Hi,
I have been working on the windows authentication in .NET using OT CWS. Attached are the web.config (CWS), app.config (.Net client), IIS configuration of CWS.
Please suggest.
Swathi
Frankly there is nothing wrong with your web services setup.you have not made the livelink server accept the REMOTE_USER that is passed from your program into livelink.Are you a livelink admin? I have only been able to make this by installing Oscript Directory Services(called CSDS) and configuring it to accept SSO.The CSDS is almost in a deprecated state.You stand to do better if you install OTDS which is a kereberos level authentication scheme.
On your livelink server opentext.ini put Debug=2,wantlapilogs=true and run a GUI request and then a WS request and post the thread logs here.I will tell you if your server is set to accept SSO at least form the livelink setup.
Simply put what you are doing is when you get a IWA site you pass in the logged in user as REMOTE_USER and livelink has a auth schem that understands it that needs to jive before you get this to work.
In my blog livelink.in there are screencaps of how a livelink is to set to do IWA( the OT community is embracing OTDS so IWA auth may not be that hot now) you could try getting a livelink to do that and re-attempt.
At least that is what I think is happening.
Thank you for the response. I'm new to OT and your support is much appreciated.
Attached are the logs as mentioned.
Can you provide link to your blog to get more insights on the OTDS?
Thank you.
There is no information in the logs which tells me that you are new to this deal.If you can get your livelink admin to help you you would make the changes in opentext.ini like
Debug=2
[options]
wantlapilogs=true.Save and re-start livelink.Then when livelink stabilizes you would use the livelink GUI using a browser and log in and do something like a browse or add document..Then using the standard Web.Config that OT produces you would create a login snippet or even use a tool like SOAPUI.You will see in your thread logs things like lapi.invokeService <A inargs...> and outargs those are the arguments your program sends.Then run it with the IWA(SSO,NTLM) application and if you see "invalid username/password" that means that livelink cannot cash in on the snt user form your app.
I suggest you open a ticket with OT and a responsible person from OT help you out.If they tell you it is not possible then please engage others who have done it..My gut feel is that they would ask you to put OTDS and work your way thru it.
My blog has no details on OTDS in fact I have used it very recently and have no real idea about it.It just happens that IWA is a auth scheme that has been used in OT circles and is very prevalent in microsoft AD employed orgs.In fact most of the things that make it working with Content Web Serviecs was found in the web as well as a lot of postings in this forum and others.
BTW how could I forget this gem of a request handler
<LIVELINK URL ending in llisapi.dll,livelink.exe or livelink>?func=admin.testargs
after you put in the admin.index password It will spit out a bunch of things.If you see
or NTLM then yourwebsite/VD is actually protected each of the others will have your domain info
I removed it since I am putting it in a public forum
I still dont think you get to make CWS work with IWA without CSDS but that is a start....
