Status: Open This question has been answered and is therefore closed.
Status: Answered This question has been answered and is therefore closed.
Status: Closed This question has been answered and is therefore closed.
Status: Duplicate This question has been answered and is therefore closed.

Appworks sample app for CS without OTDS

0
Posted Oct 13 by Jaroslav Bambous.
Updated Oct 14 by Marcin Pacyga.

Hello,

I'd like to know whether the demo app

<https://developer.opentext.com/awd/resources/articles/1501648/appworks+demo+app+for+content+server>

will work on appworks where tempo is installed with content server authentication only (no otds)?

I installed the app and configured base url but it is saying authentication failed.

Thanks.

Jaroslav

8 Answers

0
BEST ANSWER: As chosen by the author.

hi Jaroslav,

I think it won't work because in the demo app otagtoken is used for authentication whilst in CS based auth OTCSTICKET should be used.


0
BEST ANSWER: As chosen by the author.

Thanks Marcin. Could you please share a basic sample script how to get OTCSTICKET from AppWorks for my scenario (CS auth)?

Thank you.

Jaroslav


0
BEST ANSWER: As chosen by the author.

0
BEST ANSWER: As chosen by the author.

Hello,

is there anyone who developed appworks application which is using otcsticket and can share auth script?

Thanks.

Regards,
Jaroslav


0
BEST ANSWER: As chosen by the author.

When you start an AppWorks application and the page you're opening needs authentication, you'll be authenticated against the OTDS connected to AppWorks and the OTDSTicket can be used for SSO to other server. If you want to communicate with a CS, which is not connected to the same OTDS, you will need to implement some login UI. The user will see another login dialog and they will have to log in again. Is the double login acceptable for your customer?


0
BEST ANSWER: As chosen by the author.

Hi Ferdinand,

thanks. This is clear answer. But, could you just tell me how the tempo works without OTDS inside OTAG and without displaying any additional login screen?

Thanks.

Regards,
Jaroslav


0
BEST ANSWER: As chosen by the author.

Want to check if it is possible to retrieve OTCSTicket through writing Custom Service? It will be nice if some can scribble steps…


0
BEST ANSWER: As chosen by the author.

When using OTAG in a mobile device, you enter and save you credentials in the OTE application container. OTE uses the credentials to obtain the OTDSTicket from OTDS.

When opening the OTAG web access, the browser redirects to OTDS, which does the authenticatoin and redirects back with the authorizaion token. The administrator has usually configured SSO with their AD+ADFS, so that the users don't need to log in in the browser. The redirects return immediately with the OTDSTicket for the identity from the Windows session.

Once you login to OTDS, you get a token usable from JavaScript. Other services, which your application is going to use are supposed to accept it to avoid another login. The OTDSTicket is accepted by CS 10.5.

It's not important where the OTDS runs. The bundled OTDS saves you time when installing OTAG alone. If you install OTAG at a customer, OTDS is usually deployed separately and used by multiple OT products.

OTCSTicket is not the only header which can authenticate the REST API requests. You can use any other ticket acceptable by login callbacks on your CS, including hardcoded credentials; I use the Basic Authentication for development purposes too.

Summarized, when your application is hosted in some portal, the portal provides the authentication. The authentication token should be accepted by the CS or there should be some module deployed which can establish the trust without another CS login.

Once you perform the very first call to the CS REST API - it's all the same what token you used - you should store the OTCSTicket from the response headers for the future communications. Every CS REST API request returns a fresh OTCSTicket, so that it doesn't expire when you're constantly communicating.

You'll find code samples for the authentication in this forum.


 You have subscribed and will receive email notifications of updates to this topic. To unsubscribe, uncheck the checkbox.

Statistics

Related categories

Related tags

Your answer

To leave an answer, please sign in.