I am using Jquery Mobile to start with IBM worklight project. I have created a Login Page. Whenever user click on the submit button I need the function too run to check for the username and password in the Database.
Database -> I am using MY SQl database. Using the command client I have added the tables, username Password and values. I need to check this table whenever user clicks on the submit button. IBM worklight tutorial says I need to add the JDBC jar file to server/lib. I have copy pasted the downloaded file on the same folder.
I don`t know whether I need to make my own Custom login Module or default thing is available.
There Isn`t a clear examples available in the IBM website for the Authentication. Please help me with this.
I would suggest reading the following:
Authentication concepts
Adapter-based authentication + Exercise and code sample
Adapter framework overview
SQL adapter – Communicating with SQL database + Exercise and code sample
from the Getting Started page. Also take a look at InfoCenter if you need more documentation.
From the adapter-based auth code sample, you can start by replacing:
if(username == "worklight" && password == "worklight") with a call to your backend (see sql adapter code sample) that checks if the username and password are valid.
Related
I'm using IdentityServer4 and whenever the user login for the first time the application shows consent screen for the scopes of an application to the user which is expected. If the user clicks "yes" and click on remember option the application is not showing the consent screen when the user login for second time onwards which is also expected. Here the problem I'm facing is whenever I restart the IdentityServer (or when I do the deployment) the user consent information is not persisting and it is showing the consent screen again for the user. Can anyone help me to know Is there any way to store the user consent information into DataBase or how can we know where the information is being stored when the application is in running. I did some debugging but couldn't find it. Thanks in advance.
Add reference IdentityServer4.EntityFramework.Storage nuget package to identity server 4 project, Then in startup.cs
service.AddIdentityServer((options) => {})
.AddPersistedGrantStore<PersistedGrantStore>()
// Add other services.
The PersistedGrantStore requires PersistedGrantDbContext uses EntityFramework and requires the DbContext to be configured (same way you configure other EntityFramework DbContext). For example to use SQL Server
services.AddDbContext<PersistedGrantDbContext>(options =>
options.UseSqlServer(connectionString));
You can use dotnet-ef command tool to create and initialize the tables in the database.
You can also have your own implementation of IPersistedGrantStore service.
I need to configure Azure Active Directory SSO for Tableau Server gallery app as it is under MS documentation link programmatically. Are there useful powershell cmdlets / rest apis?
I create application from gallery using graph api from Step 1 on MS docs.
To get available templates:
GET https://graph.microsoft.com/beta/applicationTemplates
To create template app:
POST https://graph.microsoft.com/beta/applicationTemplates/{id}/instantiate
Now I need to configure SAML SSO from code and assign users. Is there an easy way to do that? I tried Set-AzureADApplication but it didn't do the job for me. The enterprise application is still not set.
Maybe it's not supported yet? I believe there can be some workaround. I would be grateful for any help.
Are there useful powershell cmdlets / rest apis?
Yes, but per my test, we need to do that into two parts.
1.Set the Sign-on URL, to do this, we need to call Microsoft Graph - Update serviceprincipal.
In the Graph Explorer, use the request below.
PATCH https://graph.microsoft.com/beta/servicePrincipals/<object-id of the service principal>
{
"loginUrl": "https://azure.signtest.link"
}
Note: In the request above, you need to use the object-id of the service principal(Enterprise application), not the AD App(App registeration). You can find it in the Azure AD in the portal -> Enterprise Application -> find your Tableau Server -> get the Object ID like below.
2.Set the Identifier and Reply URL, we could do this via Powershell Set-AzureADApplication.
Sample:
$Identifiers = #(
"http://www.tableau.com/products/server",
"https://azure.idtest.link"
)
$ReplyUrls = #(
"https://azure.rptest.link/wg/saml/SSO/index.html"
)
Set-AzureADApplication -ObjectId <object-id of the AD App> -IdentifierUris $Identifiers -ReplyUrls $ReplyUrls
For the object-id of the AD App, navigate to the Azure AD in the portal -> App registrations -> find your Tableau Server. After running the command, the settings will map to the enterprise application.
Check the result in the portal:
Update:
Not sure if it is a bug, if I create a new app without setting the Identifier and Reply URL manually in the portal, then just use the powershell above to set them, they will not map to the portal.
But if we check the service principal(enterprise application) directly via Microsoft Graph, we can see the powershell actually affected the service principal.
If we configure the settings manually in the portal first, then use the powershell to update them with other values, it works.
And it looks there is no way to set the Default Reply URL via powrshell or API, if we set the Reply URL which is different from the one set manually in the portal, it will have a prompt like below.
But if we look into it, actually the Default option is checked.
Update2:
Eventually, I find the trick, it is not a bug, we just need to set the preferredSingleSignOnMode for the service principal first via Microsoft Graph, then we won't need to configure that in the portal manually.
Sample:
PATCH https://graph.microsoft.com/beta/servicePrincipals/<object-id of the service principal>
{
"preferredSingleSignOnMode":"saml",
"loginUrl": "https://azure.signtest.link"
}
Trying to customize Portfolio Item Burnup , got source code from https://github.com/RallyApps/app-catalog/tree/master/src/apps/charts/rpm/burn
Now after compiling using "rally-app-builder build" command and after that running with "rally-app-builder run" command, I am able to run the page. In another tab of chrome, Rally is logged in. the launched page is getting authentication from rally session and able to get some data like searching some PFG/PF etc.
Now problem is after applying some settings and selecting some PF/PFG, its again demands authentication (for rally1.rallydev.com/slm/webservice/v2.0/security/authorize). This authentication is not working with my credential.
I have also generated some api key from rally1.rallydev.com/login/accounts/index.html#/keys ,but, that also not working.
Pls help on this.
Thanks,
Udayan
I'm assuming you use SSO to login? If so, you won't be able to correctly authenticate against that /security/authorize endpoint (which is used for generating a CSRF token when making POST/PUT/DELETE calls against wsapi- GETS are fine).
You were on the right track with the api key. Generate a key and then just add it to the query string of your app url:
http://localhost:1337/App-debug.html?apiKey=83h3lkb4b43302bfvlav
There's also a guide in the App SDK docs that describes this in greater detail: https://help.rallydev.com/apps/2.1/doc/#!/guide/embedding_apps
Using the management web UI, I created a new user that should have access to the management plugin, and full permissions on the default virtual host, with no password set. However, when I attempt to login as that user (with the password field set to blank), the credentials are rejected. What am I missing?
Screenshots:
Oh, derp. It looks like a password is required if you want to use the web api. If you expand the overview section, you see this:
I'm just trying to make a little, simple application (that i already made two years ago in Objective-C with api V1) that presents a screen with time of event and description and a button : "insert event in your calendar".
Every user has, obviously, to configure the application with his google username and password.
The app simplifies some process using the first calendar available.
I had infinite problem trying to do it with javascript (this app will be made in html5), so, looking at docs, I ended up trying to make a back-end on my server in php5 (thought it could be easier...ohohoho).
So, i read docs from here : https://developers.google.com/google-apps/calendar/
What i did :
1)
Get to the Google Developers Console.
Created a project.
I now have this (not real keys):
OAuth 2.0
Client ID 352xxxyy9.apps.googleusercontent.com
Email address 3527xxxy#developer.gserviceaccount.com
Service Account
Client ID 3523xxxyy419-vpfgdfg9u77s0.apps.googleusercontent.com
Email address 35ssss9-zzzzsnhavna78ea0b9gvn6a9u77s0#developer.gserviceaccount.com
Public key fingerprints :ac15ddfxdffrtg5565fgfg545r
2)
I installed Google APIs Client Library for PHP (beta) in my server.
doc says:
Using the Google APIs Client Library for PHP requires that you download the PHP source. In the future, packages will be provided. Refer to the project page for more details.
Run the following commands to download and install the source: svn blaj blah blah.
I copied the entire source in my server. Easy :)
Then..
3) You can now import the classes you will need using the following statements:
require_once "../src/apiClient.php";
require_once "../src/contrib/apiCalendarService.php";
Ok, i'll insert them in my php script !
4)" Configure your app"
You must instantiate a client to make requests to the API. All requests to the Google Calendar API require authorization.
The following code demonstrates how to configure an authorized service object using OAuth 2.0 for native applications. For more information, see Authorize Requests.
To find your project's client ID and client secret, do the following:
Go to the Google Developers Console.
Select a project.
In the sidebar on the left, select APIs & auth. In the displayed list of APIs, make sure the Google Calendar API status is set to ON.
In the sidebar on the left, select Credentials.
Find the lines labeled Client ID and Client secret. Note that there may be a client ID without a client secret, for use with Compute Engine and App Engine; in that case, create a new client ID and client secret by selecting Create New Client ID.
Edit the src/config.php file to put in your developer API information.
global $apiConfig;
$apiConfig = array(
// Site name to show in Google's OAuth authentication screen
'site_name' => 'www.example.org',
// OAuth2 Setting, you can get these keys in Google Developers Console
'oauth2_client_id' => 'YOUR_CLIENT_ID',
'oauth2_client_secret' => 'YOUR_CLIENT_SECRET',
'oauth2_redirect_uri' => 'YOUR_REDIRECT_URL',
// The developer key; you get this from Google Developers Console
'developer_key' => 'YOUR_DEVELOPER_KEY',
...
// Which Authentication, Storage and HTTP IO classes to use.
'authClass' => 'apiOAuth2',
....
// Definition of service specific values like scopes, OAuth token URLs, etc
'services' => array(
'calendar' => array('scope' => 'https://www.googleapis.com/auth/calendar'),
)
);
But they are DIFFERENT from the key i have, what's wrong ????
What are client secrets ? redirect_url??
Please help.
I think you need to setup a service account access as described here:
https://code.google.com/p/google-api-php-client/wiki/OAuth2#Service_Accounts
I had difficulties to get it work as I made many trial and errors and my cache got filled with non-working token.
If ever you find yourself not able to access the calendar even after following all the steps, try to change this line of code:
$client->setAssertionCredentials(new Google_AssertionCredentials(SERVICE_ACCOUNT_NAME, array('https://www.googleapis.com/auth/prediction'),$key));
to this:
$client->setAssertionCredentials(new Google_AssertionCredentials(SERVICE_ACCOUNT_NAME, array('https://www.googleapis.com/auth/prediction'),$key, 'notasecret','http://oauth.net/grant_type/jwt/1.0/bearer',false,false));
The last false tells AssertionCredential class to not use any cache. I did it once and then it worked with it set to true afterward.
First go here https://console.developers.google.com/project that is where you configure your app...
Click on your project, then on the left side you will see APIs & Auth, click on Credentials. You will need to create your OAuth, and Public API Access keys.
Once you have done that you will then enter those into the appropriate client_id, secret, redirect etc.
The redirect uri is the same page your app is on, its the page the user gets sent back to after authorizing.
I had the same problem.
On this page, when you click on the Create new Client Id, choose Web application and it shoudl give you the client secret key as well.
https://console.developers.google.com/project
Add a project etc.
Hope it helps