New post

#Authentication

4

Authentication in Computing is the process or action of verifying the identity of a user or process.

Authentication in InterSystems Data Platform Documentation.

Hopefully this is a simple questions to respond to. Can you do Delegated Authentication for SOAP web service calls. I ask as I am not seeing this work as expected. I have this authentication turned on and enabled in for he CSP Web Application yet I keep getting a "Security Token could not be Authenticated. And a global I was setting to capture some of the available data is not being loaded.

0 1
0 825

I am doing an implementation of a SAML 2.0 SingleSignOn protocol integration which requires a signed message with the signature element in the body of the SOAP message, not the header as is default SOAP security handling. Any suggestions for how to do this would be greatly appreciated. When it is passed in the header, it is not processed by our partner and we just get a "Signature Required" response.

0 1
0 530
Question
· Jul 10, 2022
login failure

I am still working on iris-for-money app: https://github.com/oliverwilms/iris-for-money

Account.csp posts a rest call with _SYSTEM username and the password.

xhttp.open("POST", "/restapi/sql/" + query, true,"_SYSTEM","SYS");
xhttp.send();

/restapi web application has Password Authentication Method enabled.

SYS is the correct password for _SYSTEM user.

I do not understand why I see login failure in Audit database.

0 1
0 341

Hello,

I have a EnsLib.HL7.Operation.FTPOperation that uses SFTP protocol and public/private key to connect to an external vendor moveitcloud.

Issue: The vendor is planning to enable Multi Factor Authentication for this file transfer account.

Question: Have you configured a SFTP operation to use Multi factor Authentication? If not, is there another way?

Thank you,

0 1
0 390

I have a question about using OnInit() within a Ens.BusinessOperation.

When you include OnInit(), does OnInit() only execute when you start a Business Operation? Or does it execute OnInit () every time you send a REST request to the operation. I am trying to pinpoint when the best time is to execute the POST command to get the Token

I am needing to get a Bearer Token from a REST POST call and return the Authorization key prior to making the rest of the REST calls to pull down data.

0 13
0 254

Hi All,

Actually, I'm developing few restful API's. I want to create a authentication tokens and display it on my login restful API. If I'm using CSP sessionId, how can I validate the session Id's in another or continues restful API's. else, is there any other approach to handle this task.

My Primary goal is, I have to integrate 2 different front end applications. One is Zen framework another one is web pages from Python.

If any lead, it would be appreciated.

Thanks,

Arun Kumar Durairaj.

0 1
0 551
Question
· Aug 12, 2022
Password requirements

Many password requirements can be enforced using a password validation routine which is available to implement in System Management Portal. But how about this one:

Check that at least 50% of the characters changed from old password to new password.

We need to have access to the old password to check this, currently password validation routine only gets the new password.

0 1
0 345

Hi!

I have a qeustion if it possible to let Ensemble manage user rights from AD-user group?

What i want is to let external user have access to certain CPS-pages to read information. But not let them have access to Ensemble it self. And instead to set up individual accounts in Ensemble for each one of them i rather want to have dem in an AD-securitygroup.

Is that possible and also limit them only to choosen CSP-pages?

0 6
0 431

Hey Intersystems Community,

I have a Problem with the Session Handling in .csp.

I wrote all my Web Services in .csp-Pages and do the work for example in the OnPreHttp Method for to get some data.

After that the Web Service response is in JSON.

I call These Web Services via fetch in my react Single Page application, also Many request parallel. The react App is Rolled out as index.html.
Everything Works Fine with the session Handling via Cookie.

0 3
0 490
Question
· Jul 23, 2024
JWT and CORS

Hi

I'm trying to use JWT authentication on a REST application in IRIS. The login API are correctly "injected" into the application. Login works fine with Postman and other REST clients, and subsequent calls to my REST API using the bearer token work fine (correctly authenticated). So far, so good.

0 9
0 360

Hi Community,

is there a possibility to implement a "remember password" feature in a ZEN Application?

In the management portal I added a web-application for a ZEN application with password authentification. I created an own login page, and now I want to implement a "remember password" feature (User should not have to login again after the session times out or when the browser window is closed).

0 2
0 270

Hello Everyone,

We currently have CSP application that runs under 2 servers(usually primary), and every month the server reboots for patching SERVER1(primary) in the morning and SERVER2(backup) at night.

Whenever the SERVER1 reboots SERVER2 behaves as primary and when SERVER1 comes back up it will act as backup server.

First Patching:

So, when SERVER1 is down, I need to start httpd service for SERVER2 and stop httpd service for SERVER1 (which is now backup server).

0 5
0 299
Question
· Aug 18, 2024
Microsoft Entra and IRIS

Dear All,

I am currently part of a team that is developing an application using Microsoft PowerApps as the front end and IRIS as the backend. Effectively that frontend screens, which are house and an Azure serve, call a series of REST interfaces exposed by IRIS from a physical Microsoft server. During the development stage we have not had any security in place but now we need to secure the application using a single sign on. PowerApps relies on Microsoft Entra for its security both LDAP and OAuth. Has anyone in the community connected IRIS to Microsoft Entra?

0 2
0 213

In preparation for a presentation I need a real-world LDAP schema that has been customized a bit beyond the basics. Perferably this would be based on an OpenLDAP system which would make it easier to merge into this presentation.

If you have such a schema you would be willing to share please respond or contact my directly at Rich.Taylor@InterSystems.com

Thanks in advance.

Rich Taylor

0 1
0 343

Unless I'm mistaken, 2017.1 doesn't appear to support RFC 7523 (JSON Web Token Profile for OAuth 2.0 Client Authentication and Authorization Grants). Is that coming in 2017.2?

In order to support it in 2017.1, I'd have to override the OAuth 2.0 token endpoint to cater for the additional grant types - what's the best way to do this?

Thanks.

0 3
0 727

Currently, I am working on a CSP application that is supposed to generate reports. Users will have varying access to said reports. To achieve that, I plan to use LDAP (because it's used in other systems where those users already exist). Documentation does not provide enough information, so I'd like a clarification:
Do I need to enable LDAP authentication for the whole Cache instance to use LDAP authentication in a single CSP application in that instance?

0 5
0 332

I am trying to use IRIS for Health as a Facade for an external FHIR Server, where IRIS provides the proper authentication.
The client authenticates using a bearer token obtained from the IRIS OAuth2 server via a jwt client assertion.
The IRIS endpoint, however, returns a 401 as soon as I remove the Unauthenticated access

Is there w way to make this work through configuration?

0 1
0 82

Dear Folks,

I have recently studied deepsee and developed few dashboards needed for our web app users. I am trying to embed them in our existing web app which uses angular with delegated user access. I need to embed the native IRIS dashboard into it. ( I can't use Highcharts or any other js tools).

How do I setup the dashboards to work with delegated authentication (Without providing access to management portal or other parts) ? Also should I use the default csp/{Namespace}/_DeepSee.UserPortal.DashboardViewer.zen? or any other web application URL ?

Thanks

0 1
0 213