting-started/maven-in-five-minutes.html
Step 2: OpenKM configuration
Go to the configuration through the OpenKM administration UI and search for this property principal.adapter and modify its value to com.openkm.plugin.principal.CustomPrincipalAdapter
Step 3: Install the plugin
Once you build the Maven project (security-provider), you must copy security-provider-jar-with-dependencies.jar into the path: $CATALINA_HOME/plugins
You can add or update users and roles by modifying the class com.openkm.security.utils.Users.java
Authentication Provider
You must follow the steps below to configure this component correctly:
Step 1: Download
The application is the same one you downloaded from OpenKM Download center.
Step 2: Install the patch
Once you build the Maven project (security-provider), copy these two classes:
- You have to copy the class com.openkm.security.provider.TestCustomAuthProvider.class from security-provider.jar into the path: $CATALINA_HOME/webapps/openkm/WEB-INF/classes/com/openkm/security/provider
- Copy com.openkm.security.utils.Users.class from security-provider.jar into the path: $CATALINA_HOME/webapps/openkm/WEB-INF/classes/com/openkm/security/utils
If you added or updated users and roles, you also have to modify the class com.openkm.security.provider.TestCustomAuthProvider.java
In addition, you have to configure a patch to preserve those classes across future OpenKM updates. To do this, create a folder called $TOMCAT_HOME/patch. Create a script called prepare.sh with this content:
#!/bin/bash
if [ -f "openkm.war" ]; then
echo "Patching WAR..."
jar uf openkm.war WEB-INF/classes/com/openkm/security/provider/TestCustomAuthProvider.class
jar uf openkm.war WEB-INF/classes/com/openkm/security/utils/Users.class
echo "Done!"
else
echo "Not able to patch file"
fi
Remember to check executable permissions of the prepare.sh script.
Step 3: OpenKM configuration
You need this content in your openkm.xml
<?xml version="1.0" encoding="UTF-8"?>
<beans:beans xmlns:beans="http://www.springframework.org/schema/beans"
xmlns:security="http://www.springframework.org/schema/security"
xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
xsi:schemaLocation="http://www.springframework.org/schema/beans
http://www.springframework.org/schema/beans/spring-beans.xsd
http://www.springframework.org/schema/security
http://www.springframework.org/schema/security/spring-security.xsd">
<!-- Security delegated to classes -->
<security:authentication-manager alias="authenticationManager">
<security:authentication-provider ref="testAuthProvider" />
</security:authentication-manager>
<beans:bean id="testAuthProvider" class="com.openkm.security.provider.TestAuthProvider">
</beans:bean>
</beans:beans>
