Hi,
is there a documentation available on the attributes that the BOM server queries when using SPA to authenticate/authorize using an OE AppServer?
We are having the problem that when using SPA the users do not see any Dashboard widgets. Also I don't know how to tell the BPM server that a user is an administrator.
I see that the BPM server is querying attributes like "management" or "administration" but I don't know in which format I have to provide the result.
Any help greatly appreciated.
Thanks,
Mike
Hi,
is there a documentation available on the attributes that the BOM server queries when using SPA to authenticate/authorize using an OE AppServer?
We are having the problem that when using SPA the users do not see any Dashboard widgets. Also I don't know how to tell the BPM server that a user is an administrator.
I see that the BPM server is querying attributes like "management" or "administration" but I don't know in which format I have to provide the result.
Any help greatly appreciated.
Thanks,
Mike
Flag this post as spam/abuse.
Hi Jawahar,
I already read the SPAInstructions.pdf, but that does not contain any information about the attributes that are queried at runtime.
I am not sure if I understand your comments regarding user in SPA correctly. Does this mean that we have to create all the users that already exist in our application database again in the JDBC realm? How exaxtly would we do that (I am not familiar with the JDBC realm)?
I did some more testing and figured out that if I create an admin user in our application db and log into BPM portal using that account, then I see widgets in the dashboard. But I still don't get the Management or Administration Tab.
Are (some of...) the attributes which the BPM server requests from our SPA Application Server ignored? And if so, why are they queried at all...? :-)
Thanks for your help,
Mike
Is this documentation more helpful?
REST & Mobile Single Point of Authentication
(hopefully the link works)
I had issues in the past with the Roles being passed back not having the Roles to handle the Tomcat needed roles (ROLES_USERS or whatever they are). Also, and I can't recall no, I think you have to leave off the ROLES_ if you have defined that in another of the parameters.
Hope this helps.
Hi Mike,
As SPA service only authenticates users while BP Server manages permission, not having this admin user will prohibit you from administering BP Server. And when OEBPM is configured to OE Realm ,we need to create an admin user in our application db, this user will have all the permissions by default .And further to assign admin permissions for any users created in application db .Please follow the below stated steps.
1. Login to the portal as admin.
2. Navigate to the administration > User Management > users
3. Select the user to assign the permission
4. Select the permissions tab in the User details page and assign the required permission.
Regards,
Lakshmi
Hi Jawahar,
I already read the SPAInstructions.pdf, but that does not contain any information about the attributes that are queried at runtime.
I am not sure if I understand your comments regarding user in SPA correctly. Does this mean that we have to create all the users that already exist in our application database again in the JDBC realm? How exaxtly would we do that (I am not familiar with the JDBC realm)?
I did some more testing and figured out that if I create an admin user in our application db and log into BPM portal using that account, then I see widgets in the dashboard. But I still don't get the Management or Administration Tab.
Are (some of...) the attributes which the BPM server requests from our SPA Application Server ignored? And if so, why are they queried at all...? :-)
Thanks for your help,
Mike
Flag this post as spam/abuse.
Hi Lakshmi,
I created a "admin" user in our application database and logged into BPM using that username.
Now I see the dashboard widgets. But I still do not get the administration tab.
Any idea what I can do?
Thanks,
Mike
Hi Mike ,
Please follow the below steps provided to configure BPM with SPA and let us know if you still have an issue.
1. Open portal in browser before configuring SPA and login to the portal as “admin”
2. Stop servers
3. Open DLC/oebpm/server/conf /umacl.conf file and change real.type and realm provider as follows
· usermgr.realm.type=custom
· usermgr.realm.provider=com.savvion.usermanager.OERealm
4. Open DLC/oebpm/server/conf /bpmportal.conf and Set bpmportal.customrealm.managegroup to true
5. Copy paste spaservice.properties file from DLC/src/samples/security to wrk directory
6. Open proenv and type following and press enter. Copy generated encoded password and paste in spaservice.properties file. Also will generate oespaclient.cp. in work directory
proenv>genspacp -password admin
7. Copy oespaclient.cp from wrk to DLC/oebpm/server/conf directory
8. In DLC/oebpm/server/conf /umacl.conf file, change oeauth.server.clientprincipal from spadefault.cp to oespaclient.cp
9. Create empty db in pdsoe
10. Create an appserver project with below structure
· <APseverProject>\ AppServer\OpenEdge\Security\Realm
· <APseverProject>\ AppServer\OpenEdge\Security\Util
11. copy files from following location
· DLC\src\samples\security\OpenEdge\Security\Realm to <APseverProject>\ AppServer\OpenEdge\Security\Realm
· DLC\src\samples\security\OpenEdge\Security\Util to <APseverProject>\ AppServer\OpenEdge\Security\Realm
12. Create database and sql connection and assign to project for the empty db
13. Create a .p file with following content and run the p file
CREATE <dbname>._User.
ASSIGN _User._Userid = "admin"
_User._Password = "admin"
_User._User_number = 1800
_User._Create_date = NOW
_User._Given_name = "Administrator"
_User._Telephone = "987888888"
_User._Email = " admin @progress.com"
_User._Description = "QA Eng"
14. Add database to bpsbroker from run configuration and start server
15. Add project to broker and publish
16. Now login to portal with oebpm credentials and observe that now we are able to login
Hi Lakshmi,
I created a "admin" user in our application database and logged into BPM using that username.
Now I see the dashboard widgets. But I still do not get the administration tab.
Any idea what I can do?
Thanks,
Mike
Flag this post as spam/abuse.