Status: Open
Status: Answered
Status: Closed
Status: Duplicate

Authenticate with REST API with CS and OTDS

1
Posted Nov 25 by Ugis Godmanis.

Hello,

Is it possible to authenticate with REST API to CS which has OTDS authentication enabled? And is it possible to authenticate users without providing credentials when SSO is available with OTDS?

I've read in another post that REST url should have anonymous authentication set on web server however i don't see how it is possible when using OTDS. Is this true?

Also previously i had working code for CS 10.5 (CS authentication) that no longer works when OTDS is set as authentication method and CS 10.5 has 2014-06 patch (updated REST syntax maybe?). The code that previously worked just fine for authentication:

var ticket;
$.post("http://url/cs/livelink.exe/api/v1/auth",
    {
        username:"Admin",
        password:"xx"
    },
    function(data,status){
        ticket = data.ticket;
});

But now the same gives 500 error.

Thanks,

Ugis

4 Answers

1
BEST ANSWER: As chosen by the author.

Hi Ugis,
You might want to review this KB article
OpenText Directory Services (OTDS) - Configuring OTDS with LDAP (AD LDS) for SSO Functions
https://knowledge.opentext.com/knowledge/cs.dll?func=ll&objId=49723479&objAction=ArticleView&viewType=1

Regards, Andre


0
BEST ANSWER: As chosen by the author.

Hi Andre,

SSO with OTDS works just fine when I access CS via browser / UI.

Ugis


-1
BEST ANSWER: As chosen by the author.

About the CS + OTDS: Yes, it is possible to authenticate with the REST API to CS which has the OTDS authentication enabled. You received the 500 error, which is often a crash in OScript. Can you try catching in Oclipse? You could open a support case; the 500 is unexpected.

About the SSO: In order to reuse the already authenticated session with CS or OTDS, you need to receive the authentication token (LLCookie or OTDSTicket) from the application which performed the authentication. It usually means getting the ticket on the HTML page where you make the REST API call at. Other post and the links from there explain the general idea.

About the IWA: If your application performs a login to the CS (a page handled by http://url/cs/livelink.exe) you might be able to use the REST API at http://url/cs/livelink.exe/api/v1/auth. Once the IIS authenticates a page request from the browser, it may let the AJAX from the same page. You should test it. If your application runs on a different server (SP, SAP, Oracle), contacting the CS only via AJAX will not work. In that case, you would configure another virtual directory apart from the http://url/cs, for example http://url/rest, make it accessible anonymously and call the REST API via it. Generally, you should always base the CS REST API on a virtual directory with the anonymous access allowed, because it might be used also by non-browser tools which do not run in a Windows authenticated context.


0
BEST ANSWER: As chosen by the author.

I have the same woes here with Widgets –> REST API –> OTDS. Really would like to get this sorted as OTDS is a standard, and REST API is becoming one.

HELP!!!! and Happy New Year


 You have subscribed and will receive email notifications of updates to this topic. To unsubscribe, uncheck the checkbox.

Statistics

Related categories

Related tags

Your answer

To leave an answer, please sign in.