Authentication in Computing is the process or action of verifying the identity of a user or process.
Hi Developers!
Here're the technology bonuses for the Security Contest 2021 that will give you extra points in the voting:
See the details below.
Hi folks!
Could you please share your experience on how do you create REST API with InterSystems IRIS that uses bearer authentication?
How do you generate tokens? How do you maintain it (how much time tokens exist?).
Thanks in advance!
Hello,
We are using AWS SSO authentication in our application to validate the users. For validating the users, we are passing the username and password from AWS SSO to our application. We need to validate the user in our application without using the password.
We developed the login class using zenPage. We used <loginForm> tag in the login page which is used for the automatic validation.
Is there any possible way to achieve this?
Thanks in advance.
Hello,
I'm hoping to get some feedback on the OAuth process flow for Payer-to-Payer authorization. It doesn't seem that "Authorization Code Flow" is needed as there will not be a need for a login. I am leaning towards recommending "Client Credentials Flow", but wanted to get some community feedback before making a decision. I prefer to follow what the standard will be if possible. What would you recommend? Thank you in advance for your input.
How do you determine what namespace to use for your custom SAML attributes? We want to receive patient context (first name, last name, dob, gender, etc.)
OASIS has resource-id but none of the other attributes. urn:oasis:names:tc:xacml:1.0:resource:resource-id
When a company is quite large and many different applications used by employees. But while those applications are mostly completely different, how to make it possible to not force users to enter credentials as many times as many applications they would like to use. The best way is to use SSO, so, it will be possible to have a portal, where users could launch any application used in a company. There are many different ways how to give access to your application by using the SSO mechanism, and some of them are:
InterSystems already supports OAuth2 and can be quite easily deal with Kerberos. But I would like to discuss about using SAML (Security Assertion Markup Language).
I am using MDX2JSON do display data, it uses CSP REST to retrieve data and uses Password Authentication. I enabled LDAP authentication for this applicaiton, but it does not work.
Hello everybody,
I am creating a WS as a server, but when I ask for the WSDL it is giving me an error because it cannot find the class.
I have added the following instructions:
set ^SYS("Security","CSP","AllowClass","MiProyecto.MiClaseWS","%SOAP.WebServiceInfo")=1
set ^SYS("Security","CSP","AllowClass","MiProyecto.MiClaseWS","%SOAP.WebServiceInvoke")=1I have created an entry in the WS security configuration.png)
In the Application Roles tab I have put the %All permissions
(The Namespaces "Samples" in the image is due to security reasons)
If I invoke the service in the following way, http://localhost:
Hi,
We need to implement Oauth2 Code Flow + PKCE. Any experience with InterSystems OAuth2 Server on this would be welcome.
What parameters did you setup on OAuth 2 server configuration page to make it work?
Thanks!
Dear Folks,
I have recently studied deepsee and developed few dashboards needed for our web app users. I am trying to embed them in our existing web app which uses angular with delegated user access. I need to embed the native IRIS dashboard into it. ( I can't use Highcharts or any other js tools).
How do I setup the dashboards to work with delegated authentication (Without providing access to management portal or other parts) ? Also should I use the default csp/{Namespace}/_DeepSee.UserPortal.DashboardViewer.zen? or any other web application URL ?
Thanks
Currently, I am working on a CSP application that is supposed to generate reports. Users will have varying access to said reports. To achieve that, I plan to use LDAP (because it's used in other systems where those users already exist). Documentation does not provide enough information, so I'd like a clarification:
Do I need to enable LDAP authentication for the whole Cache instance to use LDAP authentication in a single CSP application in that instance?
We (as in me and my organization) use Cache Authentication for our instances, and one of the reasons to use LDAP for this system was to avoid
Hi Community,
is there a possibility to implement a "remember password" feature in a ZEN Application?
In the management portal I added a web-application for a ZEN application with password authentification. I created an own login page, and now I want to implement a "remember password" feature (User should not have to login again after the session times out or when the browser window is closed).
Hi,
I've a Service utilising the Adapter EnsLib.SQL.InboundAdapter, which uses a Credentials item set with the details of a local SQL account. This currently works, however, we're looking to use the credentials of an AD domain account.
The domain account is a member of an AD security group, which has the required permissions on the source SQL database. I've checked that access is possible with this account via SQL studio.
I've tested setting the Credential username as domain\username and username@FQDN, but neither create a successful connection.
Is there something simple i'm missing to be able to
GoogleTransled by moderator:
Where is the operation of verifying the user and password implemented in the path interface? Thank you very much for your answer!
Hey Intersystems Community,
I have a Problem with the Session Handling in .csp.
I wrote all my Web Services in .csp-Pages and do the work for example in the OnPreHttp Method for to get some data.
After that the Web Service response is in JSON.
I call These Web Services via fetch in my react Single Page application, also Many request parallel. The react App is Rolled out as index.html.
Everything Works Fine with the session Handling via Cookie.
But when the Session is invalid After some time for example Timeout or I Delete the cookie (Session) and Then change the page After That Time I make Some
This article, and following two articles of the series, is intended as a user guide for developers or system administrators, who need to work with OAuth 2.0 framework (further referred to as OAUTH for simplicity) in their InterSystems product based applications.
Hi guys,
I'm trying to consume a REST Service that use Digest authentication, I'm trying to implement the authentication but I'm don't know where is my mistake.
Someone have already used this type of authentication.
Below the code I wrote to try to generate the response hash:
Hi All,
Actually, I'm developing few restful API's. I want to create a authentication tokens and display it on my login restful API. If I'm using CSP sessionId, how can I validate the session Id's in another or continues restful API's. else, is there any other approach to handle this task.
My Primary goal is, I have to integrate 2 different front end applications. One is Zen framework another one is web pages from Python.
If any lead, it would be appreciated.
Thanks,
Arun Kumar Durairaj.
I'm trying to sign an xml but this is showing an Id attribute in the Signature tag and the xmlns attribute is not appearing.
This is the xml generated:
<Signature Id="Id-80170FF0-0678-47D5-8C8B-771AA4E334E6">
<SignedInfo>
<CanonicalizationMethod Algorithm="http://www.w3.org/TR/2001/REC-xml-c14n-20010315"/>
<SignatureMethod Algorithm="http://www.w3.org/2000/09/xmldsig#rsa-sha1"/>
<Reference URI="#ID2102103519037442275900010755000000003309115569507501">
<Transforms>
<TransformI'm wondering if anybody has done an implementation of the https://www.shibboleth.net/products/service-provider/ interface in Caché / IRIS to have a application running in Caché / IRIS be acception the shibboleth tokens and data as usage credentials.
Hi,
I'm using Operating System authentication and I need to give permission on Healthshare to allow a user to run only this two commands
##Class(Backup.General).ExternalFreeze()and
##Class(Backup.General).ExternalThaw()
This user is gonna be use to backup only.
There are any role on HealthShare for this?
This is more a WARNING than a question
I generated a REST API from a Swagger document with basic security.
When I send a request to that API, I now get an authentication error 401 always.
I entered a user api and a password and gave it the role %All.
I tried to call the API with the URL
http://solidara.net:52773/csp/solidara/get_components/solidara?username…;
What's am I doing wrong there?
Hello everyone :-)
I would like to update Atelier from version 1.0.262 to the 1.3 one. So I clicked on Help --> Check for updates, and I get these first error messages:
"No updates were found in available software sites."
"Some sites could not be found. See the error log for more detail." etc. cf picture below talking about Proxy Authentication.
.png)
So I checked those available software sites (tried until now) and also the proxy settings that I am used to work with:
.png)
.png)
Then I changed the "Active Provider" from Native to Manual with the proxy settings got from a system administrator :
So here is the
Hello, has anyone tried to use Caché as a reverse proxy ?
We are trying to embed a dashboard server (Plotly Dash in this case, but it could be anything which runs on its application server) inside our application which is written in Caché.
The dashboard/report server runs locally (for example, or inside a LAN) on port 8080, and has no authentication features, so we have to implement them on a different layer, and we'd like to use Caché for it.
We'd like to hide the dashboard server (port 8080 not exposed), and use it behind Caché, this way (putting it as simple as possible):
Caché should pass
OAuth server to be deployed on the IRIS learning cloud platform. Clients - one on the other instance of the learning IRIS server, the other client locally on my computer in the container docker.
Both clients get a seemingly correct link (through ##class(%SYS.OAuth2.Authorization).GetAuthorizationCodeEndpoint()) to the login request form:
https://52773b-62955584.labs.learning.intersystems.com/oauth2/authorize?response_type=code&client_id=nHCv5A-u_5T1YAwk_tJ7xpi1ky-s2AnRQMaL6YHsUgU&redirect_uri=https%3A//52773b-99792125.labs.learning.intersystems.com/csp/sys/oauth2/OAuth2.Response.cls&scope=scop
I need use/create an app based authentication class, best options on other languages is bcrypt, but on cache(2017.2) is not and option, any suggestion to construct this option ?
Hi All,
I want to implement SOAP authentication and Security. Please let me know what are all the best ways to Implement it.
Advance thanks,
Hello,
I'm new to Iris for Health and I'm trying to get some experience using it. I've subscribed to the Intersystems Iris for Health software in AWS marketplace. I successfully spun up the EC2 instance with the default security group. The try-iris instance is healthy and successfully starts within EC2. I've also successfully changed the default password too.
However, I'm unable to authenticate into the management portal. The portal launches okay though I keep getting an access denied. I'm also unable to authenticate into a session from the EC2 instance.
Has anyone run into this issue
I am looking for a solution with Ensemble to talk to a old NTLM based SOAP Service. Does anyone has done this before?
We have the webservice calls working via SOAPUI but we are looking how we can make it work with Ensemble.
Is there a ready to use Outbound Adapter for NTLM ?
Thx.