OERealm authentication with PASOE

Posted by Martin Velikov on 12-Jul-2017 09:07

Hello,

I am trying to configure the OERealm-authentication-with-PASOE. Currently I have success with the following tutorial:

http://knowledgebase.progress.com/articles/Article/How-to-configure-OERealm-authentication-with-PASOE

, but there is something more I should do, because in the moment all the users I made in the user table have full access to the database (I give them different access to the tables and columns and when I try to log in direct to the database the different access is working as it has to work, but when I use the KUIB App it only makes a check for the user name and password. I checked the DB log and there is no track of the user I am loged in with.). Could you give me some info.

Best Wishes,
Martin

All Replies

Posted by kevin hermans on 13-Jul-2017 03:32

If I understand you correctly you make a call to a PAS AppServer and the userid doesn't get set on the database(setuserid) when doing a REST call after authenticating.
When doing the authentication you don't have a dedicated agent where your userid is set.
Every time there is done a REST call, your user get an exclusive moment with your agent for getting the job done and then will return the needed info. Afterwards another clients gets connected and so on...  From the moment your user connects to the agent the activate procedure from the PAS will get triggered and there you have to set the userid just like with the Classic AppServer.
A print screen where you can set the activate procedure.

You can set a message in your connect procedure and check the logging I hope this helps:

define variable vhCP as handle no-undo.
assign vhCP = session:current-request-info:GetClientPrincipal().
message "after  GetClientPrincipal() : hCP= "    vhCP                       skip
        "  session-id= "                         vhCP:session-id            skip
        "  login-state= "                        vhCP:login-state           skip
        "  USER-ID= "                            vhCP:user-id               skip
        "  QUALIFIED-USER-ID= "                  vhCP:qualified-user-id     skip    
        "DOMAIN-NAME"                            vhCP:domain-name           skip
view-as alert-box.



This thread is closed