K
knavneet
Guest
Hello Mike, I believe you don’t need to configure OEPreauthfilter unless you expect the Mobile webapp to receive a pre-authenticated SSO token from an external authentication system like Rollbase. The pre-auth filter is currently supported for Rollbase Single-Sign-On to access OpenEdge Service Object. If this is not your configuration requirement, you can skip this filter. There is a CCID support in the security template, which I think you might want to look at. Sometimes COOKIEs are not allowed in some clients and REST JSON data services do not perform URL rewriting of session-ids. In these cases the client must have some means of obtaining the user's login session id. This is performed using the CCID functionality available to other AppServer clients. The CCID support inserts a X-CLIENT-CONTEXT-ID http header in each response message. The client may obtain the value and insert it into the next request's URL as a "JSESSIONID" query option. To enable CCID response headers add the "ccid" property to the "OEClientPrincipalFilter" bean configuration. Property Name Description Datatype Default Range "ccid" Enable/disable CCID Boolean "true" {"true"|"false"} I believe you need to find “OEClientPrincipalFilter” and configure “ccid” Also, regarding your question about URL access privilege, in the xml file you will find Intercept URL like this: === !-- Restricted Mobile session class uses this page as part of its login() operation, protect it so it triggers user authentication -- intercept-url pattern="/static/home.html" access="hasAnyRole('ROLE_PSCUser')"/ === This means that access to "/static/home.html" resource is available to anyone with role PSCUser. You can change the access permission as per your requirement. (Note that Spring appends ROLE_ as a prefix, so if you use OE Realm to return roles for a user, make sure you do it without ROLE_ prefix, i.e. PSCUser and not ROLE_PSCUser). Please excuse me if I didn’t understand the configuration and requirement correctly. If you can let me know the appSecurity file you are using and the filters or beans that you configure, I can try to look into what might be missing. Thanks, Navneet From: Akioma [mailto:bounce-Akioma@community.progress.com] Sent: Monday, June 29, 2015 9:10 PM To: TU.Mobile@community.progress.com Subject: RE: [Technical Users - Mobile] how to get clientContextId from Rest backend in javascript client RE: how to get clientContextId from Rest backend in javascript client Reply by Akioma figured out what the problem was: I did not return a value for the ATTR_ENABLED attribute. Now the login works without error, BUT: I still get no clientContextId. Also in the backend when I display SESSION:CURRENT-REQUEST-INFO:ClientContextId it is empty. I set OEPreauthfilter: b:bean id="OEPreauthfilter" class="com.progress.rest.security.OERequestHeaderAuthenticationFilter" !-- USER-EDIT: To turn on SSO : 1. Set "enabled" property to true 2. For single-domain supply the Domain Access Code as the value for "key" property 3. For multi-domain supply the absolute path of a 'registryFile' generated using OpenEdge's $DLC/bin/gendomreg.bat utility as "registryFile" property -- b
roperty name="enabled" value="true"/ broperty name="key" value="123456"/ broperty name="registryFile" value= "" / broperty name="encoding" value="OECP"/ broperty name="headername" value="X-CLIENT-CONTEXT-ID"/ broperty name="authenticationManager" ref="authenticationManager" / /b:bean Anything I am missing here...? Stop receiving emails on this subject. Flag this post as spam/abuse.
Continue reading...
roperty name="enabled" value="true"/ broperty name="key" value="123456"/ broperty name="registryFile" value= "" / broperty name="encoding" value="OECP"/ broperty name="headername" value="X-CLIENT-CONTEXT-ID"/ broperty name="authenticationManager" ref="authenticationManager" / /b:bean Anything I am missing here...? Stop receiving emails on this subject. Flag this post as spam/abuse.Continue reading...