How to create web pages viewable by anonymous users
The first step you need to take is to enable the anonymous user, which needs to be registered through a configuration files, that should look like this
<?xml version="1.0"?>
<component name="org.nuxeo.ecm.platform.login.anonymous.config">
<!-- Add an Anonymous user -->
<extension target="org.nuxeo.ecm.platform.usermanager.UserService"
point="userManager">
<userManager>
<users>
<anonymousUser id="Guest">
<property name="firstName">Guest</property>
<property name="lastName">User</property>
</anonymousUser>
</users>
</userManager>
</extension>
</component>
This file needs to be deployed under nuxeo.ear/config and the application server restarted. After the server is up and running, when accessing Nuxeo again, the anonymous user will be used and logged into the application.
To give anonymous user permissions over pages that manage the default repository and which are offered by Nuxeo platform, with an administrator user you have to offer 'Read' permission over the 'Default domain'. The access to pages in Nuxeo is in most cases controlled with Permission Service which can be used from the 'Access rights' tab(it appears for folderish documents only), which is a child tab of the 'Manage' tab. 'Manage' tab is one of the tabs that show up when navigating on a document from Nuxeo. Giving 'Read' permission over the 'Default domain', will enable anonymous user to perform actions and see pages that only require the 'Read' permission. In order to give anonymous user permission to see other pages, that require other permission than 'Read' one, then those permissions needs to be given to anonymous user too over the documents in discussion. Take for example the 'Edit' tab page, which requires 'Write' permission, which the anonymous user will need to have on the document that is edited.
Usually anonymous user should have access to pages that require only 'Read' permission. New pages in Nuxeo can usually be introduced through the ActionService, and can be registered in contribution files to this service(have a look at actions-contrib.xml file from 'nuxeo-platform-webapp-core' module for example)
<extension target="org.nuxeo.ecm.platform.actions.ActionService"
point="actions">
<!-- server actions -->
<action id="user_dashboard" link="user_dashboard"
label="command.user_dashboard" order="10">
<category>USER_SERVICES</category>
<filter id="user_dashboard_enabled">
<rule grant="true">
<condition>#{userServicesContext.dashboardEnabled}</condition>
</rule>
</filter>
</action>
...
The page introduced by this registered action can be viewable in the UI, by clicking on the link labeled with 'Dashboard' from the upper part region of a Nuxeo page. In oder to add a link to a new page that can be viewable by an anonymous user, near 'Dashboard' link for example, a contribution like the one bellow can be made.
<action id="test_link" link="/my_test_link_page.xhtml"
label="My link" order="5">
<category>USER_SERVICES</category>
<filter-id>anonymous</filter-id>
</action>
Access to pages introduced through such links can be controlled be defining filters. The example above uses the preexisting filter which looks like this
<filter id="anonymous">
<rule grant="true">
<condition>#{currentUser.anonymous}</condition>
</rule>
</filter>
and which says that the current logged user needs to be anonymous in order to show it.
Other filters can be defined in order to control the access to pages, depending on the type of the current document, depending on the permissions of the current logged user on the current selected document(have a look at 'actions-framework.xml' file from 'nuxeo-platform-actions-core module' for a more detailed explanations about actions and actions filters definitions)
Comments: 0