CSSDK - Writing Session Cookie Info

Gregg Faus

Is it possible to create a session cookie so that if a new session is created in CSSDK2.0 (by username/password) you could write this cookie information to the client? What I'm trying to do is avoid having our users log in twice within a custom app:
- once to an admin portal page outside TeamSite (in same domain, but different server) in which they specify a username/password. This page uses URL commands (CCI's) to link to DCR's
- and again to log in into TeamSite if they haven't logged in within the timeout period (1 day for us)

So basically, I want to use the credentials they log in to the admin portal to log them into TeamSite transparently. I could do this with Web Services (CSClient getClient method) and write out a session cookie. My problem is what cookie info do I need to write in order to do this? Is it available? Is it the "AUTH" or "JSESSIONID" cookie that I'd need to write?

Any insight would be appreciated.

Thanks.

gf

Migrateduser

It is the AUTH cookie that will be used.

Best Regards,
Narendra

Gregg Faus

So the "IWAUTH" cookie will be read in, decrypted, and then used to determine if a valid session can be applied. This is all done within a TS servlet. This I understand. But is there any way to produce such a cookie from CSSDK by passing in a username, password, etc?

I know the encryption is technique is embedded somewhere and wouldn't be available, but is there any way to call the encryption method somewhere? Or is there a method that wraps this functionality?

Thanks.

Migrateduser

Hi,
The CSFactory.getClient call that takes in username and password, returns a CSClient object; if you do CSClient.getContext().getSessionString(), you get the session string. You can use that to replace the IWAUTH cookie.



Best Regards,
Narendra

Gregg Faus

Sweet, just the answer I needed. Thanks for the help.

ruler

gf,

I am trying to implement a single sign on into teamsite from the internal portal page exactly like you are doing, Could you please provide me some idea, code samples, that you used to implement this. I am kind of lost here.

Once you authenticate to teamsite do you use iw_tmp_login_location variable to tell the browser to take you to the desired location or how did you do it.

Any help will be apprecaited .


thanks in advance

Gregg Faus

I actually got around to implementing a single sign on utility (I call it AutoLogin) not to long ago. I implemented it using a custom servlet which I placed in the customer directory. The servlet takes in a base64 encoded (not secure I know) username/password and redirect parameter. It then decodes the username/password, uses that to create a local client factory object which is then used to write out the correct cookie so the login screen is by-passed.

I choose this route because you cannot write cross domain cookies, so the cookie writing needs to take place on the same domain as the ContentCenter.

I've attached code for the servlet. I don't have much time to explain right now, but look it over and post any questions.

-gf

ruler

Thanks for the servlet file, it was very helpful.

However I am i am not clear like where you placed the servlet file. I mean like did you put it in /customer_src folder. If yes what are the associated configration file changes you made. How did you execute the servlet.

I placed the servlet in customer_src folder and added the entry for it in web.xml file. Now when I try to invoke it with the following URL: http://172.19.229.152/iw-cc/command/MolToTeamsiteServlet

it takes me to the teamsite login page.

Any help will eb appreciated.


thanks

Bill Klish

Can you post your web.xml snippet?

If you connected it to the authentication filter, you will be directed there if the request detects that you are not authenticated to TeamSite. that *should* happen before your code executes.

ruler

<web-app>
<servlet>
<servlet-name>MolToTeamsiteServlet</servlet-name>
<servlet-class>com.mastercard.custom.MolToTeamsiteServlet</servlet-class>
</servlet>
<servlet-mapping>
<servlet-name>MolToTeamsiteServlet</servlet-name>
<url-pattern>/MolToTeamSite</url-pattern>
</servlet-mapping>
</web-app>

is the web.xml snippet

Gregg Faus

I placed the servletd file in:
$iwhome\local\config\lib\content_center\customer_src\src\com\company39\utilities\teamsite

You may choose to change the company name (company39) to your own organization.

To configure the servletd you must edit this file:
$iwhome\local\config\lib\content_center\customer_src\etc\web.xml and add a servlet mapping like so:<?xml version="1.0" encoding="ISO-8859-1"?>
<!DOCTYPE web-app PUBLIC "-//Sun Microsystems, Inc.//DTD Web Application 2.3//EN"
"http://java.sun.com/dtd/web-app_2_3.dtd">
<web-app>
<servlet>
<servlet-name>AutoLoginServlet</servlet-name>
<servlet-class>com.company39.utilities.teamsite.AutoLoginServlet</servlet-class>
</servlet>
<servlet-mapping>
<servlet-name>AutoLoginServlet</servlet-name>
<url-pattern>/autologin</url-pattern>
</servlet-mapping>
</web-app>

Once you rebuild the toolkit, this entry will be added to the master web.xml in the ContentCenter app. In my case, the servlet runs under the URL /iw-cc/autologin

Bill Klish

You need to add the authentication filter mapping for this to be picked up and run correctly.

<web-app>
<filter-mapping>
<filter-name>authentication</filter-name>
<servlet-name>MolToTeamsiteServlet</servlet-name>
</filter-mapping>
<servlet>
<servlet-name>MolToTeamsiteServlet</servlet-name>
<servlet-class>com.mastercard.custom.MolToTeamsiteServlet</servlet-class>
</servlet>
<servlet-mapping>
<servlet-name>MolToTeamsiteServlet</servlet-name>
<url-pattern>/MolToTeamSite</url-pattern>
</servlet-mapping>
</web-app>

Now that I re-read your post, I am not sure if this is what you want. If you are trying to write a login screen, you probably don't want to be authenticated with TeamSite, as that is what you are trying to do.