Rollbase OpenEdge Authentication - Forum - Rollbase - Progress Community

Rollbase OpenEdge Authentication

 Forum

Rollbase OpenEdge Authentication

This question is answered

Hi, I'm using Rollbase with OpenEdge Authentication, i have managed to authenticate an user using HybridRealm class but, after the login i cannot get the ClientPrincipal on the back-end side. This is my configuration on rollbase.

Does anyone know what i have done wrong, or why Rollbase is not sending the ClientPrincipal on the back-end?

Thanks,Catalin.

Verified Answer
  • Hi,

    Thank you for suggestions. There were a couple of issues related to this topic:

    - version of Rollbase and version of OpenEdge: to work upgrade to 5.1.1.0 and publish service with OE 11.6

    - certificate: upgrade of java version on Rollbase server to version 8

    - OpenEdge domain access code: use directly the password instead of encoding

    - make sure the roles are set correctly and authorization in service appsecurity-xxx.xml is set correctly

    Mihai

All Replies
  • Hi Catalin,

    Could you try the same case by giving the OpenEdge Domain value?

    Rollbase expects both Domain and its access code for a successful authentication.

    Thanks,

    Shivani.

  • Hi Shivani.

    The authentication works ok, but the problem is in the OEservice when doing a request from the rollbase page. The service has 'Use Current User ' authentication  method.

    Thank you, Catalin.

  • Hi Catalin,

    As the tenant authentication is OpenEdge Authentication , any OpenEdge service deployed in that tenant defaults to 'Use Current User' option. This basically is valid for an authenticated OpenEdge service with same credentials as the OpenEdge Authenticated Users.

    If the OpenEdge services are unauthenticated, you could chose 'No Authentication' option.

    Hope this is helps,

    Thanks,

    Shivani.

  • Hi Shivani,

    This is correct, we want to have the OE Authentication for user login and for using the OE webservices. The problem we are facing is that Rollbase does not send the ClientPrincipal object to the Appserver.

    Thank you,

    Mihai

  • Hi Mihai,

    Could you share the screenshot of the error you are seeing?

    Also, how are you concluding that the ClientPrincipal is not being sent? Are you checking in the Request Headers?

    Thanks,

    Shivani.

  • Hi Shivani,

    We were checking the log file of the service when calling from the browser and the log states the C-P object is created. We are using appSecurity-form-oerealm.xml for authentication. In the browser we get an Unauthorised http response when trying to do a read and this is the service log: 

    The same service called from Rollbase does not log anything in the service log file but when checking the Rollbase System Error Log there is a "Unable to compute ListView ABL Filter Clause" followed by a NullPointerException error:

    Thank you,

    Mihai

  • Hi,

    Update on this: the rollbase error was solved by upgrading to 5.1.1.0. Also the Unauthorized error was due to roles permission on pattern="/rest/**" from appSecurity-form-oerealm.xml.

    From the browser the service works ok. However from Rollbase it returns an error and does not make a call to appserver:

    Service log:

    Any ideas?

    Thank you,

    Mihai

  • Mihai,

    Can you use a network monitor on Rollbase Server to check whether Rollbase Server makes HTTP (or HTTPs) calls to OpenEdge Server or not ?

    Client Principal is sent as a header with key name as X-OE-CLIENT-CONTEXT-ID

    So if you find HTTP calls, then look for above header...

  • Hi,

    Thank you for suggestions. There were a couple of issues related to this topic:

    - version of Rollbase and version of OpenEdge: to work upgrade to 5.1.1.0 and publish service with OE 11.6

    - certificate: upgrade of java version on Rollbase server to version 8

    - OpenEdge domain access code: use directly the password instead of encoding

    - make sure the roles are set correctly and authorization in service appsecurity-xxx.xml is set correctly

    Mihai

  • So can I conclude that this is working for you now ?