Re: [lyo-dev] Problem with OpenId Login

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index] [List Home]

Re: [lyo-dev] Problem with OpenId Login

From: Andrii Berezovskyi <andriib@xxxxxx>
Date: Fri, 22 Mar 2019 21:21:34 +0000
Accept-language: en-GB, en-US, sv-SE
Delivered-to: lyo-dev@xxxxxxxxxxx
List-archive: <https://www.eclipse.org/mailman/private/lyo-dev>
List-help: <mailto:lyo-dev-request@eclipse.org?subject=help>
List-subscribe: <https://www.eclipse.org/mailman/listinfo/lyo-dev>, <mailto:lyo-dev-request@eclipse.org?subject=subscribe>
List-unsubscribe: <https://www.eclipse.org/mailman/options/lyo-dev>, <mailto:lyo-dev-request@eclipse.org?subject=unsubscribe>
Thread-index: AQHU4O9GTHBmErHVcUexLCoopki8caYYKJXm
Thread-topic: [lyo-dev] Problem with OpenId Login

Vielen Dank, Matthias!

Jim, could you please check the fix and add it to the 4.0 client?

/Andrew

(from phone)

22 mars 2019 kl. 20:38 skrev Matthias Buettgen <Matthias.Buettgen@xxxxxxxxxx>:

Hi developers,

I recently had to connect to a Jazz.net environmet which uses the Jazz Authorization Service (JAS). Unfortunately even though it should have been fixed (see this bug https://bugs.eclipse.org/bugs/show_bug.cgi?id=502182) the authentication wasn't possible. After verifying the JazzFormAuthClient I identified the error and fixed it on my own. Find below my fix to the issue.

// Check to see if the response is from a Jazz Authorization Server that supports OIDC.
// In CLM 6.x, the JAS supports Basic auth to be compatible with earlier releases.
// If we're talking to a JAS that supports OIDC, re-do the request with a Basic auth header to gain access.
if (HttpStatus.SC_UNAUTHORIZED == statusCode) { // this might be a JSA server.
    if (true == handleJsaServer()) {
        // Re-do the original request using Basic auth, starting at the last authorization redirect.
        authenticatedIdentity = new HttpGet(lastRedirectResponse.getFirstHeader(JAZZ_JSA_REDIRECT_HEADER).getValue() + "&prompt=none");
        String credentials = new String(user + ":" + password);
        authenticatedIdentity.setHeader("Authorization", "Basic " + Base64.encode(credentials.getBytes("UTF-8")));
        resp = httpClient.execute(authenticatedIdentity);
        statusCode = resp.getStatusLine().getStatusCode();
        EntityUtils.consume(resp.getEntity());
        statusCode = followRedirects(statusCode, getHeader(resp,"Location"));
        // add this statement to enable the usage of JAS
        // otherwise the code proceed with the form-based authentication which doesn't
        // work in a JAS environment
        return statusCode;
    }
}

It would be great if you could fix it for the existing Lyo Releases.

Thanks and best regards

Matthias

Mit freundlichen Grüßen / kind regards,

Mathias Buettgen

IT Specialist

IBM Watson Internet of Things

IBM Software Services

http://www.ibm.com/iot

-------------------------------------------
IBM Deutschland
Sittarder Straße 31
52078 Aachen
Phone: 49-162-1065044

E-mail: matthias.buettgen@xxxxxxxxxx
-------------------------------------------
IBM Deutschland GmbH / Vorsitzender des Aufsichtsrats: Martin Jetter
Geschäftsführung: Martina Koederitz (Vorsitzende), Dr. Christian Keller, Ivo Koerner, Nicole Reimer, Gregor Pillen, Dieter Scholz
Sitz der Gesellschaft: Ehningen / Registergericht: Amtsgericht Stuttgart, HRB 14562 / WEEE-Reg.-Nr. DE 99369940

_______________________________________________
lyo-dev mailing list
lyo-dev@xxxxxxxxxxx
To change your delivery options, retrieve your password, or unsubscribe from this list, visit
https://www.eclipse.org/mailman/listinfo/lyo-dev

References:
- [lyo-dev] Problem with OpenId Login
  - From: Matthias Buettgen

Prev by Date: [lyo-dev] Problem with OpenId Login
Next by Date: Re: [lyo-dev] Problem with OpenId Login
Previous by thread: [lyo-dev] Problem with OpenId Login
Next by thread: Re: [lyo-dev] Problem with OpenId Login
Index(es):
- Date
- Thread

Breadcrumbs