I
Irfan
Guest
Hi Marko, In-order to send something other than username and password and perform authentication, I would choose something like CustomAuthorization. This is something I would choose if I have to pass tokens for authentication. For your case, you can pass the username+password+device-id as one encoded token using Custom Authorization to ABL, then ABL can decode it and validate the details. Once validated, it will work the same way as OERealm. Here are the properties I would set to use customAuthorization. Important details are "authSchema,realmClass,authHeader and tokenSecret) customAuthorizationFilter.authPolicy=required customAuthorizationFilter.authScheme=devtoken customAuthorization.UserDetails.realmClass=OpenEdge.Security.Authentication.CustomAuthorization customAuthorizationFilter.authHeader=Authorization customAuthorizationFilter.tokenSecret=secret customAuthorization.AuthProvider.multiTenant=true customAuthorization.AuthProvider.expires=0 customAuthorization.AuthProvider.sealClientPrincipal=true customAuthorization.AuthProvider.accntinfo=true customAuthorization.AuthProvider.authz=true authSchema -Required name of the Authentication-scheme realmClass - The name of the OERealm ABL class to execute tokenSecret - A shared secret that can be sent to the CustomAuthHeader class's ValidatePassword() method, where it may be used by the CustomAuthHeader class to authenticate its caller. The CustomAuthHeader class may choose to ignore validating the shared secret or not. authHeader=The HTTP header name to intercept Attached the sample ABL Classes that I used for CustomAuthorization. My use-case was to send a token in a HTTP Header to PAOSE and get it validated. (Please visit the site to view this file)(Please visit the site to view this file)
Continue reading...
Continue reading...