Rollbase OpenEdge Authentication

Posted by catalin.pop on 12-Mar-2018 07:03

Hi, I'm using Rollbase with OpenEdge Authentication, i have managed to authenticate an user using HybridRealm class but, after the login i cannot get the ClientPrincipal on the back-end side. This is my configuration on rollbase.

Does anyone know what i have done wrong, or why Rollbase is not sending the ClientPrincipal on the back-end?

Thanks,Catalin.

Posted by mihai_neagoe on 24-Apr-2018 09:20

Hi,

Thank you for suggestions. There were a couple of issues related to this topic:

- version of Rollbase and version of OpenEdge: to work upgrade to 5.1.1.0 and publish service with OE 11.6

- certificate: upgrade of java version on Rollbase server to version 8

- OpenEdge domain access code: use directly the password instead of encoding

- make sure the roles are set correctly and authorization in service appsecurity-xxx.xml is set correctly

Mihai

All Replies

Posted by Shivani Silveri on 16-Mar-2018 02:29

Hi Catalin,

Could you try the same case by giving the OpenEdge Domain value?

Rollbase expects both Domain and its access code for a successful authentication.

Thanks,

Shivani.

Posted by catalin.pop on 21-Mar-2018 04:19

Hi Shivani.

The authentication works ok, but the problem is in the OEservice when doing a request from the rollbase page. The service has 'Use Current User ' authentication  method.

Thank you, Catalin.

Posted by Shivani Silveri on 26-Mar-2018 03:52

Hi Catalin,

As the tenant authentication is OpenEdge Authentication , any OpenEdge service deployed in that tenant defaults to 'Use Current User' option. This basically is valid for an authenticated OpenEdge service with same credentials as the OpenEdge Authenticated Users.

If the OpenEdge services are unauthenticated, you could chose 'No Authentication' option.

Hope this is helps,

Thanks,

Shivani.

Posted by mihai_neagoe on 26-Mar-2018 05:20

Hi Shivani,

This is correct, we want to have the OE Authentication for user login and for using the OE webservices. The problem we are facing is that Rollbase does not send the ClientPrincipal object to the Appserver.

Thank you,

Mihai

Posted by Shivani Silveri on 26-Mar-2018 07:16

Hi Mihai,

Could you share the screenshot of the error you are seeing?

Also, how are you concluding that the ClientPrincipal is not being sent? Are you checking in the Request Headers?

Thanks,

Shivani.

Posted by mihai_neagoe on 28-Mar-2018 09:50

Hi Shivani,

We were checking the log file of the service when calling from the browser and the log states the C-P object is created. We are using appSecurity-form-oerealm.xml for authentication. In the browser we get an Unauthorised http response when trying to do a read and this is the service log: 

The same service called from Rollbase does not log anything in the service log file but when checking the Rollbase System Error Log there is a "Unable to compute ListView ABL Filter Clause" followed by a NullPointerException error:

Thank you,

Mihai

Posted by mihai_neagoe on 04-Apr-2018 08:46

Hi,

Update on this: the rollbase error was solved by upgrading to 5.1.1.0. Also the Unauthorized error was due to roles permission on pattern="/rest/**" from appSecurity-form-oerealm.xml.

From the browser the service works ok. However from Rollbase it returns an error and does not make a call to appserver:

Service log:

Any ideas?

Thank you,

Mihai

Posted by Anoop Premachandran on 05-Apr-2018 02:29

Mihai,

Can you use a network monitor on Rollbase Server to check whether Rollbase Server makes HTTP (or HTTPs) calls to OpenEdge Server or not ?

Client Principal is sent as a header with key name as X-OE-CLIENT-CONTEXT-ID

So if you find HTTP calls, then look for above header...

Posted by mihai_neagoe on 24-Apr-2018 09:20

Hi,

Thank you for suggestions. There were a couple of issues related to this topic:

- version of Rollbase and version of OpenEdge: to work upgrade to 5.1.1.0 and publish service with OE 11.6

- certificate: upgrade of java version on Rollbase server to version 8

- OpenEdge domain access code: use directly the password instead of encoding

- make sure the roles are set correctly and authorization in service appsecurity-xxx.xml is set correctly

Mihai

Posted by Anoop Premachandran on 26-Apr-2018 06:37

So can I conclude that this is working for you now ?

This thread is closed