CWS with SSO - how to authenticate

Hi, I can connect to authentication service no problem with user name and password from .Net client. Content server is SSO enabled, how can I obtain my authenticationt token with passing the user name + password?

Thanks!!

Find more posts tagged with

Comments

appuGmail

Not sure I understand

" Content server is SSO enabled, how can I obtain my authenticationt token with passing the user name + password?"

Not sure I understand What you are saying is you have the authentication code in a client and you want that livelink server

that is SSO authenticated to work ?

Does it not work when you pass userid+password?

..... appnair appunair( Livelink Rocks )

Well, if I called the wrongnumber, why did you answer the phone?
James Thurber, New Yorker cartoon caption, June 5, 1937

On Wed, Apr 12, 2017 at 5:58 PM, eLink Entry: Content Web Services Forum <otdncontentwebservices971forum@elinkkc.opentext.com> wrote:

CWS with SSO - how to authenticate Posted byBowen, JayOn 04/12/2017 06:56 PM

Hi, I can connect to authentication service no problem with user name and password from .Net client. Content server is SSO enabled, how can I obtain my authenticationt token with passing the user name + password? Thanks!!
[To post a comment, use the normal reply function]
Forum: Content Web Services Forum
Content Server: Knowledge Center CS16

Jay_Bowen

Hi, thanks for the reponse. Clarifying what I would like to do is obtain the athentication token without passing the users password + login. Code example below, if I pass user name + password I obtain the token no problem. How do I do this via SSO and not pass the users credentials?

username = txtUserName.Text;
password = txtUserPassword.Text;
AuthenticationClient authClient = new AuthenticationClient();

try
{
Console.Write("Authenticating User...");

//How do I obtain the auth token without user name and password
authToken = authClient.AuthenticateUser(username, password);
Console.WriteLine("Success!\n");
}

catch (FaultException ex)
{
Console.WriteLine("Failed!");
Console.WriteLine("{0} : {1}\n", ex.Code.Name, ex.Message);
MessageBox.Show(ex.Message);
return;
}
finally
{
// Always close the client
authClient.Close();
}

appuGmail

Oh OK I understand now.I guessed as much.I have done this very many times.However OT has extreme reluctance(to date I have not seen a free article provided by OT) to provide sufficient direction.

Now it may change now because it is almost very difficult to run a Livelink( I know Content Server....) without a "man in the middle" application called OTDS.Do you know if you will run up against that?

If it is regular IWA and the Livelink system is configured to work with Web Server Authentication here's how companies and organizations do it.

Create a Parallel website/application where you have deployed CWS from OT and make sure anonymously accessed code like the one you posted before works.IWA and anonymous do not work together.
After that just change the new website's authentication to IWA.I am assuming your deployment is IIs if it is TC I wouldn't know but lots of good articles from Mark Simm on this.
At this point your client code should fail because the Web.Config on which OT supplied is against an anonymously authenticated website.Looks for example Web.Configs in this forum,Google for how to do IWA .I believe I may have posted a few and I still have some old articles in my blog .Once that is done your code should compile.In old versions of livelink OT Support had provided patches that would make SSO consistent with webservices as well.
Now with Debug=2 wantlogs=true and wantlaplogs=true on the server that is responsible for the CWS to talk to livelink (if your Web.Config says localhost /2099 then it is this same sever) send in a command without putting the username/password guess you can just put empty variables.If no errors then your REMOTE_USER was passed by the webserver and Livelink let you in .If there are errors try running ?func=admin.testargs from your client machine against the URL of the Livelink server who would receive your SOAP request,if IWA is correct you should see REMOTE_USER getting passed into the LL server.If you see a lot of ?RFA and a lot of gibberish then OTDS is responsible for authentication none of the things I posted would probably work

In all probability if you get a "Token" from the OTDS web service you may get better but I have really no idea.Places I have worked we never had the need to put OTDS for authentication

My gut feel is REST API from OT is getting more prominence as the de facto interface so perhaps you can even try that and you may actually get qualified OT support

..... appnair appunair( Livelink Rocks )

Well, if I called the wrongnumber, why did you answer the phone?
James Thurber, New Yorker cartoon caption, June 5, 1937

On Thu, Apr 13, 2017 at 11:23 AM, eLink Entry: Content Web Services Forum <otdncontentwebservices971forum@elinkkc.opentext.com> wrote:

[EXTERNAL] - Re CWS with SSO - how to authenticate Posted byBowen, JayOn 04/13/2017 12:16 PM

Hi, thanks for the reponse. Clarifying what I would like to do is obtain the athentication token without passing the users password + login. Code example below, if I pass user name + password I obtain the token no problem. How do I do this via SSO and not pass the users credentials? username = txtUserName.Text;
password = txtUserPassword.Text;
AuthenticationClient authClient = new AuthenticationClient(); try
{
Console.Write("Authenticating User...");

//How do I obtain the auth token without user name and password
authToken = authClient.AuthenticateUser(username, password);
Console.WriteLine("Success!\n");
}
catch (FaultException ex)
{
Console.WriteLine("Failed!");
Console.WriteLine("{0} : {1}\n", ex.Code.Name, ex.Message);
MessageBox.Show(ex.Message);
return;
}
finally
{
// Always close the client
authClient.Close();
}
[To post a comment, use the normal reply function]Topic:CWS with SSO - how to authenticateForum:Content Web Services ForumContent Server:Knowledge Center CS16

Brahmaji

Hi ,

Authentication service returns the token in case of successful authentication. I have added a sample SOAP response for successful authentication.

<S:Envelope xmlns:S="http://schemas.xmlsoap.org/soap/envelope/">

<S:Body>

<AuthenticateUserResult>ZEiSMnutRq2NmVXYduHeV%2BE9prsL1ao3kbOiMDkO9%2FXqcBXQuN7fG2UT3vjPD4R0hw27NSiv9n%2FS0xOPhDFm6%2FpJtbbnAAdc</AuthenticateUserResult>

</AuthenticateUserResponse>

</S:Body>

</S:Envelope>

From .Net stubs you can follow the same hierarchy to get the token. Please give it a try.

HTH,

Brahmaji.

From: eLink Entry: Content Web Services Forum [mailto:otdncontentwebservices971forum@elinkkc.opentext.com]
Sent: Thursday, April 13, 2017 4:29 AM
To: eLink Recipient
Subject: CWS with SSO - how to authenticate

CWS with SSO - how to authenticate

Posted by Bowen, Jay On 04/12/2017 06:56 PM

Thanks!!

[To post a comment, use the normal reply function]
Forum:	Content Web Services Forum
Content Server:	Knowledge Center CS16

Brahmaji

Brahmaji Kande would like to recall the message, "CWS with SSO - how to authenticate".

jdonpaul

Quoted Jay Bowen on 04/18/2017 12:19 PM:

username = txtUserName.Text;
password = txtUserPassword.Text;
AuthenticationClient authClient = new AuthenticationClient();

Hi,

In order to use SSO with Web Services, you will need to setup the web services for SSO. To do this, please follow the instructions in the following KBA:

http://knowledge.opentext.com/knowledge/cs.dll/kcs/kbarticle/view/KB494406

Once you have done that, you can then move on to the code portion of the exercise. Taking the code that posted, all you will need to do is set your username and password to null. Here is an example of what could be done:

username = null;
password = null;
AuthenticationClient authClient = new AuthenticationClient();

Hope this helps.

Noamaan Abbas

Does this still work in CS21+ ?

Greg Griffiths

have you tried it ?