Daily Log for #alfresco IRC Channel

Alfresco discussion and collaboration. Stick around a few hours after asking a question.

Official support for Enterprise subscribers: support.alfresco.com.

Joining the Channel:

Join in the conversation by getting an IRC client and connecting to #alfresco at Freenode. Our you can use the IRC web chat.

More information about the channel is in the wiki.

Getting Help

More help is available in this list of resources.

Daily Log for #alfresco

2020-02-11 10:26:33 GMT <alfresco-discord> <dylanvdbrink> Hi! Does anybody have any experience with what exactly happens when Alfresco has more users than the license allows? I read something about the repository going into read-only mode and users created after that will not be able to login. Is this true? And is this at exactly the threshold of the user limit or is there some sort of margin?

2020-02-11 10:39:07 GMT <alfresco-discord> <LMattioli> @dylanvdbrink I have never experienced directly, AFAIK: the limit is exact (without margin) and new users cannot login i.e. they are disabled

2020-02-11 10:39:19 GMT <alfresco-discord> <LMattioli> these are the three possible states

2020-02-11 10:39:23 GMT <alfresco-discord> <LMattioli> https://cdn.discordapp.com/attachments/451644531323174914/676739044981604362/unknown.png

2020-02-11 10:44:09 GMT <alfresco-discord> <dylanvdbrink> @LMattioli Thanks for the response! So existing users can still login?

2020-02-11 10:46:31 GMT <alfresco-discord> <LMattioli> @dylanvdbrink Yes, or at least it's what I remember from documentation

2020-02-11 10:46:33 GMT <alfresco-discord> <LMattioli> https://docs.alfresco.com/5.2/tasks/license-authorize.html

2020-02-11 10:46:34 GMT <alfbot> Title:Authorize users | Alfresco Documentation (at docs.alfresco.com)

2020-02-11 10:46:52 GMT <alfresco-discord> <LMattioli> "If the system is within the license limit, the user can successfully log in, otherwise the login attempt fails and the user remains in the Never Authorized state"

2020-02-11 10:48:04 GMT <alfresco-discord> <dgradecak> @dylanvdbrink a note on that, if the users are synced from AD/LDAP and during the sync deleted and than recreated, you might have an unexpected behavior and random users could be disabled

2020-02-11 10:49:10 GMT <alfresco-discord> <dgradecak> I remember a client had a license for 1K users and synced more users than that from AD, every day that sync happened and random users could not login

2020-02-11 10:50:16 GMT <alfresco-discord> <dylanvdbrink> @LMattioli @dgradecak Ah yes I see, thank you both for the info

2020-02-11 10:57:33 GMT <alfresco-discord> <binduwavell> @dylanvdbrink Support can help you get a list of your Authorized accounts. They can also help you de-authorize accounts that should not be included in your license count. If I remember correctly, once you de-authorize an account there is no way to re-authorize it in the future.

2020-02-11 10:58:36 GMT <alfresco-discord> <mbui> You can reauthorize users with the help of Alfresco support by providing them a unique code for the specific user.

2020-02-11 11:00:06 GMT <alfresco-discord> <mbui> Also, remember that deleted users still count as a named user, so if you have AD/LDAP sync that regularly deletes users you need to make sure to manually deauthorize them to reduce the # of users.

2020-02-11 11:01:33 GMT <alfresco-discord> <dylanvdbrink> @binduwavell @mbui And the de-authorizing always needs to happen manually by contacting support?

2020-02-11 11:02:44 GMT <alfresco-discord> <binduwavell> It's been a while. At least the first time, yes. I can't remember if the process requires Support intervention.

2020-02-11 11:03:22 GMT <alfresco-discord> <mbui> @dylanvdbrink No, you can manually deauthorize users in the share admin console, and it has to be done manunally.

2020-02-11 11:03:40 GMT <alfresco-discord> <mbui> It's only if you want to reauthorize a deauthorized user you'd need to contact Alfresco support.

2020-02-11 11:04:01 GMT <alfresco-discord> <binduwavell> That is ringing bells ๐Ÿ™‚

2020-02-11 11:04:35 GMT <alfresco-discord> <mbui> You deauthorize users by clicking on the red key in the images LMattioli showed.

2020-02-11 11:04:47 GMT <alfresco-discord> <dylanvdbrink> @binduwavell @mbui Helpful info, thanks so much!

2020-02-11 11:05:45 GMT <alfresco-discord> <mbui> https://i.gyazo.com/fddc5ec198e5b6d9ec804c77440e6dbd.png

2020-02-11 11:06:28 GMT <alfresco-discord> <bhagyas> Has anyone tried to validate the size of the file before adding content to Alfresco? Just found out that the .getSize() method from the Surf library returns -1 all the time!

2020-02-11 11:07:12 GMT <alfresco-discord> <bhagyas> https://cdn.discordapp.com/attachments/451644531323174914/676746050534506496/unknown.png

2020-02-11 11:07:55 GMT <alfresco-discord> <mbui> lol, nice method

2020-02-11 11:08:04 GMT <alfresco-discord> <bhagyas> ๐Ÿคท๐Ÿพโ€โ™‚๏ธ

2020-02-11 11:08:48 GMT <alfresco-discord> <bhagyas> No unsupported exception or additional information on the code either - amazing.

2020-02-11 11:15:56 GMT <alfresco-discord> <dgradecak> @bhagyas I am not sure "share" is the right place to do that

2020-02-11 11:16:50 GMT <alfresco-discord> <dgradecak> or I just missunderstood

2020-02-11 11:57:43 GMT <alfresco-discord> <bhagyas> @dgradecak It's not in Share, it's on repository remote-api

2020-02-11 12:14:38 GMT <alfresco-discord> <bhagyas> @EddieMay is the outgoing mail working on alfresco ID server? I can't seem to login or reset my password - I get a message saying to check email, but there aren't any.

2020-02-11 12:21:12 GMT <alfresco-discord> <EddieMay> @bhagyas - can you check spam please?

2020-02-11 12:33:59 GMT <alfresco-discord> <bhagyas> @EddieMay

2020-02-11 12:34:12 GMT <alfresco-discord> <bhagyas> I did

2020-02-11 12:34:25 GMT <alfresco-discord> <bhagyas> Nothing shows up

2020-02-11 13:05:28 GMT <alfresco-discord> <MorganP> It worked last Friday at least @bhagyas

2020-02-11 13:08:29 GMT <alfresco-discord> <bhagyas> :/

2020-02-11 13:09:07 GMT <alfresco-discord> <bhagyas> btw - has writing to a temp file worked for anyone to figure out the size before upload/writing to content property?

2020-02-11 13:11:11 GMT <alfresco-discord> <dgradecak> do you have a custom webscript?

2020-02-11 13:12:24 GMT <alfresco-discord> <dgradecak> and what is your use case here?

2020-02-11 13:40:16 GMT <alfresco-discord> <dgradecak> is AFaust on holidays? ๐Ÿ™‚

2020-02-11 13:40:35 GMT <AFaust> No...

2020-02-11 13:41:04 GMT <AFaust> But at a customer without free wi-fi, so not online all the time

2020-02-11 13:42:00 GMT <alfresco-discord> <dgradecak> do you have any idea if in SlingshotAlfrescoConnector we could bypass the "encode64"? I ended up having the same as you https://github.com/Acosix/alfresco-keycloak/blob/master/share/src/main/java/de/acosix/alfresco/keycloak/share/remote/BearerTokenAwareSlingshotAlfrescoConnector.java

2020-02-11 13:42:01 GMT <alfbot> Title:alfresco-keycloak/BearerTokenAwareSlingshotAlfrescoConnector.java at master ยท Acosix/alfresco-keycloak ยท GitHub (at github.com)

2020-02-11 13:43:05 GMT <alfresco-discord> <dgradecak> I am "playing" with my idea of encoding a JWT in the authheader through a gateway and if I use the "Authorization" as external header, share encodes it in base 64

2020-02-11 13:43:56 GMT <alfresco-discord> <dgradecak> so in this case, seems overriding is the only possible approach, unless you know somehting

2020-02-11 13:45:48 GMT <AFaust> Well, the base64 encoding is a "fix" for non-ascii user names in the external auth header. I don't see a way around that. But to be honest, I never considered to hijack their external header functionality for my token as that would not have been the proper way to pass a bearer token anyway

2020-02-11 13:47:16 GMT <alfresco-discord> <dgradecak> that fix could also be a "config" true/false to be enabled, but that is life

2020-02-11 13:47:26 GMT <AFaust> btw - I recently implemented the OAuth token-exchange (draft) feature when integrating an external Keycloak-authenticated app with Alfresco, and I will add this to the Share integration soon-ish as well, so that it is a proper authentication chain from client to backend...

2020-02-11 13:48:06 GMT <AFaust> Sure, but that "external header" was only ever meant to carry user names, and nothing more.

2020-02-11 13:48:08 GMT <alfresco-discord> <dgradecak> well

2020-02-11 13:48:41 GMT <alfresco-discord> <dgradecak> but if you set the ext header to "Authorization", that is an easy "passthrough"

2020-02-11 13:48:54 GMT <AFaust> Sure, but also a hack

2020-02-11 13:49:18 GMT <alfresco-discord> <dgradecak> well nto sure why a header would be a hack, I have a different opinion

2020-02-11 13:49:27 GMT <alfresco-discord> <dgradecak> but anyway

2020-02-11 13:49:35 GMT <alfresco-discord> <dgradecak> the hack in my opinion is the fix you mentioned

2020-02-11 13:50:02 GMT <AFaust> No - a header per-se would not be a hack, but hijacking the complex Authorization header for something that is only meant to carry over trivial user names would...

2020-02-11 13:50:17 GMT <alfresco-discord> <dgradecak> my thing is to endode a JWT and reuse identity service behind to validate it

2020-02-11 13:51:12 GMT <alfresco-discord> <dgradecak> and there is no way to tell share to also send the Authorization header that I provided

2020-02-11 13:51:28 GMT <alfresco-discord> <dgradecak> unless by overriding its class (not hacking) ๐Ÿ˜‰

2020-02-11 13:52:35 GMT <AFaust> Which also is the way this backend integration was meant to be extended - by implementing custom connectors (from scratch or by extension) and configuring the remote endpoints as-needed

2020-02-11 13:55:19 GMT <alfresco-discord> <bhagyas> @dgradecak Yeah, a custom webscript which accepts files

2020-02-11 13:55:39 GMT <AFaust> I just realised that I have either lost the config file referencing my BearerTokenAwareSlingshotAlfrescoConnector or never added it to the source tree...

2020-02-11 13:55:45 GMT <alfresco-discord> <dgradecak> @bhagyas so why can't you just validate the multipart file in your "controller"?

2020-02-11 13:56:23 GMT <alfresco-discord> <dgradecak> not a big deal AFaust

2020-02-11 13:56:39 GMT <alfresco-discord> <dgradecak> but sure, samples would be good for people who wants to use it like that

2020-02-11 13:57:29 GMT <alfresco-discord> <dgradecak> smaples or config files I mean

2020-02-11 13:57:33 GMT <alfresco-discord> <bhagyas> I use a webscript - the fields are parsed using gsurf

2020-02-11 13:57:38 GMT <AFaust> I just realised that this might explain some of the issues I recently had in my local development, where I always assumed all the necessary configuration was still in place...

2020-02-11 13:57:39 GMT <alfresco-discord> <bhagyas> surf*

2020-02-11 13:58:24 GMT <AFaust> ...anyway... dealing with other Aikau / Surf stuff today (jquery / jquery-ui dependency handling)

2020-02-11 13:59:10 GMT <alfresco-discord> <dgradecak> I do not use alfresco webscripts for ages, but if you want more control you cna use <formdata multipart-processing="false" /> in a webscript desc

2020-02-11 13:59:14 GMT <alfresco-discord> <dgradecak> https://github.com/dgradecak/alfresco-mvc/blob/master/alfresco-mvc-rest/src/main/resources/alfresco/extension/templates/webscripts/alfresco-mvc/mvc.post.desc.xml

2020-02-11 13:59:15 GMT <alfbot> Title:alfresco-mvc/mvc.post.desc.xml at master ยท dgradecak/alfresco-mvc ยท GitHub (at github.com)

2020-02-11 14:00:20 GMT <alfresco-discord> <dgradecak> or just use my alfresco mvc and use spring controlers with request annotations etc ๐Ÿ˜‰

2020-02-11 16:50:46 GMT <Uzzi> Hi, I've a share dir on NAS. Can I connet it inside Alfresco?

2020-02-11 17:06:33 GMT <alfresco-discord> <LMattioli> @Uzzi which Alfresco version? Community Edition or Enterprise?

2020-02-11 17:07:00 GMT <Uzzi> +Community

2020-02-11 17:07:33 GMT <alfresco-discord> <LMattioli> Not Out of the box, you have to import into Alfresco

2020-02-11 17:08:14 GMT <alfresco-discord> <LMattioli> or find/make an extension

2020-02-11 17:08:34 GMT <alfresco-discord> <LMattioli> but it will be an hard one to be done, IMHO

End of Daily Log

The other logs are at http://esplins.org/hash_alfresco