I am looking for a solution with Ensemble to talk to a old NTLM based SOAP Service. Does anyone has done this before?

We have the webservice calls working via SOAPUI but we are looking how we can make it work with Ensemble.

Is there a ready to use Outbound Adapter for NTLM ?

Thx.

0 5
0 704

Recently i've been using Restforms2 to create a CRUD API for a project. But it lacks some advanced functionality that we need, so we have created a production with a REST WS which handles those advanced methods. That works great but there's a drawback, it does not have authentication.

I would want to use the same authentication method as Restforms2 which is a basic auth using IRIS users and passwords.

0 4
0 704

Unless I'm mistaken, 2017.1 doesn't appear to support RFC 7523 (JSON Web Token Profile for OAuth 2.0 Client Authentication and Authorization Grants). Is that coming in 2017.2?

In order to support it in 2017.1, I'd have to override the OAuth 2.0 token endpoint to cater for the additional grant types - what's the best way to do this?

Thanks.

0 3
0 689

I am working on an ZAUTHENTICATE.mac to move us from local cache users to Delegated Authentication against LDAP.

I have created a user role within my instance of Ensemble that matches the AD Group that I will be assigning everyone in my group to. Is there a way to query the list of available Roles within Ensemble, and if one of my AD groups matches that role, set the role for that user?

How would I compare the AD Group against the Role listing?

Thanks

Scott

0 10
0 666

Hi -

I know that when specifying Caché password rules (i.e. what constitutes a valid password definition) that the "Pattern Matching" logic is what is getting leveraged under the covers to enforce the "A Password Must conform to X" rule. I was hoping that people could share some more sophisticated pattern matching rules. (in particular, I was wondering what a rule that would require non-repeating mixture of letter, numbers, & punctuation of an overall minimal size)

1 3
0 653

Hi,

We are trying to implement a client side data provider as a component (ZEN) that will use JQuery to do rest calls to a desired URL, in this case, a %CSP.Rest service implemented by ourselves.

This component will be used within our application that is authenticated with a correct user configured on Caché management portal and therefore using one license unit. As we are using a Ajax call from client side this connection creates a new session that will use a new license.

0 2
0 599

In this article we are going to see how we can use the WhatsApp instant messaging service from InterSystems IRIS to send messages to different recipients. To do this we must create and configure an account in Meta and configure a Business Operation to send the messages we want.

Let's look at each of these steps in more detail.

Setting up an account on Meta

This is possibly the most complicated point of the entire configuration, since we will have to configure a series of accounts until we can have the messaging functionality.

15 1
4 576

Hi everyone! My company has a Zen ERP application with CSP delegated authentication. Now, we're developing a separated BI application, using Angular, which consumes DeepSee REST API services. Both applications access the same Caché database.

How to implement single sign-on strategy in order to allow an already authenticated ERP user to access DeepSee REST services? Has anyone already implemented something like that?

Thanks in advanced.

0 3
0 557
Article
· Jan 29, 2024 12m read
Creating custom login pages with %CSP.Login

The %CSP.Login class is the utility class provided by InterSystems IRIS to do custom login pages. If you want to control your IRIS application authentication UI, you must extend %CSP.Login and override some methods according to your needs. This article is going to detail those methods and what you can do with them. In addition to that, you will get an explanation of the delegated authentication mechanism provided by ZAUTHENTICATE.mac routine.

5 2
4 526

Hello, has anyone tried to use Caché as a reverse proxy ?

We are trying to embed a dashboard server (Plotly Dash in this case, but it could be anything which runs on its application server) inside our application which is written in Caché.
The dashboard/report server runs locally (for example, or inside a LAN) on port 8080, and has no authentication features, so we have to implement them on a different layer, and we'd like to use Caché for it.

1 5
0 524

Without installing Kerberos has anyone Authenticated a SQL JDBC connection? Currently we are using local SQL Accounts to sign onto External SQL Databases, but we are being told that we need to switch to Service accounts that live on a Active Directory Domain.

I wrote with a little help a ZAUTHENICATE to do the Authentication for Ensemble, can I use something like that to connect to an External SQL Database using a Service Account on a Active Directory Domain?

Thanks

Scott

0 3
0 517

Credentials for a Productions are stored as plain text in ^Ens.SecondaryData.Password and exposed as plain text via SQL table Ens_Config.Credentials which is not ideal as only admins should know the credentials.

I can create my own adapter etc... to store and use encrypted passwords but does anyone know if there is a standard way to do this in a Production?

Alternatively, am I missing how to secure this so the production can run and someone can monitor and operate a production without access to the SQL table or global?

1 2
2 513

Hey Developers,

Enjoy watching the new video on InterSystems Developers YouTube:

Achieving Single Sign-On: External Providers, HealthShare Unified Care Record, Clinical Viewer @ Global Summit 2022

https://www.youtube.com/embed/BjIeR3EXPUA
[This is an embedded link, but you cannot view embedded content directly on the site because you have declined the cookies necessary to access it. To view embedded content, you would need to accept all cookies in your Cookies Settings]

0 0
0 512

Hi All,

Actually, I'm developing few restful API's. I want to create a authentication tokens and display it on my login restful API. If I'm using CSP sessionId, how can I validate the session Id's in another or continues restful API's. else, is there any other approach to handle this task.

My Primary goal is, I have to integrate 2 different front end applications. One is Zen framework another one is web pages from Python.

If any lead, it would be appreciated.

Thanks,

Arun Kumar Durairaj.

0 1
0 510

Your may not realize it, but your InterSystems Login Account can be used to access a very wide array of InterSystems services to help you learn and use InterSystems IRIS and other InterSystems technologies more effectively. Continue reading to learn more about how to unlock new technical knowledge and tools using your InterSystems Login account. Also - after reading, please participate in the Poll at the bottom, so we can see how this article was useful to you!

5 4
1 509

I am doing an implementation of a SAML 2.0 SingleSignOn protocol integration which requires a signed message with the signature element in the body of the SOAP message, not the header as is default SOAP security handling. Any suggestions for how to do this would be greatly appreciated. When it is passed in the header, it is not processed by our partner and we just get a "Signature Required" response.

0 1
0 499