Is there a way to automate AwareIM so that my users don't need to login, but instead the system will use Active Directory to authenticate them? I think the only issue with this is that the Busines Space name would need to be included.
So, for example. Let's assume I create a ASP page that has the explicit URLS. Once the user clicks on the link I would like to see the application open without the user entering their credentials. Authentication would occur behind the scenes.
Auto Login
-
- Posts: 7525
- Joined: Sun Apr 24, 2005 12:36 am
- Contact:
Yes, this is possible - you just need to provide user name and password as parameters of the login URL, for example:
http://localhost:8080/AwareIM/logonOp.do?... &userName=blah&password=blah...
I don't remember the correct URL off the top of my head, but it should be provided in the User Guide
http://localhost:8080/AwareIM/logonOp.do?... &userName=blah&password=blah...
I don't remember the correct URL off the top of my head, but it should be provided in the User Guide
Aware IM Support Team
Thanks Support I have used that - but it requires manual setup fior each user and wont survive a change when that user changes their password.
What I think is being referred to is a mechanism that uses the concept of a trusted login or single signon. If the user has successfully logged in on one system then the act of opening the new system eg AwareIM app, then this application uses the stored login name and goes to a login server such as Active Directory and gets the password from there. Thus the user is automatically logged into the AwareIM app without a login prompt or password.
This sort of mechanism is common across many systems in the corporate environment and is becomming expected by users.
What I think is being referred to is a mechanism that uses the concept of a trusted login or single signon. If the user has successfully logged in on one system then the act of opening the new system eg AwareIM app, then this application uses the stored login name and goes to a login server such as Active Directory and gets the password from there. Thus the user is automatically logged into the AwareIM app without a login prompt or password.
This sort of mechanism is common across many systems in the corporate environment and is becomming expected by users.
/John
-
- Posts: 7525
- Joined: Sun Apr 24, 2005 12:36 am
- Contact:
Aware IM does not support single sign-on yet, but this URL can be used as a workaround for those who can write a small piece of code that would extract the relevant credentials from whatever system they want and pass it to Aware IM.
I forgot to mention that if a user is registered in LDAP (supported by the Active Directory as well) then Aware IM will go into LDAP for the user credentials (the user needs to be setup as LDAP user in Aware IM) - this is slightly off topic, but may be relevant to some people.
I forgot to mention that if a user is registered in LDAP (supported by the Active Directory as well) then Aware IM will go into LDAP for the user credentials (the user needs to be setup as LDAP user in Aware IM) - this is slightly off topic, but may be relevant to some people.
Aware IM Support Team
-
- Posts: 7525
- Joined: Sun Apr 24, 2005 12:36 am
- Contact:
LDAP
If you use LDAP, does not the access level also come from there, so therefore a user cannot have different access levels for different applications? Should the username and password not be matched against the staff BO and the access level obtained from there for each app. Or am I missing something?
-
- Posts: 7525
- Joined: Sun Apr 24, 2005 12:36 am
- Contact:
When you define an object which is a member of SystemUsers group and which is persisted in LDAP, Aware IM pops up a dialog which lets you choose which attribute in LDAP will be responsible for holding the value of the access level. Aware IM will then take the access level value from that attribute. This will be, of course, within the context of the business space where you are defining the LDAP-persisted object.
I am not sure what you mean here by "different applications". If you mean different Aware IM business spaces, then there is no problem, because you will configure different LDAP objects for different business spaces.
If you mean the same Aware IM application running in a different business context, then you can solve the problem at the configuration level - for example, define a business rule that will attach a particular value for access level based on the business requirements of your application. You would still need to define an attribute in LDAP to hold this value, but this attribute conceptually will not "come from" LDAP, but rather be written there by your business rules.
I am not sure what you mean here by "different applications". If you mean different Aware IM business spaces, then there is no problem, because you will configure different LDAP objects for different business spaces.
If you mean the same Aware IM application running in a different business context, then you can solve the problem at the configuration level - for example, define a business rule that will attach a particular value for access level based on the business requirements of your application. You would still need to define an attribute in LDAP to hold this value, but this attribute conceptually will not "come from" LDAP, but rather be written there by your business rules.
Aware IM Support Team
Our clients and partners who have remote access to aware app are very unhappy that they have to enter login and password each time, I understand it cause most of modern online apps have a feature "Remember Me" that allows to enter login/password only once so that in future when you enter app you will be already logged in.
Is it technically possible in awareim, can it be done by making timeout session a larger value or by writing a plugin?
Or is it possible to make a plugin that will allow pressing one button in app that will add to browsers bookmarks url http://localhost:8080/AwareIM/logonOp.do?... &userName=blah&password=blah... with login/password of corresponding user.
Is it technically possible in awareim, can it be done by making timeout session a larger value or by writing a plugin?
Or is it possible to make a plugin that will allow pressing one button in app that will add to browsers bookmarks url http://localhost:8080/AwareIM/logonOp.do?... &userName=blah&password=blah... with login/password of corresponding user.
AwareIM 5.1a build 1454, Debian 64bit , MySQL
-
- Posts: 7525
- Joined: Sun Apr 24, 2005 12:36 am
- Contact: