In new TIBCO Spotfire 7.8 released we discovered that Authentication filter is deprecated and we have to either use CustomAuthenticator, CustomWebAuthenticator or Custom Login Page.
According to them, I have to make more changes in our java utility jar file. However, I don't want to changes overall workflow of our authentication filter logic and we want to use our already cookie mechanism. The goal is to use the CustomAuthenticator instead of the servlet that I am using in authentication filter.
I have configured the TIBCO Spotfire External authentication as CustomAuthenticator
External Authentication Config Tool Image
and updated my java logic as per the information available at
https://docs.tibco.com/pub/spotfire_server/7.6.0/doc/api/TIB_sfire_server_Server_Platform_API_Reference/platform/com/spotfire/server/security/CustomAuthenticator.html
but this information is not too much use to identify what level of changes I need to make in my application as well as in Java logic.
Any help?
I have also found a link that is for authentication filter and the similar logic I have written in my java utility, that I need to modify with CustomAuthenticator.
To send get request to Web API from Java Servlet
Related
I am trying to integrate Acumatica with an interfacing system and I need to be able to send and receive data in xml format, say for example one is Customer info, that should be sent to the interfacing system.
For some reasons, we ruled out the Import/ Export scenarios and we need to achieve the interface using FTP.
I'm unable to find much info online on how to FTP data in and out of Acumatica. So if anyone can share links to some documentation, it will be very helpful. Thanks.
Seeing as you want to be able to send and receive data in an XML format, you might want to check the Web Service options.
There are two possibilities, the Contract Based SOAP API and the Screen Based SOAP API. Both of these are sending SOAP request in XML format.
If you are starting a new project, Acumatica is suggesting you use either version of the Contract Based API (SOAP or REST). So your best bet is probably in looking at Contract Based SOAP API.
As there is not much information on the structure behind what is being sent you will probably have to create yourself project in c# first and inspect the structure of the package being sent to the server hosting the Acumatica instance so that you can reproduce it using your own FTP Interface.
You need to work with .Net native FtpWebRequest class. You can find more information at MSDN FtpWebRequest.
I have a Grails application where we use the Grails Spring Security plugin to allow an admin to easily switch (or assume) another user. This has proven to be very useful for admins to debug user issues and for our testers to jump between roles.
Is there an easy solution available for Node.js that is similar to this Spring Security feature? Note that we're using JWT to auth every request, so not using server based token like Spring Security would.
No, but only because there is no equivalent security plugin for Node in the first place. There are popular projects such as http://passportjs.org/ that can provide functionality in this category, and each offers varying levels of support for what you're asking. But your request isn't relevant to NodeJS Core. User authentication and authorization are not core modules of that project.
I am trying to follow http://liferaysatish.blogspot.de/2011/11/permissionchecker.html (which is basically a repost of another blog post).
I need to implement my own PermissionChecker to be able to support an SSO server (check if the user has been authenticated). However, there article mentions com.liferay.portal.security.permission.PermissionCheckerImpl, but there is no such class in whatever jars I was looking for it.
What I am trying to achive is to tie liferay's internal security to an external SSO Server (wso2). If there is another way to achieve this, I would love to try it.
I was trying with AdvancedPermissionChecker and SimplePermissionChecker, but I become endless redirects using them.
regards and thanks
Leon
I need to implement my own PermissionChecker
I don't believe so. At least you can make your life easier if you integrate your SSO just like any of the already integrated 6 (or so) SSO systems, authenticating the current user to Liferay and then leaving the actual permission check to Liferay.
SSO is typically used for making sure the user is who they are, then redirecting to the application they're providing their services to. If you want to maintain permissions externally to Liferay, you're best of to use an LDAP and group your users there. On the Liferay side, map those LDAP users/groups to Lifeary-usergroup-memberships. Provide the required permissions/memberships for those usergroups and you're set. Implementing your own permission checking (which will also be used internal to Liferay) is one of the least maintainable ideas that I've ever heard of.
I believe the latest Liferay does not have this file anymore. You should search for it in the 5.0 version. And the JAR itself is in \ROOT\WEB-INF\lib\portal-impl.jar
http://docs.liferay.com/portal/5.0/javadocs/portal-impl/com/liferay/portal/security/permission/PermissionCheckerImpl.java.html
I'm trying to develop a site, where users will be registered directly on it, as opposed to being authenticated by Google mail etc. Beside the usual username/password I need to collect more data from the user - name, address, etc. What would be the quickest way for adding the desired functionality? Short of writing my own Auth plugin I see two options:
Create my own registration form (which I kinda need to do anyway) and use HashDB for storing the passwords and later authentication. However, yesod.auth.hashdb seems to be gone from the latest version (why?) and is only available separately here: https://github.com/ollieh/yesod-auth-bcrypt/ . Is something wrong with it? Security flaws?
Use http://hackage.haskell.org/package/yesod-auth-account - looks much closer to what I need, because it already provides registration page, but it doesn't seem to be supported by the latest yesod 1.2.5 and it is not clear how to integrate my additional fields into the existing registration process
I have managed to integrate spring security to my GWT application using the following approach:
http://technowobble.blogspot.com/2010_05_01_archive.html
Note that I used the gwtrpcspring library for basic spring integration with GWT and it works well (non-invasive and efficient).
My question for which I can't seem to find the answer for is how do I use spring security in my GWT widgets based on Authorization - for example, I wouldn't want to show a menu item or a save option to a user who doesn't have the authority for these. Of course, my methods are protected at the server side, but I wouldn't want a user to click on something only then to find out they have no access to it. I don't want to litter my presentation logic with security related code (if-else blocks) if possible.
Is there something equivalent of the spring security jsp tag library that can be used within GWT client code? Or do we have to build up something on our own?
No - there is no equivalentand what I have done is setup a user role profile and passed this over at login which is in then published to the presenters that handle accordingly..
Ian
Everything you need is just to add Spring Security framework into your project.
You can ask server using RPC call at application start (after successful login) which user is current user and which roles he has.
I offer you to use my project hosted on https://code.google.com/p/gspring for simple and clear GWT and Spring integration.