Authentication

Syndicate content 14 

Hi All,

Actually, I'm developing few restful API's. I want to create a authentication tokens and display it on my login restful API. If I'm using CSP sessionId, how can I validate the session Id's in another or continues restful API's. else, is there any other approach to handle this task. 

My Primary goal is, I have to integrate 2 different front end applications. One is Zen framework another one is web pages from Python. 

If any lead, it would be appreciated. 

Thanks,

Arun Kumar Durairaj. 

00
0 1 222
Question
Mark Sharman · Sep 19, 2019
Credentials - Domain Account

Hi,

I've a Service utilising the Adapter EnsLib.SQL.InboundAdapter, which uses a Credentials item set with the details of a local SQL account. This currently works, however, we're looking to use the credentials of an AD domain account.

The domain account is a member of an AD security group, which has the required permissions on the source SQL database. I've checked that access is possible with this account via SQL studio.

10
0 1 88

Hello, has anyone tried to use Caché as a reverse proxy ?

We are trying to embed a dashboard server (Plotly Dash in this case, but it could be anything which runs on its application server) inside our application which is written in Caché.  
The dashboard/report server runs locally (for example, or inside a LAN) on port 8080, and has no authentication features, so we have to implement them on a different layer, and we'd like to use Caché for it.

10
0 5 227

Hello,

I'm new to Iris for Health and I'm trying to get some experience using it.  I've subscribed to the Intersystems Iris for Health software in AWS marketplace.  I successfully spun up the EC2 instance with the default security group.  The try-iris instance is healthy and successfully starts within EC2.  I've also successfully changed the default password too.

 However, I'm unable to authenticate into the management portal.  The portal launches okay though I keep getting an access denied.  I'm also unable to authenticate into a session from the EC2 instance.

 

11
0 2 190

Does anyone have any experience with getting, unfortunately, an older version of Cache to authenticate via SMTP to send email? I have verified that the settings are set up properly on the mailbox as I have successfully sent an email from a LAMP server, which comes from the same IP address.

If you have any thoughts, I would greatly appreciate it.

 

This is the error I receive

ERROR #6034: SMTP server connection failed during MAIL FROM command: <READ>zSend+105^%Net.SMTP.1.

00
0 6 1,458

I am doing an implementation of a SAML 2.0 SingleSignOn protocol integration which requires a signed message with the signature element in the body of the SOAP message, not the header as is default SOAP security handling. Any suggestions for how to do this would be greatly appreciated. When it is passed in the header, it is not processed by our partner and we just get a "Signature Required" response.

00
0 0 276

I need to offer new users on our system a temporary password that is valid for only 48 hours.  This is different than a 60-day password expiration window for existing users' passwords (where a password needs to be changed every 60 days), and is different than a "user expiration date", where you can set a date where the user's account expires and is disabled on that date, and different than the inactivity expiration date where a user becomes active if his account is not used within, say, 30 days.  

00
0 2 281

I am setting up a new Caché instance and I have managed to configure it where Caché username/password is required to initiate the Caché session:

csdfalsdkfjf@fra23e234sco:/opt/labmed/test/test81/proc$ csession cache1

Node: frxxco, Instance: CACHE1

Username: 

I cannot find the setting in the management console that allows for unauthenticated login to a Caché session.  Any help is much appreciated.

 

 

00
0 4 812

Hi everyone! My company has a Zen ERP application with CSP delegated authentication. Now, we're developing a separated BI application, using Angular, which consumes DeepSee REST API services. Both applications access the same Caché database.

How to implement single sign-on strategy in order to allow an already authenticated ERP user to access DeepSee REST services? Has anyone already implemented something like that?

Thanks in advanced.

00
0 3 409

Unless I'm mistaken, 2017.1 doesn't appear to support RFC 7523 (JSON Web Token Profile for OAuth 2.0 Client Authentication and Authorization Grants).  Is that coming in 2017.2?

In order to support it in 2017.1, I'd have to override the OAuth 2.0 token endpoint to cater for the additional grant types - what's the best way to do this?

 

Thanks.

00
0 3 487
Question
Pasi Leino · Apr 11, 2017
Authentication with REST

We are building a bunch of rest based services using Ens 2016.2 to serve our browser based application (Angular 4).

Two questions:

1. The initial authentication seems only work if credentials are placed in the url parameters.  Trying to use the Authorization header instead, the client code immediately complains about Access-Control-Allow-Origin. How can I resolve this?

 

2. After initial authentication, what is the proper way to send subsequent rest calls without having to include credential every time?

20
0 7 1,707

Hopefully this is a simple questions to respond to.  Can you do Delegated Authentication for SOAP web service calls.  I ask as I am not seeing this work as expected.  I have this authentication turned on and enabled in for he CSP Web Application yet I keep getting a "Security Token could not be Authenticated.  And a global I was setting to capture some of the available data is not being loaded.

00
0 1 552

Is this available anywhere (for Health Connect)? I've found a few presentations but they are aimed at entry level.

We're looking at supporting more and more FHIR, REST plus OAuth interfaces in future. I've built some of this into older versions of HealthShare and Ensemble but it's desirable to move to supported versions. 

We would be using Healthshare as a facade to other systems.

 

 

00
0 3 1,024

Hello everyone,

I'm trying to authenticate a user(Health Share clinician) from a Java Application. 

I 'm already connected to Caché and able to run SQL commands.

My question is: How can I authenticate a user using only SQL? In fact, what I want is verify if the users exists in the base and if the given password is the same used in Health Share.

There is a column 'password' in Security.users table but I'm not able to see its content, even so, I don't know which hash function to use to compare with.

10
0 7 1,214

Hello community,

I have productions running in several different namespaces.  They all use a common credentials ID for sending email, which is set up in only one of the namespaces.  The documentation says that credentials are entered by namespace.  When I ran a production in a second namespace, the error log said that credentials were not found (expected), but later attempts to send a file thorugh the production did successfully send an email.  I'm wondering if Ensemble is able to look in other namespaces for the same credentials ID?

 

00
0 2 494

Hi!

I am trying to create a %Installer script and I noticed from our documentation that %Installer's <CSPAuthentication> will only accept:

<CSPApplication>
Optional; within <Namespace>. Defines one or more CSP applications; the supported authentication flags are 4 (Kerberos), 32 (Password), and 64 (Unauthenticated).

 

Is "Delegated" authentication supported? What is it's code?

 

Kind regards,

Amir Samary

00
0 2 279

In preparation for a presentation I need a  real-world LDAP schema that has been customized a bit beyond the basics.   Perferably this would be based on an OpenLDAP system which would make it easier to merge into this presentation. 

 

If you have such a schema you would be willing to share please respond or contact my directly at Rich.Taylor@InterSystems.com

Thanks in advance.

Rich Taylor

00
0 1 211