CMIS Alfresco Connector

November 14, 2023

Prerequisities

The current version of the connector works with Alfresco version 4.2 and 5.0.

Alfresco and Jahia must share the same users. This can be achieved by connecting both Jahia and Alfresco to the same user directory (LDAP for example)

Installation

Alfresco Server

Jahia Plugin on Alfresco Server

To make the impersonification work, we need an Alfresco plugin to generate session for the connected Jahia user. This plugin will be call by Jahia each time a user needs to authenticate.

Get the pluging file alfresco-auth-amp.amp from GitHub

Use the following command to install the plugin on your Alfresco server:

java -jar bin/alfresco-mmt.jar install alfresco-auth-amp.amp tomcat/webapps/alfresco –nobackup

Alfresco configuration

If the Alfresco has more than 1000 authenticated users, set the cache size of the ticket cache to a value above the number of users with access to Alfresco. In the configuration file WEB-INF/classes/cache.properties, set the property cache.ticketsCache.maxItems to the maximum number of authentified user that will log on Jahia to access Alfresco content.

CMIS provider module in Jahia

Module installation

Install and configure the CMIS provider module in Jahia. If the JAR file is not already available, you can find the module on the Jahia AppStore or in Jahia in Administration>System components>Modules.

Deploy the module through the Module Administration user interface, or copy the jar file in the digital-factory-data/modules folder.

Module configuration

You can set your custom configuration in the jahia.properties file.

CMIS properties

Here is the list of all available CMIS properties:

https://chemistry.apache.org/java/developing/dev-session-parameters.html

CMIS Session Cache

  • Tuning cache value
    org.jahia.cmis.session.cache.concurrencyLevel=4
  • number of sessions cached
    org.jahia.cmis.session.cache.maximumSize=128
  • time (in minutes) the session are stored
    org.jahia.cmis.session.cache.expireAfterAccess=30

Other

Maximum number of children returned on a node, if set to 0, return all the children (default is 0)
org.jahia.cmis.max.child.nodes=0

Connection setup

Open the Jahia Server Administration and go to System Components / Mount points.

Capture%20d’écran%202016-03-23%20à%2015.38.24.png

Add a new point, select CMIS mount point

./Desktop/Screen%20Shot%202016-03-17%20at%205.

Two type of CMIS Connector to the remote server are available:

  • Standard CMIS Connector: This is the default CMIS connector to any CMIS server (including Alfresco). All users will share the same connection.
  • Alfresco impersonification connector: this connector is only for Alfresco, allowing the connection to the remote server as the current user.

Select “Alfresco impersonification connector“

./Desktop/Screen%20Shot%202016-03-17%20at%205.

Fill the form to set up the mount point

./Desktop/Screen%20Shot%202016-03-17%20at%205.

  • Name: is the folder name of the mount point. This name will be part of the path of the external content.
  • User: Alfresco admin user used to generate ticket and browse the repository as system.
  • Password: password of the admin user
  • Alfresco server URL: Address of the Alfresco server, it points to the alfresco servlet on Alfresco server. Example: http://my.host/alfresco
  • Alfresco user name used to access public content: as CMIS endpoints cannot be accessed by guest user, a user must be set to browse contents as guest. This user can be any user that have no right sets on Alfresco.
  • Remote root path: Root path on the remote server where to connect.
  • Use slow connection: When activated, most of the queries that ask for child nodes are disabled (see limitations)
  • Local mount point: Use the picker to set where the provider has to be mounted locally.

User rights management

The alfresco connector uses the current connected user on Jahia to log on Alfresco.

As Alfresco defines the rights on its resources it is not possible to change them from Jahia.

Even if the action is displayed to a user on Jahia side, if the user does not have rights on Alfresco, the operation will fail (see action menu in known issues).

Even if the user has write access to Alfresco content, in order to access managers, a user has to get the required edit role on a content of the site that set the needed permission to display it, like editor or contributor.

Limitations

Number of child nodes

When Alfresco contains a lot of files or folders under a folder, it takes time to display the tree: for each parent folder, the system needs to read the content of each of its children folders. To decrease the time to display, there are 2 options available and one suggestion/good practice:

  • Use the Slow connection setting. With this option, the manager will not iterate other children’s children when displayed. This option can be set from the administration / system components / mount points, in the settings of the mountpoint.
  • Use the parameter org.jahia.cmis.max.child.nodes in jahia.properties that limits the number of returned child nodes. If the folder contains more items than the limit defined by this parameter, several files or folders might not be visible in the content trees, in manager or edit mode. It is always possible to query these contents, but some content might not be visible, as the number of returned items will be limited by this parameter.

Avoid to mount directly the /root folder (as it contains the /users directory which may contains lot of data and therefore might be long to load) and prefer a remote mount point like /Sites. Or create several mount points targeting the different directories you users will need to access specifically.

Guest user

Alfresco does not allow guest user to use CMIS endpoint. To be able to browse content as “guest” on Jahia, you have to define the Alfresco user that will be used to browse Alfresco’s content as guest. This user will be used only to browse public content. As guest is not allowed by Alfresco, it must be set to another user than guest.

Action menu

In Jahia edit mode or managers, actions allowed on Alfresco content should reflect the rights given to the current user.

There is an issue in the following context: if the mount point is set in a site, and a user that has no write access on Alfresco server but has a role that give write access set on the site node on Jahia, he will be able to execute all edit actions (delete / upload etc.) on Alfresco content, but the actions will fail, upload file will fail silently, other actions return an error to the UI.

Encoding of file names

Jahia parse and converts ASCII codes when saving a node name while Alfresco does not and just store the string literally.

Example:

If the file is named myFile%20.docx in Alfresco

It will be displayed as myFile%20.docx in Jahia File Manager when the file appears.

If the file is renamed directly through Jahia interfaces, the %20 will be encoded by Jahia and resolved as a white space.

Let’s assume that an author renames the file myFile%20encoded.docx when saved the name will be saved in Jahia File manager as myFile encoded.docx but in Alfresco this will result into …….

This behavior cannot be fixed right now to match at the same time the way both systems work.

Consequently, we strongly recommend to train the authors and let them know that they should not rename mounted files when the name contains a %something in it, to avoid any confusion in the Alfresco repository.