Topic
1 reply Latest Post - ‏2012-07-23T10:08:15Z by IdanAdar
ChuckFloyd
ChuckFloyd
1 Post
ACCEPTED ANSWER

Pinned topic Custom Adapter to authenticate against a Domino Server (SSO)

‏2012-07-17T11:22:09Z |
I have an adapter that I use to authenticate against a Domino server. I have an application that is using a Domino application (single db) as a primary data store, with ACL roles, etc. to control Access.

Using the "server" type of connection, I can get a valid Domino session going with the user who logs on, but this isn't sufficient as each user must have their own unique session from client (currently web browser) to the Domino server through the WL server. When I change the XML for the procedure "connectAs" to "endUser" instead of the default of Server, the connection is made, but any other calls to Domino causes the login page to be sent to the calling function instead of my agent's output (JSON).

The way the adapter works is that it will pass the user name and password to the Domino server default web form and if the response status code is 200, there is a problem, however if the response status is 302, it is being redirected, so the authentication passes. Upon a success (302) we then call an agent in a resource database to get all the relevant information about the current user that can be used in the web client and set that as additional attributes to the active user. All that seems to work and even my back end Domino agent sees the DomAuthSessID value created (via ContextDocument's HTTP_Cookie field)

Does anyone know how to tell WL to maintain a unique domino session per user?

Here is the current version of my Adapter.xml:
<?xml version="1.0" encoding="UTF-8"?>
<wl:adapter name="rsaDominoAdapter"
xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
xmlns:wl="http://www.worklight.com/integration"
xmlns:http="http://www.worklight.com/integration/http"
authenticationRealm="DominoRealm">

<displayName>rsaDominoAdapter</displayName>
<description></description>
<connectivity>
<connectionPolicy xsi:type="http:HTTPConnectionPolicyType">
<protocol>http</protocol>
<domain>**** CLEANSED FOR THIS POSTING*****</domain>
<port>80</port>
</connectionPolicy>
<loadConstraints maxConcurrentConnectionsPerNode="2" />
</connectivity>

<procedure name="submitAuthentication" >
<displayName>submitAuthentication</displayName>
<description>Procedure and processes for authenticating against the RSA Domino Domain - uses the names.nsf?Login</description>
</procedure>
<procedure name="dominoURL" requiresAuthentication="true" connectAs="endUser">
<description>A general procedure to call any RSA Domino application URL, authenticating first, and then returning what ever results are provided from the server.</description>
</procedure>
<procedure name="dominoPublicURL" requiresAuthentication="false">
<description>A general procedure to call any RSA Domino application PUBLIC URL, returning what ever results are provided from the server.</description>
</procedure>
</wl:adapter>

Thanks for any thoughts and ideas,
Chuck Floyd
Rohde & Schwarz USA, Inc.
  • IdanAdar
    IdanAdar
    288 Posts
    ACCEPTED ANSWER

    Re: Custom Adapter to authenticate against a Domino Server (SSO)

    ‏2012-07-23T10:08:15Z  in response to ChuckFloyd
    Hi, sorry for not replying in the forum.
    This is now handled via a support ticket.

    Idan Adar
    QA Engineer
    IBM Worklight Mobile Platform