I started studying openAM recently and need to go deep into its infrastructure.
I have learned that openAM provides some authentication APIs such as
Post: http://mywebsite/openam/json/authenticate
headers: X-OpenAM-Username:xxx , X-OpenAM-Password:xxx
Basically I want to learn more about how openAM handles such a request, where is the controller? how does it validate the username and password? Can anyone give a hint where to start in openAM's source ?
If you have the privilege of having access to the OpenAM/AM source code, then you could start to look at AuthenticationServiceV1 and the various RESTAuth*CallbackHandler classes to get a closer look at the REST side of things.
If you are interested in the authentication framework in its all glory, then AMLoginContext, AuthContext, LoginState and AMLoginModule are the classes you should take a look at.
Please read OpenAM 13 Developer's Guide - Using the REST API at first.
If you want to know the implementation and behaviour of REST API, please check the OpenAM debug logs, read source code of OpenAM REST Services and attach a debugger by using IDE.
you can get token value after posting below REST API
Post: http://mywebsite/openam/json/authenticate
headers: X-OpenAM-Username:xxx , X-OpenAM-Password:xxx
After that a list of List of REST API provided by openAM
you need to add header value for every request
"iplanetDirectoryPro" = "Received token value"
Related
I have set up OAuth as per the docs and this link https://strongloop.com/strongblog/node-js-loopback-api-gateway-sample-applications/.
There are a few issues in understanding the usage of the code base and flow based on the options of loopback-component-oauth2. Is there a tutorial that covers each section or a working implementation for Implict, AuthorizationCode, Refresh token, JWT.
I have been able to secure API (eg: /api/Notes) as per docs and it does seem to be blocking requests but is not allowing me to authenticate. More, when I make a request to /oauth/token this API is also throwing Unauthorized 401 errors - both from REST Client like postman and https://loopbacklocalhost/explorer.
I am using loopback 3.0. I am having tough time with the component not documented completely nor having a doc aligned example code. May be I am missing something here.
I have seen this hub repo as well and seems they use passport directly and is documented very less making it difficult to integrate things easily.
https://github.com/strongloop/microgateway
Note: I have gone through the following question, the archive repo tests.
How to setup OAuth 2.0 server using loopback
Any help is welcome.
Good day,
I'm having trouble calling DSAPI methods via SOAP ( C# Integration ). I keep getting 405 Method not allowed errors. So far I've tried calling the RequestTemplate and CreateEnvelopeFromTemplates methods, both of which fail. I was able to successfully retrieve the DSAPIServiceSoapClient object and also successfully login via the login method of the credential API. If you need more information, i'm ready to provide them. Thank you.
You're succeeding with the login, which is good.
My guess is that the other calls are not well formed. Perhaps they're missing the right base url (which you receive from the login call).
Are you switching to the different base url for your subsequent calls? (Different server name?)
I suggest that you try the API logging feature and see what it reports. It enables you to see a log of your API requests. See the Request Logging article for the classic DocuSign experience, or the new DocuSign UI.
i just needed to add the in the X-DocuSign-Authentication http header whenever i try to get a DSAPIClient object.
I am very new to Salesforce and it's API.
I am having a sandbox org and with it I have url, username, password, security token and last but not the least partner.wsdl
My aim was to connect and retrieve/create data.
Technologies at hand was nodejs
So here is how I started.
I searched over the internet and came to know that I need to create a client, SOAP client in order to login, create the connection and use that connection to create and access the Leads data.So I followed this sample where the wsdl was being consumed.
So I was able to connect
I was very happy on this success and then suddenly I wasn't able to identify/find a way where I can get the sObject.I looked hard for this but no luck. So posted a question on SO
Meanwhile I also looked for other node module and found jsforce
I used jsforce starting guide and created a client that was connecting to salesforce however without using the wsdl file.
Again I was happy, even more happy because I was having the sObject with me.
Now, what is the fundamental difference if I login using the local wsdl file and without wsdl file in the language of salesforce. Which one is the correct way of logging in?
Sorry if this question is not according to SO rules or if there is a typo.
I'm the author of jsforce you mentioned.
In that lib we use REST API mostly and SOAP APIs are only used in some specific calls like login or metadata. Even in such calls we don't use WSDLs because there's no good lib to generate client modules from WSDL in JavaScript/Node.js area. Instead we wrote modules for each APIs which generate SOAP XML strings and parse the response XML.
It is enough because these API message schema are static and fiesible in the specific version, unlike SOAP API Enterprise WSDL differs in organizations. So we can hard code the client module directly w/o generate it from WSDL.
I'm developing an api server in (NodeJs/ hapi) coupled with an android application.
I'm having a problem understanding how to do login via a third party like google and facebook.
So far my strategy is:
authorize my app(android)
get the email and other data from google/facebook(android)
Send email and data to my server and save it in a database(server)
Next time when authentication. I'll just check the same data(from google) against the save data(my server).
I'm pretty sure there is a better way to do it, but the documentation I have read so far leave me with a head ache.
Help is appreciated.
I just setup a demo project using ExpressJS.
It would be interesting to have a fork for Hapi.
Check it out if want: http://git.io/RHnjBg
I tried to develop a node.js module that allows the use of the SOAP web service of CRM Online: XrmNodeKit
The code based on the JavaScript code provided by Jason Lattimer
So far I was able the retrieve the auth-token but when I execute the WhoAmI requst the web-service call just runs forever (see test "should fetch the name of the current user", no error is thrown....
You can find the source-code on github
Has anyone tried to consume the SOAP web-services via Node.js?
Have you found this post?http://www.alexanderdevelopment.net/post/2015/01/24/authenticating-from-a-node-js-client-to-dynamics-crm-via-ad-fs-and-oauth2/
I understand this is the correct approach. You need to use OAuth.
But it is not correct in one regard (I'm quoting an expert from the CRM product team)
He says "You cannot move the node.js code to client, since in this case you need to use the Implicit flow rather than the Authorization code flow , Finally after getting the OAuth token, you still cannot send it to our Web services from the client since [CRM Online] does not support CORS in 2013/2015"
While this is a .NET sample it covers the principles, just have to make it work with Node.js: https://bitbucket.org/Georged/caseowary/overview (credits to George Doubinski)