Home/ Questions/Q 3401242
In Process

The Archive Base Latest Questions

Editorial Team
  • 0
Asked: 2026-05-18T04:59:29+00:00

I have been put on to a project using Nuxeo, late in it’s lifecycle

  • 0

I have been put on to a project using Nuxeo, late in it’s lifecycle and need to change a few things before it goes live.

I am having trouble finding out where I need to look to lock down a Nuxeo based application so that a user is redirected to the login page if they are unauthorised and access a restricted page.

Can someone please shoot my some direction on where this sort of logic is kept or defined?

Share

Leave an answer

You must login to add an answer.

Need An Account,

1 Answer

  1. Editorial Team

    This documentation should give you information about how Nuxeo authentication works:
    http://doc.nuxeo.org/5.3/books/nuxeo-book/html/auth-users-groups.html#authentication-framework

    A more direct answer to your question is: by default some URLs are protected (*.faces, .seam, /nxdoc/, /nxpath/*…), if you need to protect your own you should add to your deployment-fragment.xml file the following:

    <filter-mapping>
  <filter-name>NuxeoAuthenticationFilter</filter-name>
  <url-pattern>/mypattern/*</url-pattern>
  <dispatcher>REQUEST</dispatcher>
  <dispatcher>FORWARD</dispatcher>
</filter-mapping>

    And if this kind of URL is bookmarkable (e.g. it holds all the needed information for your application to restore the context), you can declare it as a valid start URL in a contribution to the PluggableAuthenticationService:

    <extension
  target="org.nuxeo.ecm.platform.ui.web.auth.service.PluggableAuthenticationService"
  point="startURL">

  <startURLPattern>
    <patterns>
      <pattern>mypattern/</pattern>
    </patterns>
  </startURLPattern>

</extension>

    If you do so, people who type this URL and are redirected to the login page, will be re-redirected to the original URL after a successful login (instead of home page).

    HTH, even after more than 1 year 😉

    anahide.

    • 0