<authenticator>
<class>
org.alfresco.jlan.server.auth.passthru.PassthruAuthenticator
</class>
<mode>USER</mode>
<Domain>STARLASOFT</Domain>
</authenticator>
</security>
2.4.8.3 Enterprise Authenticator
The
org.alfresco.jlan.server.auth.EnterpriseCifsAuthenticator
Authenticator
implementation provides support for newer CIFS authentication types such as
NTLMSSP, SPNEGO, NTLMv2 and Active Directory/Kerberos.
Enterprise CIFS Authenticator
<class>...</class>
Specifies the authenticator class. Use
org.alfresco.jlan.server.auth.EnterpriseCifsAuthenticator
for
the enterprise authenticator.
<mode>...</mode>
Specifies the security mode. This should be set to USER for
the passthru authenticator.
<KDC>...</KDC>
IP address or DNS name of the Active Directory server.
<Realm>...</Realm>
Kerberos realm.
<Password>...</Password>
Account password used by the server to get a service
ticket.
<LoginEntry>...</LoginEntry>
Java security login configuration file entry name.
Defaults is 'JLANServerCIFS'.
<disallowNTLMV1/>
Do not allow weaker NTLMv1 logins.
<kerberosDebug/>
Enables Java API debug output.
Using this setting is equivalent to setting the system
properties
sun.security.jgss.debug
and
sun.security.krb5.debug
to true.
A sample security configuration section is shown below:-
<security>
<authenticator>
<class>
org.alfresco.jlan.server.auth.EnterpriseCifsAuthenticator
</class>
<KDC>win2003.alfresco.com</KDC>
<Realm>ALFRESCO</Realm>
<Password>password</Password>
37