Skip to main content


Eclipse Community Forums
Forum Search:

Search      Help    Register    Login    Home
Home » Archived » Eclipse Process Manager (Stardust) » Security Credentials is missing(I have enabled Security Propagation but it returns an empty ipp_session_credentials.)
Security Credentials is missing [message #1502895] Mon, 08 December 2014 02:40 Go to next message
Melissa Ferenal is currently offline Melissa FerenalFriend
Messages: 18
Registered: November 2014
Junior Member
Hi,

My process loads an external UI Mashup that calls a webservice function from stardust. However, it needs user credentials to access the service.

I have enabled the Security Propagation feature in carnot.properties file:
org.eclipse.stardust.ui.web.feature.mashupCredentialsPropagation = always


But when I checked the values returned from the ippMashupAuthProxy(which calls http://localhost:8080/ipp-portal/services/rest/views-common/userInfo), ipp_session_credentials is empty.

Response from userinfo service:
{"uri":"----URI HERE----","[b]ipp_session_credentials[/b]":[]}



Regards,

Melissa
Re: Security Credentials is missing [message #1505578 is a reply to message #1502895] Wed, 10 December 2014 06:30 Go to previous messageGo to next message
Rajkumar Dangi is currently offline Rajkumar DangiFriend
Messages: 51
Registered: November 2014
Location: Pune, India
Member
Hi,

Where are you putting the tokens ? which should be passed to your extenal UI Mashup applications.

See the logic to passing the tokens for External MashUp applications works like this:
1. If you have set the "SessionTokens" in UserConfiguration which is extending to "org.eclipse.stardust.engine.core.spi.security.ExternalUserConfiguration" then it will be propagated to MashUP applications as cookies otherwise no cookie will be set.

See my code snippet where i am passing tokens which is expected at my MashUp applications:
public class UserConfiguration extends ExternalUserConfiguration {
	---------------
	---------------
	@Override
	public Map<String, String> getSessionTokens() {
		sessionTokens.put("CustomAuthorization", "OAuth");
		sessionTokens.put("oauth_token_secret", "Twitter Secret");
		sessionTokens.put("oauth_signature_method", "RKD");
		return sessionTokens;
	}
	
	--------------------------------
	--------------------------------
}



So in above code whatever tokens i have set in my SessionTokens Map all these tokens will be set as cookies by IPPMashUpProxy page before invoking your Mashup Application.

I hope it will help you.

-Thanks
RajKumar


Re: Security Credentials is missing [message #1506637 is a reply to message #1505578] Thu, 11 December 2014 01:17 Go to previous messageGo to next message
Dan Cimpoesu is currently offline Dan CimpoesuFriend
Messages: 23
Registered: August 2014
Junior Member
Hi RajKumar

Your code is clear. I assume the steps someone needs to take are:

1. create a custom jar that is included in portal WAR

2. implement UserConfiguration class

3. register the UserConfiguration class so the portal is aware of its existence so it uses it

Is the step 3 automatic? Is the portal looking for concrete classes that extend ExternalUserConfiguration?

Regards
Dan

Re: Security Credentials is missing [message #1507215 is a reply to message #1505578] Thu, 11 December 2014 12:17 Go to previous message
Rajkumar Dangi is currently offline Rajkumar DangiFriend
Messages: 51
Registered: November 2014
Location: Pune, India
Member
Hi Dan,
There are some properties which needs to be set in carnot.properties.

See below article which describes end to end working for this concept as well as you could download source code and explore how it works.

http://wiki.eclipse.org/Stardust/Knowledge_Base/Integration/UI/UIMashup/Security_Tokens_Propagation_For_Eternal_Web_Applications

-Thanks,
RajKumar

[Updated on: Thu, 11 December 2014 12:18]

Report message to a moderator

Previous Topic:Oracle "OAUTH marshalling failure" calling sysconsole command
Next Topic:Mobile UI packaged as Chrome App
Goto Forum:
  


Current Time: Mon Nov 19 13:07:58 GMT 2018

Powered by FUDForum. Page generated in 0.02244 seconds
.:: Contact :: Home ::.

Powered by: FUDforum 3.0.2.
Copyright ©2001-2010 FUDforum Bulletin Board Software

Back to the top