Home
Analytics
iPortalID URI Parameter = API's AuthID?
jafurman
Hello,
I am hoping someone can confirm or deny that the iPortalID parameter for iPortal URIs can be populated with an AuthID retrieved from a call to the Login operation in the Actuate Information Delivery API.
In other words, I would like to be able to call the Login operation via webservice to retrieve an AuthID, then redirect the user to a specific page on the iPortal by passing the AuthID as a parameter so that the user doesn't have to log in (since I will have already authenticated them). Is that possible?
I know that you can also pass the username and password as parameters in the URI, but I would like to avoid that if at all possible. I also know that it is possible to create a custom security adapter by implementing the IPSE Java classes, but a) I'm not terribly familiar with Java and b ) it seems that works similarly to passing the username and password in the URI to begin with.
Thanks in advance,
Joel
Find more posts tagged with
Comments
Virgil Dodson
moved to the BIRT iServer forum
averma
Hi Joel ,
This approach will not be sufficient since IC uses session based security model to control only authenticated users can access the application(to prevent hacker attacks). I will recommend IPSE approach, if you are not familiar with java, you can use/modify some pre-built examples that you find in the documentation or product samples. Here is an article (a bit old) but can also serve as a good starting point:
http://www.birt-exchange.org/org/devshare/deploying-birt-reports/858-implementing-single-sign-on-in-iserver-express-/#description
RSiegler
Joel,<br />
<br />
The two are not the same value.<br />
They have different creation methods, different lengths, and different requirements on the back end.<br />
Unfortunately, you cannot "swap" AuthID and iPortalID.<br />
<br />
Best Regards,<br />
Ryan Siegler<br />
<br />
<br />
<blockquote class='ipsBlockquote' data-author="'jafurman'" data-cid="101890" data-time="1338915292" data-date="05 June 2012 - 09:54 AM"><p>
Hello,<br />
<br />
I am hoping someone can confirm or deny that the iPortalID parameter for iPortal URIs can be populated with an AuthID retrieved from a call to the Login operation in the Actuate Information Delivery API.<br />
<br />
In other words, I would like to be able to call the Login operation via webservice to retrieve an AuthID, then redirect the user to a specific page on the iPortal by passing the AuthID as a parameter so that the user doesn't have to log in (since I will have already authenticated them). Is that possible?<br />
<br />
I know that you can also pass the username and password as parameters in the URI, but I would like to avoid that if at all possible. I also know that it is possible to create a custom security adapter by implementing the IPSE Java classes, but a) I'm not terribly familiar with Java and b ) it seems that works similarly to passing the username and password in the URI to begin with.<br />
<br />
Thanks in advance,<br />
Joel<br /></p></blockquote>
jafurman
Thanks for your replies. I ended up going with a Custom Security Adapter solution, similar to that described in the article above.
Thanks,
Joel
