B
bauen@fordav.com
Guest
Thanks for the responses Michael and Peter. I went ahead asserted the user using the SET-DB-CLIENT(). However, I am still a bit lost on the subject of SSO with the CLIENT-PRINCIPAL. In my oeablSecurity.properties file should I have the client.login.model set to "basic" or "sso". Ideally, I would like this to be SSO with my http.all.authmanager set to "ad". To clarify - I have a PASOE web service setup with this config: http.all.authmanager = ad client.login.model = basic OEClientPrincipalFilter.enabled=true OEClientPrincipalFilter.key= OEClientPrincipalFilter.registryFile= OEClientPrincipalFilter.domain= OEClientPrincipalFilter.roles= OEClientPrincipalFilter.authz=true OEClientPrincipalFilter.expires=28800 OEClientPrincipalFilter.accntinfo=false OEClientPrincipalFilter.ccid=false OEClientPrincipalFilter.anonymous=false OEClientPrincipalFilter.sealAnonymous=false OEClientPrincipalFilter.appName=OE OEClientPrincipalFilter.passthru=false OEClientPrincipalFilter.domainRoleFilter= OEClientPrincipalFilter.loadAccntAttrList= Along with my properties for AD configured accordingly. The Web Service does not accept any input parameters. It authenticates and authorizes with these settings when I fire off the request in postman. However, if I hit the endpoint again I still have to provide user credentials for the basic authentication. I assume this is intended as I have client.login.model = basic. However, if I switch to client.login.model = sso I am confused about the process of authentication against ad. I apologize in advance as I know this is likely a basic concept that I am overlooking. Any links to documentation, input, etc. would be greatly appreciated.
Continue reading...
Continue reading...