API tools faq
paste
Advertisement
nicoparola89

Untitled

nicoparola89
Jul 6th, 2016
202
0
Never
Add comment
Not a member of Pastebin yet? Sign Up, it unlocks many cool features!
text 22.42 KB | None | 0 0
raw download clone embed print report
  1. <alfresco-config>
  2.  
  3. <!-- Global config section -->
  4. <config replace="true">
  5. <flags>
  6. <!--
  7. Developer debugging setting to turn on DEBUG mode for client scripts in the browser
  8. -->
  9. <client-debug>false</client-debug>
  10.  
  11. <!--
  12. LOGGING can always be toggled at runtime when in DEBUG mode (Ctrl, Ctrl, Shift, Shift).
  13. This flag automatically activates logging on page load.
  14. -->
  15. <client-debug-autologging>false</client-debug-autologging>
  16. </flags>
  17. </config>
  18.  
  19. <config evaluator="string-compare" condition="WebFramework">
  20. <web-framework>
  21. <!-- SpringSurf Autowire Runtime Settings -->
  22. <!--
  23. Developers can set mode to 'development' to disable; SpringSurf caches,
  24. FreeMarker template caching and Rhino JavaScript compilation.
  25. -->
  26. <autowire>
  27. <!-- Pick the mode: "production" or "development" -->
  28. <mode>production</mode>
  29. </autowire>
  30.  
  31. <!-- Allows extension modules with <auto-deploy> set to true to be automatically deployed -->
  32. <module-deployment>
  33. <mode>manual</mode>
  34. <enable-auto-deploy-modules>true</enable-auto-deploy-modules>
  35. </module-deployment>
  36. </web-framework>
  37. </config>
  38.  
  39. <!-- Disable the CSRF Token Filter -->
  40. <!--
  41. <config evaluator="string-compare" condition="CSRFPolicy" replace="true">
  42. <filter/>
  43. </config>
  44. -->
  45.  
  46. <!--
  47. To run the CSRF Token Filter behind 1 or more proxies that do not rewrite the Origin or Referere headers:
  48.  
  49. 1. Copy the "CSRFPolicy" default config in share-security-config.xml and paste it into this file.
  50. 2. Replace the old config by setting the <config> element's "replace" attribute to "true" like below:
  51. <config evaluator="string-compare" condition="CSRFPolicy" replace="true">
  52. 3. To every <action name="assertReferer"> element add the following child element
  53. <param name="referer">http://www.proxy1.com/.*|http://www.proxy2.com/.*</param>
  54. 4. To every <action name="assertOrigin"> element add the following child element
  55. <param name="origin">http://www.proxy1.com|http://www.proxy2.com</param>
  56. -->
  57.  
  58. <!--
  59. Remove the default wildcard setting and use instead a strict whitelist of the only domains that shall be allowed
  60. to be used inside iframes (i.e. in the WebView dashlet on the dashboards)
  61. -->
  62. <!--
  63. <config evaluator="string-compare" condition="IFramePolicy" replace="true">
  64. <cross-domain>
  65. <url>http://www.trusted-domain-1.com/</url>
  66. <url>http://www.trusted-domain-2.com/</url>
  67. </cross-domain>
  68. </config>
  69. -->
  70.  
  71. <!-- Turn off header that stops Share from being displayed in iframes on pages from other domains -->
  72. <!--
  73. <config evaluator="string-compare" condition="SecurityHeadersPolicy">
  74. <headers>
  75. <header>
  76. <name>X-Frame-Options</name>
  77. <enabled>false</enabled>
  78. </header>
  79. </headers>
  80. </config>
  81. -->
  82.  
  83. <!-- Prevent browser communication over HTTP (for HTTPS servers) -->
  84. <!--
  85. <config evaluator="string-compare" condition="SecurityHeadersPolicy">
  86. <headers>
  87. <header>
  88. <name>Strict-Transport-Security</name>
  89. <value>max-age=31536000</value>
  90. </header>
  91. </headers>
  92. </config>
  93. -->
  94.  
  95. <config evaluator="string-compare" condition="Replication">
  96. <share-urls>
  97. <!--
  98. To locate your current repositoryId go to Admin Console > General > Repository Information:
  99. http://localhost:8080/alfresco/s/enterprise/admin/admin-repositoryinfo
  100.  
  101. Example config entry:
  102. <share-url repositoryId="622f9533-2a1e-48fe-af4e-ee9e41667ea4">http://new-york-office:8080/share/</share-url>
  103. -->
  104. </share-urls>
  105. </config>
  106.  
  107. <!-- Document Library config section -->
  108. <config evaluator="string-compare" condition="DocumentLibrary" replace="true">
  109.  
  110. <tree>
  111. <!--
  112. Whether the folder Tree component should enumerate child folders or not.
  113. This is a relatively expensive operation, so should be set to "false" for Repositories with broad folder structures.
  114. -->
  115. <evaluate-child-folders>false</evaluate-child-folders>
  116.  
  117. <!--
  118. Optionally limit the number of folders shown in treeview throughout Share.
  119. -->
  120. <maximum-folder-count>1000</maximum-folder-count>
  121.  
  122. <!--
  123. Default timeout in milliseconds for folder Tree component to recieve response from Repository
  124. -->
  125. <timeout>7000</timeout>
  126. </tree>
  127.  
  128. <!--
  129. Used by the "Manage Aspects" action
  130.  
  131. For custom aspects, remember to also add the relevant i18n string(s)
  132. cm_myaspect=My Aspect
  133. -->
  134. <aspects>
  135. <!-- Aspects that a user can see -->
  136. <visible>
  137. <aspect name="cm:generalclassifiable" />
  138. <aspect name="cm:complianceable" />
  139. <aspect name="cm:dublincore" />
  140. <aspect name="cm:effectivity" />
  141. <aspect name="cm:summarizable" />
  142. <aspect name="cm:versionable" />
  143. <aspect name="cm:templatable" />
  144. <aspect name="cm:emailed" />
  145. <aspect name="emailserver:aliasable" />
  146. <aspect name="cm:taggable" />
  147. <aspect name="app:inlineeditable" />
  148. <aspect name="cm:geographic" />
  149. <aspect name="exif:exif" />
  150. <aspect name="audio:audio" />
  151. <aspect name="cm:indexControl" />
  152. <aspect name="dp:restrictable" />
  153. <aspect name="smf:customConfigSmartFolder" />
  154. <aspect name="smf:systemConfigSmartFolder" />
  155. </visible>
  156.  
  157. <!-- Aspects that a user can add. Same as "visible" if left empty -->
  158. <addable>
  159. </addable>
  160.  
  161. <!-- Aspects that a user can remove. Same as "visible" if left empty -->
  162. <removeable>
  163. </removeable>
  164. </aspects>
  165.  
  166. <!--
  167. Used by the "Change Type" action
  168.  
  169. Define valid subtypes using the following example:
  170. <type name="cm:content">
  171. <subtype name="cm:mysubtype" />
  172. </type>
  173.  
  174. Remember to also add the relevant i18n string(s):
  175. cm_mysubtype=My SubType
  176. -->
  177. <types>
  178. <type name="cm:content">
  179. <subtype name="smf:smartFolderTemplate" />
  180. </type>
  181.  
  182. <type name="cm:folder">
  183. </type>
  184.  
  185. <type name="trx:transferTarget">
  186. <subtype name="trx:fileTransferTarget" />
  187. </type>
  188. </types>
  189.  
  190. <!--
  191. If set, will present a WebDAV link for the current item on the Document and Folder details pages.
  192. Also used to generate the "View in Alfresco Explorer" action for folders.
  193. -->
  194. <repository-url>http://localhost:8081/alfresco</repository-url>
  195.  
  196. <!--
  197. Google Docs™ integration
  198. -->
  199. <google-docs>
  200. <!--
  201. Enable/disable the Google Docs UI integration (Extra types on Create Content menu, Google Docs actions).
  202. -->
  203. <enabled>false</enabled>
  204.  
  205. <!--
  206. The mimetypes of documents Google Docs allows you to create via the Share interface.
  207. The I18N label is created from the "type" attribute, e.g. google-docs.doc=Google Docs&trade; Document
  208. -->
  209. <creatable-types>
  210. <creatable type="doc">application/vnd.openxmlformats-officedocument.wordprocessingml.document</creatable>
  211. <creatable type="xls">application/vnd.openxmlformats-officedocument.spreadsheetml.sheet</creatable>
  212. <creatable type="ppt">application/vnd.ms-powerpoint</creatable>
  213. </creatable-types>
  214. </google-docs>
  215.  
  216. <!--
  217. File upload configuration
  218. -->
  219. <file-upload>
  220. <!--
  221. Adobe Flash™
  222. In certain environments, an HTTP request originating from Flash cannot be authenticated using an existing session.
  223. See: http://bugs.adobe.com/jira/browse/FP-4830
  224. For these cases, it is useful to disable the Flash-based uploader for Share Document Libraries.
  225. -->
  226. <adobe-flash-enabled>true</adobe-flash-enabled>
  227. </file-upload>
  228. </config>
  229.  
  230.  
  231. <!-- Custom DocLibActions config section -->
  232. <config evaluator="string-compare" condition="DocLibActions">
  233. <actionGroups>
  234. <actionGroup id="document-browse">
  235.  
  236. <!-- Simple Repo Actions -->
  237. <!--
  238. <action index="340" id="document-extract-metadata" />
  239. <action index="350" id="document-increment-counter" />
  240. -->
  241.  
  242. <!-- Dialog Repo Actions -->
  243. <!--
  244. <action index="360" id="document-transform" />
  245. <action index="370" id="document-transform-image" />
  246. <action index="380" id="document-execute-script" />
  247. -->
  248.  
  249. </actionGroup>
  250. </actionGroups>
  251. </config>
  252.  
  253. <!-- Global folder picker config section -->
  254. <config evaluator="string-compare" condition="GlobalFolder">
  255. <siteTree>
  256. <container type="cm:folder">
  257. <!-- Use a specific label for this container type in the tree -->
  258. <rootLabel>location.path.documents</rootLabel>
  259. <!-- Use a specific uri to retreive the child nodes for this container type in the tree -->
  260. <uri>slingshot/doclib/treenode/site/{site}/{container}{path}?children={evaluateChildFoldersSite}&amp;max={maximumFolderCountSite}</uri>
  261. </container>
  262. </siteTree>
  263. </config>
  264.  
  265. <!-- Repository Library config section -->
  266. <config evaluator="string-compare" condition="RepositoryLibrary" replace="true">
  267. <!--
  268. Root nodeRef or xpath expression for top-level folder.
  269. e.g. alfresco://user/home, /app:company_home/st:sites/cm:site1
  270. If using an xpath expression, ensure it is properly ISO9075 encoded here.
  271. -->
  272. <root-node>alfresco://company/home</root-node>
  273.  
  274. <tree>
  275. <!--
  276. Whether the folder Tree component should enumerate child folders or not.
  277. This is a relatively expensive operation, so should be set to "false" for Repositories with broad folder structures.
  278. -->
  279. <evaluate-child-folders>false</evaluate-child-folders>
  280.  
  281. <!--
  282. Optionally limit the number of folders shown in treeview throughout Share.
  283. -->
  284. <maximum-folder-count>500</maximum-folder-count>
  285. </tree>
  286.  
  287. <!--
  288. Whether the link to the Repository Library appears in the header component or not.
  289. -->
  290. <visible>true</visible>
  291. </config>
  292.  
  293. <!-- Kerberos settings -->
  294. <!-- To enable kerberos rename this condition to "Kerberos" -->
  295. <config evaluator="string-compare" condition="KerberosDisabled" replace="true">
  296. <kerberos>
  297. <!--
  298. Password for HTTP service account.
  299. The account name *must* be built from the HTTP server name, in the format :
  300. HTTP/<server_name>@<realm>
  301. (NB this is because the web browser requests an ST for the
  302. HTTP/<server_name> principal in the current realm, so if we're to decode
  303. that ST, it has to match.)
  304. -->
  305. <password>secret</password>
  306. <!--
  307. Kerberos realm and KDC address.
  308. -->
  309. <realm>ALFRESCO.ORG</realm>
  310. <!--
  311. Service Principal Name to use on the repository tier.
  312. This must be like: HTTP/host.name@REALM
  313. -->
  314. <endpoint-spn>HTTP/repository.server.com@ALFRESCO.ORG</endpoint-spn>
  315. <!--
  316. JAAS login configuration entry name.
  317. -->
  318. <config-entry>ShareHTTP</config-entry>
  319. <!--
  320. A Boolean which when true strips the @domain sufix from Kerberos authenticated usernames.
  321. Use together with stripUsernameSuffix property in alfresco-global.properties file.
  322. -->
  323. <stripUserNameSuffix>true</stripUserNameSuffix>
  324. </kerberos>
  325. </config>
  326.  
  327. <!-- Uncomment and modify the URL to Activiti Admin Console if required. -->
  328. <!--
  329. <config evaluator="string-compare" condition="ActivitiAdmin" replace="true">
  330. <activiti-admin-url>http://localhost:8080/alfresco/activiti-admin</activiti-admin-url>
  331. </config>
  332. -->
  333.  
  334. <config evaluator="string-compare" condition="Remote">
  335. <remote>
  336. <endpoint>
  337. <id>alfresco-noauth</id>
  338. <name>Alfresco - unauthenticated access</name>
  339. <description>Access to Alfresco Repository WebScripts that do not require authentication</description>
  340. <connector-id>alfresco</connector-id>
  341. <endpoint-url>http://localhost:8081/alfresco/s</endpoint-url>
  342. <identity>none</identity>
  343. </endpoint>
  344.  
  345. <endpoint>
  346. <id>alfresco</id>
  347. <name>Alfresco - user access</name>
  348. <description>Access to Alfresco Repository WebScripts that require user authentication</description>
  349. <connector-id>alfresco</connector-id>
  350. <endpoint-url>http://localhost:8081/alfresco/s</endpoint-url>
  351. <identity>user</identity>
  352. </endpoint>
  353.  
  354. <endpoint>
  355. <id>alfresco-feed</id>
  356. <name>Alfresco Feed</name>
  357. <description>Alfresco Feed - supports basic HTTP authentication via the EndPointProxyServlet</description>
  358. <connector-id>http</connector-id>
  359. <endpoint-url>http://localhost:8081/alfresco/s</endpoint-url>
  360. <basic-auth>true</basic-auth>
  361. <identity>user</identity>
  362. </endpoint>
  363.  
  364. <endpoint>
  365. <id>alfresco-api</id>
  366. <parent-id>alfresco</parent-id>
  367. <name>Alfresco Public API - user access</name>
  368. <description>Access to Alfresco Repository Public API that require user authentication.
  369. This makes use of the authentication that is provided by parent 'alfresco' endpoint.</description>
  370. <connector-id>alfresco</connector-id>
  371. <endpoint-url>http://localhost:8081/alfresco/api</endpoint-url>
  372. <identity>user</identity>
  373. </endpoint>
  374. </remote>
  375. </config>
  376.  
  377. <!--
  378. Overriding endpoints to reference an Alfresco server with external SSO enabled
  379. NOTE: If utilising a load balancer between web-tier and repository cluster, the "sticky
  380. sessions" feature of your load balancer must be used.
  381. NOTE: If alfresco server location is not localhost:8080 then also combine changes from the
  382. "example port config" section below.
  383. *Optional* ssl-config contains:
  384. keystore for managing client key and certificate.
  385. truststore for managing trusted CAs.
  386. Used to authenticate share to an external SSO system such as CAS or
  387. to make share talk to SSL layers that require client certificates.
  388. Remove the ssl-config section if not required i.e. for NTLM.
  389.  
  390. NOTE: For Kerberos SSO rename the "KerberosDisabled" condition above to "Kerberos"
  391.  
  392. NOTE: For external SSO, switch the endpoint connector to "alfrescoHeader" and set
  393. the userHeader value to the name of the HTTP header that the external SSO
  394. uses to provide the authenticated user name.
  395. NOTE: For external SSO, Share now supports the "userIdPattern" mechanism as is available
  396. on the repository config for External Authentication sub-system. Add the following
  397. element to your "alfrescoHeader" connector config:
  398. <userIdPattern>^ignore-(\w+)-ignore</userIdPattern>
  399. This is an example, ensure the Id pattern matches your repository config.
  400. NOTE: For external SSO, Share now supports stateless (no Http Session or sticky session)
  401. connection to the repository when using the alfrescoHeader remote user connector.
  402. e.g. You can change endpoint config to use the faster /service URL instead of the
  403. /wcs URL if you are using External Authentication and then remove sticky session config
  404. from your proxy between Share and Alfresco. Note that this is also faster because Share
  405. will no longer call the /touch REST API before every remote call to the repository.
  406. -->
  407.  
  408. <!-- Security warning -->
  409. <!-- For production environment set verify-hostname to true.-->
  410. <!--
  411. <config evaluator="string-compare" condition="Remote">
  412. <remote>
  413. <ssl-config>
  414. <keystore-path>alfresco/web-extension/alfresco-system.p12</keystore-path>
  415. <keystore-type>pkcs12</keystore-type>
  416. <keystore-password>alfresco-system</keystore-password>
  417.  
  418. <truststore-path>alfresco/web-extension/ssl-truststore</truststore-path>
  419. <truststore-type>JCEKS</truststore-type>
  420. <truststore-password>password</truststore-password>
  421.  
  422. <verify-hostname>true</verify-hostname>
  423. </ssl-config>
  424.  
  425. <connector>
  426. <id>alfrescoCookie</id>
  427. <name>Alfresco Connector</name>
  428. <description>Connects to an Alfresco instance using cookie-based authentication</description>
  429. <class>org.alfresco.web.site.servlet.SlingshotAlfrescoConnector</class>
  430. </connector>
  431.  
  432. <connector>
  433. <id>alfrescoHeader</id>
  434. <name>Alfresco Connector</name>
  435. <description>Connects to an Alfresco instance using header and cookie-based authentication</description>
  436. <class>org.alfresco.web.site.servlet.SlingshotAlfrescoConnector</class>
  437. <userHeader>SsoUserHeader</userHeader>
  438. </connector>
  439.  
  440. <endpoint>
  441. <id>alfresco</id>
  442. <name>Alfresco - user access</name>
  443. <description>Access to Alfresco Repository WebScripts that require user authentication</description>
  444. <connector-id>alfrescoCookie</connector-id>
  445. <endpoint-url>http://localhost:8081/alfresco/wcs</endpoint-url>
  446. <identity>user</identity>
  447. <external-auth>true</external-auth>
  448. </endpoint>
  449.  
  450. <endpoint>
  451. <id>alfresco-feed</id>
  452. <parent-id>alfresco</parent-id>
  453. <name>Alfresco Feed</name>
  454. <description>Alfresco Feed - supports basic HTTP authentication via the EndPointProxyServlet</description>
  455. <connector-id>alfrescoHeader</connector-id>
  456. <endpoint-url>http://localhost:8081/alfresco/wcs</endpoint-url>
  457. <identity>user</identity>
  458. <external-auth>true</external-auth>
  459. </endpoint>
  460.  
  461. <endpoint>
  462. <id>alfresco-api</id>
  463. <parent-id>alfresco</parent-id>
  464. <name>Alfresco Public API - user access</name>
  465. <description>Access to Alfresco Repository Public API that require user authentication.
  466. This makes use of the authentication that is provided by parent 'alfresco' endpoint.</description>
  467. <connector-id>alfrescoHeader</connector-id>
  468. <endpoint-url>http://localhost:8081/alfresco/api</endpoint-url>
  469. <identity>user</identity>
  470. <external-auth>true</external-auth>
  471. </endpoint>
  472. </remote>
  473. </config>
  474. -->
  475.  
  476.  
  477.  
  478. <config evaluator="model-type" condition="or:listaOr">
  479. <forms>
  480. <form>
  481. <field-visibility>
  482. <show id="or:orNumero" />
  483. <show id="or:orTitulo" />
  484. <show id="or:projectStartDate" />
  485. <show id="or:orEmisor" />
  486. <show id="or:orTema" />
  487. <show id="or:orDestinatarios" />
  488. <show id="or:orAnexo" />
  489. </field-visibility>
  490. <create-form template="/org/alfresco/components/data-lists/forms/dataitem.ftl" />
  491. <appearance>
  492. <field id="or:orTitulo">
  493. <control template="/org/alfresco/components/form/controls/textarea.ftl" />
  494. </field>
  495.  
  496. <field id="or:orTema">
  497. <control template="/org/alfresco/components/form/controls/textarea.ftl" />
  498. </field>
  499. <field id="or:orAnexo">
  500. <control>
  501. <control-param name="startLocation">{doclib}</control-param>
  502. </control>
  503. </field>
  504. </appearance>
  505. </form>
  506. <form id="datagrid">
  507. <field-visibility>
  508. <show id="or:orNumero" />
  509. <show id="or:orTitulo" />
  510. <show id="or:projectStartDate" />
  511. <show id="co:orEmisor" />
  512. <show id="or:orTema" />
  513. <show id="or:orDestinatarios" />
  514. <show id="or:orAnexo" />
  515. </field-visibility>
  516. </form>
  517. </forms>
  518. </config>
  519.  
  520.  
  521.  
  522. <config evaluator="node-type" condition="or:listaOr">
  523. <forms>
  524. <form>
  525. <field-visibility>
  526. <show id="or:orNumero" />
  527. <show id="or:orTitulo" />
  528. <show id="or:projectStartDate" />
  529. <show id="or:orEmisor" />
  530. <show id="or:orTema" />
  531. <show id="or:orDestinatarios" />
  532. <show id="or:orAnexo" />
  533. </field-visibility>
  534. <create-form template="/org/alfresco/components/data-lists/forms/dataitem.ftl" />
  535. <appearance>
  536. <field id="or:orTitulo">
  537. <control template="/org/alfresco/components/form/controls/textarea.ftl" />
  538. </field>
  539.  
  540. <field id="or:orTema">
  541. <control template="/org/alfresco/components/form/controls/textarea.ftl" />
  542. </field>
  543. <field id="or:orAnexo">
  544. <control>
  545. <control-param name="startLocation">{doclib}</control-param>
  546. </control>
  547. </field>
  548. </appearance>
  549. </form>
  550. </forms>
  551. </config>
  552.  
  553. <!-- Cookie settings -->
  554. <!-- To disable alfUsername2 cookie set enableCookie value to "false" -->
  555. <!--
  556. <plug-ins>
  557. <element-readers>
  558. <element-reader element-name="cookie" class="org.alfresco.web.config.cookie.CookieElementReader"/>
  559. </element-readers>
  560. </plug-ins>
  561.  
  562. <config evaluator="string-compare" condition="Cookie" replace="true">
  563. <cookie>
  564. <enableCookie>false</enableCookie>
  565. <cookies-to-remove>
  566. <cookie-to-remove>alfUsername3</cookie-to-remove>
  567. <cookie-to-remove>alfLogin</cookie-to-remove>
  568. </cookies-to-remove>
  569. </cookie>
  570. </config>
  571.  
  572.  
  573.  
  574. -->
  575. </alfresco-config>
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement
Public Pastes
Advertisement
We use cookies for various purposes including analytics. By continuing to use Pastebin, you agree to our use of cookies as described in the Cookies Policy.  OK, I Understand
Not a member of Pastebin yet?
Sign Up, it unlocks many cool features!