Eclipse Community Forums: Eclipse Process Manager (Stardust)

Home » Archived » Eclipse Process Manager (Stardust) » Security Credentials is missing(I have enabled Security Propagation but it returns an empty ipp_session_credentials.)

Show: Today's Messages :: Show Polls :: Message Navigator

Security Credentials is missing [message #1502895]

Mon, 08 December 2014 02:40

Melissa Ferenal

Messages: 18
Registered: November 2014

Junior Member

Hi,

My process loads an external UI Mashup that calls a webservice function from stardust. However, it needs user credentials to access the service.

I have enabled the Security Propagation feature in carnot.properties file:

org.eclipse.stardust.ui.web.feature.mashupCredentialsPropagation = always

But when I checked the values returned from the ippMashupAuthProxy(which calls http://localhost:8080/ipp-portal/services/rest/views-common/userInfo), ipp_session_credentials is empty.

Response from userinfo service:

{"uri":"----URI HERE----","[b]ipp_session_credentials[/b]":[]}

Regards,

Melissa

Report message to a moderator

Re: Security Credentials is missing [message #1505578 is a reply to message #1502895]

Wed, 10 December 2014 06:30

Rajkumar Dangi

Messages: 51
Registered: November 2014
Location: Pune, India

Member

Hi,

Where are you putting the tokens ? which should be passed to your extenal UI Mashup applications.

See the logic to passing the tokens for External MashUp applications works like this:
1. If you have set the "SessionTokens" in UserConfiguration which is extending to "org.eclipse.stardust.engine.core.spi.security.ExternalUserConfiguration" then it will be propagated to MashUP applications as cookies otherwise no cookie will be set.

See my code snippet where i am passing tokens which is expected at my MashUp applications:

public class UserConfiguration extends ExternalUserConfiguration {
	---------------
	---------------
	@Override
	public Map<String, String> getSessionTokens() {
		sessionTokens.put("CustomAuthorization", "OAuth");
		sessionTokens.put("oauth_token_secret", "Twitter Secret");
		sessionTokens.put("oauth_signature_method", "RKD");
		return sessionTokens;
	}
	
	--------------------------------
	--------------------------------
}

So in above code whatever tokens i have set in my SessionTokens Map all these tokens will be set as cookies by IPPMashUpProxy page before invoking your Mashup Application.

I hope it will help you.

-Thanks
RajKumar

Report message to a moderator

Re: Security Credentials is missing [message #1506637 is a reply to message #1505578]

Thu, 11 December 2014 01:17

Dan Cimpoesu

Messages: 23
Registered: August 2014

Junior Member

Hi RajKumar

Your code is clear. I assume the steps someone needs to take are:

1. create a custom jar that is included in portal WAR

2. implement UserConfiguration class

3. register the UserConfiguration class so the portal is aware of its existence so it uses it

Is the step 3 automatic? Is the portal looking for concrete classes that extend ExternalUserConfiguration?

Regards
Dan

Report message to a moderator

Re: Security Credentials is missing [message #1507215 is a reply to message #1505578]

Thu, 11 December 2014 12:17

Rajkumar Dangi

Messages: 51
Registered: November 2014
Location: Pune, India

Member

Hi Dan,
There are some properties which needs to be set in carnot.properties.

See below article which describes end to end working for this concept as well as you could download source code and explore how it works.

http://wiki.eclipse.org/Stardust/Knowledge_Base/Integration/UI/UIMashup/Security_Tokens_Propagation_For_Eternal_Web_Applications

-Thanks,
RajKumar

[Updated on: Thu, 11 December 2014 12:18]

Report message to a moderator

Previous Topic:	Oracle "OAUTH marshalling failure" calling sysconsole command
Next Topic:	Mobile UI packaged as Chrome App

Goto Forum:

-=] Back to Top [=-

[ Syndicate this forum (XML) ] [

]

Current Time: Mon Nov 19 13:07:58 GMT 2018

.:: Contact :: Home ::.

Breadcrumbs

Sign up to our Newsletter