Authentication in Computing is the process or action of verifying the identity of a user or process.
Hi,
Does calling the BIND method of %SYS.LDAP, with the username, domain and password of the user that needs to be authenticated- the right way to authenticate him/her ?
Also - am I correct in assuming that something like this is independant to (and I don't need to specify setting for), System Security -> LDAP Options
Thanks
Steve
I am trying to set up a web application with Delegated Authentication via IPM. It is possible to give a specific application Delegated Authentication:
<WebApplicationNamewith the AutheEnabled field. This will display the authentication as "delegated" in the SMP Web Applications display, but when one enters the settings page for this application, there is no checkbox for Delegated. This also doesn't seem to function -- ZAUTHENTICATE is never called.
Hello,
I need to expose InterSystems HealthInsight dashboards over the internet to external operators. The authentication flow is managed externally. When a user is authenticated, our system receives an HTTP request with specific headers (e.g., operator’s fiscal code and hospital identifier) that we need to extract in order to:
I need to connect to a SFTP server and I seem to connect and timeout have tested the connection using File-zilla and the connection was successful but the problem is when I try to connect using the FTP in bound adapter service I get the following errors.
ERROR <Ens>ErrOutConnectExpired: FTP Connect timeout period (120) expired for ***************.com:990/******/SSL='********* + ERROR <Ens>ErrFTPConnectFailed: FTP: Failed to connect to server ***************.
Is there an api for 'Is this user log-in?' and 'log-in this user with this id and password'?
Thank you
Hi,
I use Caché COS and I'm having trouble doing a POP3 on the Microsoft email server using OAuth 2.0 authentication.
I'm using the following program to accomplish this task:
QGPOP ; Recebe e-mail da Microsoft Office 365
Set server=##class(%Net.POP3).%New()
Set server.port=995
Set server.StoreAttachToFile=1
Set server.AttachDir="D:\HOME\CNTIRET"
Set servername="outlook.office365.com"
Set user="importacao@ferrolene.com.br",pass="xxxxxx"
Set AccessToken="exxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx"
set server.SSLConfiguration="Transnovag"
Set status=server.
Hello,
I have a EnsLib.HL7.Operation.FTPOperation that uses SFTP protocol and public/private key to connect to an external vendor moveitcloud.
Issue: The vendor is planning to enable Multi Factor Authentication for this file transfer account.
Question: Have you configured a SFTP operation to use Multi factor Authentication? If not, is there another way?
Thank you,
Hi guys,
I want to develop a web application in which a user can log in through the user credential of intersystems that is created in Management Portal for a specific role. How can I authenticate the user and get any token or login cookie through which user can call other apis
Has anyone successfully implemented Multi-factor Authentication for TrakCare?
Since the ObjectScript plug-ins for VS Code use web services to connect to IRIS, is it possible for a VS Code user to authenticate against IRIS using OAuth?
Hi! I'm banging my head to the wall with HMAC authentication. I have tried to implement this various ways but nothing seems to work.
If someone could help on this it would be great!
Here is a code that I have tried and working Javascript example, tested on Postman.
Set requestTimeStamp = $ZDATETIME($HOROLOG,-2)
Set nonce = ..getRandomString()
Set signatureRawdata = Appid_requestTimeStamp_nonce
Set keyUTF8 = $zconvert(Appkey,"O","UTF8")
Set signatureRawdataUTF8 = $zconvert(signatureRawdata,"O","UTF8")
Set tSigningKey = $SYSTEM.
Hi,
Working on integrating with O365 Sharepoint REST API. I would want to know if anyone can share their experience with integration with Sharepoint REST API and how they implemented security?
Thanks
Kiran Kumar
I am doing an implementation of a SAML 2.0 SingleSignOn protocol integration which requires a signed message with the signature element in the body of the SOAP message, not the header as is default SOAP security handling. Any suggestions for how to do this would be greatly appreciated. When it is passed in the header, it is not processed by our partner and we just get a "Signature Required" response. Presumably I will have to go through the steps outlined in Signing XML Documents but I am not sure the best place within the outbound web-client flow in which to do this.
I'm VERY novice on all things "OpenAM", and beyond knowing that Caché supports working with OpenAM, I have nothing else to go on.
The documentation doesn't seem to be very deep on the nature of how this works beyond a single paragraph saying it's supported for Single Sign On (SSO).
For Caché to use this, I get that there is an environment variable (REMOTE_USER) which is set to "something", but it's not clear to me how this ends up mapping to a provisioned caché user (or LDAP provisioned user for that matter) and ultimately to the %Roles in effect and subsequent system access.
Hi folks!
Could you please share your experience on how do you create REST API with InterSystems IRIS that uses bearer authentication?
How do you generate tokens? How do you maintain it (how much time tokens exist?).
Thanks in advance!
Hello,
We are using AWS SSO authentication in our application to validate the users. For validating the users, we are passing the username and password from AWS SSO to our application. We need to validate the user in our application without using the password.
We developed the login class using zenPage. We used <loginForm> tag in the login page which is used for the automatic validation.
Is there any possible way to achieve this?
Thanks in advance.
Hello,
I'm hoping to get some feedback on the OAuth process flow for Payer-to-Payer authorization. It doesn't seem that "Authorization Code Flow" is needed as there will not be a need for a login. I am leaning towards recommending "Client Credentials Flow", but wanted to get some community feedback before making a decision. I prefer to follow what the standard will be if possible. What would you recommend? Thank you in advance for your input.
How do you determine what namespace to use for your custom SAML attributes? We want to receive patient context (first name, last name, dob, gender, etc.)
OASIS has resource-id but none of the other attributes. urn:oasis:names:tc:xacml:1.0:resource:resource-id
I am using MDX2JSON do display data, it uses CSP REST to retrieve data and uses Password Authentication. I enabled LDAP authentication for this applicaiton, but it does not work.
Hello everybody,
I am creating a WS as a server, but when I ask for the WSDL it is giving me an error because it cannot find the class.
I have added the following instructions:
set ^SYS("Security","CSP","AllowClass","MiProyecto.MiClaseWS","%SOAP.WebServiceInfo")=1
set ^SYS("Security","CSP","AllowClass","MiProyecto.MiClaseWS","%SOAP.WebServiceInvoke")=1Hi,
We need to implement Oauth2 Code Flow + PKCE. Any experience with InterSystems OAuth2 Server on this would be welcome.
What parameters did you setup on OAuth 2 server configuration page to make it work?
Thanks!
Dear Folks,
I have recently studied deepsee and developed few dashboards needed for our web app users. I am trying to embed them in our existing web app which uses angular with delegated user access. I need to embed the native IRIS dashboard into it. ( I can't use Highcharts or any other js tools).
How do I setup the dashboards to work with delegated authentication (Without providing access to management portal or other parts) ? Also should I use the default csp/{Namespace}/_DeepSee.UserPortal.DashboardViewer.zen? or any other web application URL ?
Thanks
Currently, I am working on a CSP application that is supposed to generate reports. Users will have varying access to said reports. To achieve that, I plan to use LDAP (because it's used in other systems where those users already exist). Documentation does not provide enough information, so I'd like a clarification:
Do I need to enable LDAP authentication for the whole Cache instance to use LDAP authentication in a single CSP application in that instance?
Hi Community,
is there a possibility to implement a "remember password" feature in a ZEN Application?
In the management portal I added a web-application for a ZEN application with password authentification. I created an own login page, and now I want to implement a "remember password" feature (User should not have to login again after the session times out or when the browser window is closed).
Hi,
I've a Service utilising the Adapter EnsLib.SQL.InboundAdapter, which uses a Credentials item set with the details of a local SQL account. This currently works, however, we're looking to use the credentials of an AD domain account.
The domain account is a member of an AD security group, which has the required permissions on the source SQL database. I've checked that access is possible with this account via SQL studio.
I've tested setting the Credential username as domain\username and username@FQDN, but neither create a successful connection.
Hey Intersystems Community,
I have a Problem with the Session Handling in .csp.
I wrote all my Web Services in .csp-Pages and do the work for example in the OnPreHttp Method for to get some data.
After that the Web Service response is in JSON.
I call These Web Services via fetch in my react Single Page application, also Many request parallel. The react App is Rolled out as index.html.
Everything Works Fine with the session Handling via Cookie.
Hi guys,
I'm trying to consume a REST Service that use Digest authentication, I'm trying to implement the authentication but I'm don't know where is my mistake.
Someone have already used this type of authentication.
Below the code I wrote to try to generate the response hash:
Hi All,
Actually, I'm developing few restful API's. I want to create a authentication tokens and display it on my login restful API. If I'm using CSP sessionId, how can I validate the session Id's in another or continues restful API's. else, is there any other approach to handle this task.
My Primary goal is, I have to integrate 2 different front end applications. One is Zen framework another one is web pages from Python.
If any lead, it would be appreciated.
Thanks,
Arun Kumar Durairaj.
I'm trying to sign an xml but this is showing an Id attribute in the Signature tag and the xmlns attribute is not appearing.
This is the xml generated:
SET = ##class
I'm wondering if anybody has done an implementation of the https://www.shibboleth.net/products/service-provider/ interface in Caché / IRIS to have a application running in Caché / IRIS be acception the shibboleth tokens and data as usage credentials.