• Skip to primary navigation
  • Skip to main content
  • Skip to primary sidebar
  • Skip to footer
TSB Alfresco Cobrand White tagline

Technology Services Group

  • Home
  • Products
    • Alfresco Enterprise Viewer
    • OpenContent Search
    • OpenContent Case
    • OpenContent Forms
    • OpenMigrate
    • OpenContent Web Services
    • OpenCapture
    • OpenOverlay
  • Solutions
    • Alfresco Content Accelerator for Claims Management
      • Claims Demo Series
    • Alfresco Content Accelerator for Policy & Procedure Management
      • Compliance Demo Series
    • OpenContent Accounts Payable
    • OpenContent Contract Management
    • OpenContent Batch Records
    • OpenContent Government
    • OpenContent Corporate Forms
    • OpenContent Construction Management
    • OpenContent Digital Archive
    • OpenContent Human Resources
    • OpenContent Patient Records
  • Platforms
    • Alfresco Consulting
      • Alfresco Case Study – Canadian Museum of Human Rights
      • Alfresco Case Study – New York Philharmonic
      • Alfresco Case Study – New York Property Insurance Underwriting Association
      • Alfresco Case Study – American Society for Clinical Pathology
      • Alfresco Case Study – American Association of Insurance Services
      • Alfresco Case Study – United Cerebral Palsy
    • HBase
    • DynamoDB
    • OpenText & Documentum Consulting
      • Upgrades – A Well Documented Approach
      • Life Science Solutions
        • Life Sciences Project Sampling
    • Veeva Consulting
    • Ephesoft
    • Workshare
  • Case Studies
    • White Papers
    • 11 Billion Document Migration
    • Learning Zone
    • Digital Asset Collection – Canadian Museum of Human Rights
    • Digital Archive and Retrieval – ASCP
    • Digital Archives – New York Philharmonic
    • Insurance Claim Processing – New York Property Insurance
    • Policy Forms Management with Machine Learning – AAIS
    • Liferay and Alfresco Portal – United Cerebral Palsy of Greater Chicago
  • About
    • Contact Us
  • Blog

Alfresco Office Services with Single Sign-On

You are here: Home / Alfresco / Alfresco Office Services with Single Sign-On

December 11, 2015

We were recently involved with helping a new client install and configure Alfresco. Part of the configuration included integration with the client’s existing single sign-on software. This post will describe some of the hurdles and lessons learned with getting Alfresco Office Services (AOS) working in their environment.

Alfresco supports many authentication methods, including LDAP, NTLM, and Kerberos. These methods can be chained together to offer a variety of authentication options for the various components of Alfresco.

Often our clients want to integrate Alfresco with existing single sign-on (SSO) software that they already have in place. Alfresco and Share can handle this easily by configuring the external authentication subsystem. This subsystem allows authentication credentials to be securely passed to Alfresco via HTTP headers, which is standard for many web applications. Configuration instructions for Alfresco can be found here and additional instructions for Share can be found here.

External authentication worked great for the client until users tried to utilize the “Edit Online” feature in Alfresco Share. This feature is part of Alfresco Office Services (AOS), which can be optionally installed with repository. The problem was that when the “Edit Online” action was clicked, the Microsoft Office application opened as expected, but instead of opening the document for editing, it opened an HTML rendering of the client’s SSO login screen.

As it turns out, external authentication is NOT supported with AOS, but this information was inadvertently omitted from the Alfresco 5 documentation and has since been added back. You can see the documentation here.

To work around this limitation, the client decided to add an additional authentication method to the authentication chain to handle authentication for AOS. Because they’re already using LDAP for user and group synchronization, they chose to use LDAP authentication. The final step was to update the web server configuration (Apache HTTPD in this case) to exclude the AOS URL patterns from our SSO configuration. The AOS URL patterns can be found here.

After making these changes, when a user clicks Edit Online, they are prompted for their username and password, which is authenticated against LDAP. Unfortunately their SSO credentials cannot be used, but users can save their credentials so that they don’t have to reenter them every time they use the Edit Online feature. While a compromise was necessary, users are glad to be able to use the feature.

 

Filed Under: Alfresco Tagged With: Alfresco, Alfresco Office Services, Single Sign On

Reader Interactions

Leave a Reply Cancel reply

This site uses Akismet to reduce spam. Learn how your comment data is processed.

Primary Sidebar

Search

Related Posts

  • Microsoft Teams integration and the Alfresco Enterprise Viewer for Document Review
  • Redaction – a focus on efficiency with Alfresco Enterprise Viewer
  • Zoom integration and the Alfresco Enterprise Viewer for Document Review
  • Alfresco Enterprise Viewer – Offline Annotation for Efficient Review
  • Do More with Alfresco – Speed and Secure Viewing
  • Alfresco – Do More with OpenAnnotate
  • AWS & Alfresco – AAIS Case Study – Insurance Policy Management and Machine Learning
  • Migrating to Alfresco – Reducing Risk, Stress and Cost with a Rolling Migration
  • Alfresco Consulting – Do you really need it?
  • Redactions in Alfresco 6 – Integrating OpenRedact with Alfresco Application Development Framework (ADF)

Recent Posts

  • Alfresco Content Accelerator and Alfresco Enterprise Viewer – Improving User Collaboration Efficiency
  • Alfresco Content Accelerator – Document Notification Distribution Lists
  • Alfresco Webinar – Productivity Anywhere: How modern claim and policy document processing can help the new work-from-home normal succeed
  • Alfresco – Viewing Annotations on Versions
  • Alfresco Content Accelerator – Collaboration Enhancements
stacks-of-paper

11 BILLION DOCUMENT
BENCHMARK
OVERVIEW

Learn how TSG was able to leverage DynamoDB, S3, ElasticSearch & AWS to successfully migrate 11 Billion documents.

Download White Paper

Footer

Search

Contact

22 West Washington St
5th Floor
Chicago, IL 60602

inquiry@tsgrp.com

312.372.7777

Copyright © 2023 · Technology Services Group, Inc. · Log in

This website uses cookies to improve your experience. Please accept this site's cookies, but you can opt-out if you wish. Privacy Policy ACCEPT | Cookie settings
Privacy & Cookies Policy

Privacy Overview

This website uses cookies to improve your experience while you navigate through the website. Out of these cookies, the cookies that are categorized as necessary are stored on your browser as they are essential for the working of basic functionalities of the website. We also use third-party cookies that help us analyze and understand how you use this website. These cookies will be stored in your browser only with your consent. You also have the option to opt-out of these cookies. But opting out of some of these cookies may have an effect on your browsing experience.
Necessary
Always Enabled
Necessary cookies are absolutely essential for the website to function properly. This category only includes cookies that ensures basic functionalities and security features of the website. These cookies do not store any personal information.
Non-necessary
Any cookies that may not be particularly necessary for the website to function and is used specifically to collect user personal data via analytics, ads, other embedded contents are termed as non-necessary cookies. It is mandatory to procure user consent prior to running these cookies on your website.
SAVE & ACCEPT