You are here

Configuring SkyVault Share SSO to use NTLM

This section describes how to configure NTLM with SkyVault Share SSO.
SkyVault Share exists as a separate web application to the main SkyVault repository/Explorer WAR file. It can run in the same application server instance on the same machine as the main web application, or it can run on a completely separate application server instance on a different machine. Share uses HTTP(S) to communicate with the configured SkyVault repository.
  1. Locate the following .sample configuration override file:

    <web-extension>\share-config-custom.xml.sample

    Copy and rename the file to:

    <web-extension>\share-config-custom.xml

  2. Edit the file, and then uncomment the following section:

     <!-- 
            SSO authentication config for Share
            NOTE: change localhost:8080 below to appropriate SkyVault server location if required
       -->
       <config evaluator="string-compare" condition="Remote">
          <remote>
             <connector>
                <id>alfrescoCookie</id>
                <name>SkyVault Connector</name>
                <description>Connects to a SkyVault instance using cookie-based authentication</description>
                <class>org.alfresco.web.site.servlet.SlingshotAlfrescoConnector</class>
             </connector>
             
             <endpoint>
                <id>alfresco-feed</id>
                <name>SkyVault Feed</name>
                <description>SkyVault Feed - supports basic HTTP authentication via the EndPointProxyServlet</description>
                <connector-id>alfrescoCookie</connector-id>
                <endpoint-url>http://localhost:8080/alfresco/wcs</endpoint-url>
                <identity>user</identity>
                <external-auth>true</external-auth>
             </endpoint>
    
             <endpoint>
                <id>alfresco</id>
                <name>SkyVault - user access</name>
                <description>Access to SkyVault Repository WebScripts that require user authentication</description>
                <connector-id>alfrescoCookie</connector-id>
                <endpoint-url>http://localhost:8080/alfresco/wcs</endpoint-url>
                <identity>user</identity>
                <external-auth>true</external-auth>
             </endpoint>
          </remote>
       </config>
  3. Change the <endpoint-url>http://localhost:8080/alfresco/wcs</endpoint-url> value to point to your SkyVault server location.
  4. Set the maxThreads option in the <TOMCAT_HOME>/conf/server.xml file.

    <Connector port="8080" protocol="HTTP/1.1" 
                   connectionTimeout="20000" 
                   redirectPort="8443" 
                   maxThreads="200" 
     />

    Note: If Share and SkyVault are installed on the same Tomcat, it is important to set the maxThreads option to 2*(expected number of concurrent requests). This is because each Share request spawns an SkyVault request.
  5. Restart Share.
If you have configured SkyVaultNtlm or passthru in your SkyVault authentication chain and enabled SSO, NTLM will be the active authentication mechanism.