Warning

JUser: :_load: Unable to load user with ID: 1005

Michael W.
Michael W.
Offline
0
How can I launch an AppScript from URL for a given user/password? We use SSO and I tried to pass the login data via URL-Parameter like this without success:

http://server:8085/alfssologin/login?...
Responses (16)
  • Accepted Answer

    Thursday, May 16 2013, 03:45 AM - #Permalink
    0
    I have used non SSO in the past to pass username and password in the url to do web querys from Excel - It use to work fine but doesn't any longer. I have a case open with Serena on this issue but to date no resolution.
    The reply is currently minimized Show
  • Accepted Answer

    Michael W.
    Michael W.
    Offline
    Thursday, May 16 2013, 03:50 AM - #Permalink
    0
    I need to access the output of the AppScript from a cms (typo3).

    It seems that the source of the login page lies in

    SBM\Common\jboss405\server\default\deploy\ALFSSOLogin.war\jsp\login.jsp
    The reply is currently minimized Show
  • Accepted Answer

    Thursday, May 16 2013, 12:12 PM - #Permalink
    0
    Mike,

    I might be doing something different but my sbm is setup to use SSO as well but I still use the same url as the documentation says and the script still runs.

    http://servername/tmtrack/tmtrack.dll?ScriptPage&scriptName=myScript&msg=Test
    The reply is currently minimized Show
  • Accepted Answer

    Friday, May 17 2013, 02:44 AM - #Permalink
    0
    My post was only to say that for me passing the userid and password via the url didn't work, and that I think I still have an active case on this issue. It used to work but stopped at some unknown time. I cannot do Web Query's any longer, they work during the initial setup but fail after you save the spreadsheet, close the doc and re-open. The post was mostly informational as I thought the OP might be dealing with a username password passing issue rather than script. Am I clear that you can run the script via url context without passing a username and password?
    The reply is currently minimized Show
  • Accepted Answer

    Michael W.
    Michael W.
    Offline
    Monday, May 20 2013, 10:42 PM - #Permalink
    0
    Hi Mike and Brian. Once a user is logged in, the script works in a browser via

    http://server/tmtrack/tmtrack.dll?ScriptPage&ScriptName=function.ScriptName

    If no user is logged in, the URL above leads to the logon form.

    With typo3 running on another machine I need a user login to get the script running. Our Serena Consulter told me that I can use the logon like I showed in my first post:

    http://server:8085/ALFSSOLogin/login?username=user&password=pwd&logintype=1amp;continue=http%3A%2F%2Fserver%2Ftmtrack%2Ftmtrack.dll%3FScriptPage%26ScriptName%3Dfunction.ScriptName

    But this is not working. I suppose I need something like a working session or a hidden parameter.
    The reply is currently minimized Show
  • Accepted Answer

    Tuesday, May 21 2013, 01:09 AM - #Permalink
    0
    Michael,

    You can try to add these two parameters to your URL

    &ttAuthUID=user

    &ttAuthPWD=pwd
    The reply is currently minimized Show
  • Accepted Answer

    Tuesday, May 21 2013, 02:30 AM - #Permalink
    0
    Yes I've been using that in the url for years but suddenly it quit working one day. The setup inside Excel works until I save and close Excel then i get an error indicating it couldn't connect."The web query returned no data" message and wants me to edit the web query
    The reply is currently minimized Show
  • Accepted Answer

    Michael W.
    Michael W.
    Offline
    Tuesday, May 21 2013, 02:39 AM - #Permalink
    0
    Thanks Duru, but it's not working for me. Even if I use all three pairs of auth parameter:

    http://server:8085/alfssologin/login?...
    The reply is currently minimized Show
  • Accepted Answer

    Tuesday, May 21 2013, 04:29 AM - #Permalink
    0
    Hey guys,

    When using SSO there's no way to do this. SBM has several authentication types available with increasing levels of security. We do support an authentication type that allows for login parameters on the URL (Form/URL/Cookie) but this does not work for all authentication types.

    SSO is our most secure form of authentication and session management. It has a plethora of safe guards built into it, one of which is the prevention of replay attacks. This is why the above request to the login page doesn't work. We won't issue security tokens to unsolicited requests.

    To do what you're wanting to do here it would be best to have a little programmatic interaction where you go through the login process then make the request for the script to run.
    The reply is currently minimized Show
  • Accepted Answer

    Michael W.
    Michael W.
    Offline
    Tuesday, May 21 2013, 04:55 AM - #Permalink
    0
    Hi Brock,

    after all I was afraid to hear this answer.

    Could you please specify your proposed solution with the "little programmatic interaction"? Shall I modify the login.jsp ?
    The reply is currently minimized Show
  • Accepted Answer

    Tuesday, May 21 2013, 07:11 AM - #Permalink
    0
    Hi Michael,

    Use the following WS-Trust request. You can call a SOAP service at

    http://hostname:8085/idp/services/Trust

    Unfortunately there is no WSDL for WS-Trust requests so you'd have to handcraft it from the snippet below.



    <?xml version="1.0" encoding="UTF-8"?>

    <soapenv:Envelope xmlns:soapenv="http://schemas.xmlsoap.org/soap/envelope/">

    <soapenv:Header xmlns:wsa="http://www.w3.org/2005/08/addressing">

    <wsse:Security xmlns:wsse="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd" soapenv:mustUnderstand="1">

    <wsse:UsernameToken xmlns:wsu="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd">

    <wsse:Username>bill</wsse:Username>

    <wsse:Password Type="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-username-token-profile-1.0#PasswordText"></wsse:Password>

    </wsse:UsernameToken>

    </wsse:Security>

    <wsa:Action>http://schemas.xmlsoap.org/ws/2005/02/trust/RST/Issue</wsa:Action>

    </soapenv:Header>

    <soapenv:Body>

    <wst:RequestSecurityToken xmlns:wst="http://schemas.xmlsoap.org/ws/2005/02/trust">

    <wsp:AppliesTo xmlns:wsp="http://schemas.xmlsoap.org/ws/2004/09/policy">

    <wsa:EndpointReference xmlns:wsa="http://www.w3.org/2005/08/addressing">

    <wsa:Address>uri:org:eclipse:alf:sso:relyingparty:anonymous:anonymous:anonymous</wsa:Address>

    </wsa:EndpointReference>

    </wsp:AppliesTo>

    <wst:RequestType>http://schemas.xmlsoap.org/ws/2005/02/trust/Issue</wst:RequestType>

    <wst:TokenType>urn:oasis:names:tc:SAML:1.0:assertion#Assertion</wst:TokenType>

    </wst:RequestSecurityToken>

    </soapenv:Body>

    </soapenv:Envelope>



    Put the username and password in the wsse:Username and wsse:Password elements in the SOAP WS-Security header. The response would be either a SOAP fault if you failed or a WS-Trust RequestSecurityTokenResponse SOAP message. The response is too big for me to post here but you need to extract the token from

    soap:Envelope/soap:Body/wst:RequestSecurityTokenResponse/wst:RequestedSecurityToken/

    it will be an XML in the form of ...

    If you convert that XML to a string and then BASE64-encode it, you'd be able to include it to your calls to Application Engine in a ALFSSOAuthnToken HTTP header.
    The reply is currently minimized Show
  • Accepted Answer

    Saturday, May 25 2013, 06:19 PM - #Permalink
    0
    On a VM with 2009 R4.01, the Authentication option for "Accept Info From Form/URL/Cookie" allows me to pass either plain-text or encoded authentication info in the URL ("&ttAuthUID=joe&ttAuthPWD=joespwd" or "&ttAuthInfo=am9lOmpvZXNwd2Q="). This isn't running SSO so that might be a factor.
    The reply is currently minimized Show
  • Accepted Answer

    Michael W.
    Michael W.
    Offline
    Sunday, May 26 2013, 09:52 PM - #Permalink
    0
    Thanks for the answer. It seems quite a bit of work to realise this solution and I need to find the time to try.
    The reply is currently minimized Show
  • Accepted Answer

    Tuesday, May 28 2013, 02:24 AM - #Permalink
    0
    I'm running 2009R4.03 and I do have the Accept INfo From Form/URL/Cookie turned on. I also do not run SSO. I will try with the url using an encoided password but the plain text will not work after initial setup in Excel.
    The reply is currently minimized Show
  • Accepted Answer

    Tuesday, May 28 2013, 02:53 AM - #Permalink
    0
    I tried with the encoded password - no difference - same error after saving and closing the Excel file. " The Web Query returned no data" as soon as you try to refresh the data.
    The reply is currently minimized Show
  • Accepted Answer

    Michael W.
    Michael W.
    Offline
    Monday, June 17 2013, 02:48 AM - #Permalink
    0
    Small Update: what I am doing now is calling the script manually and copying the results into a file that is imported into Typo3.
    The reply is currently minimized Show
Your Reply

Recent Tweets