The community will be in read-only from Monday 11:59pm (PT) to Wednesday 7:30am (PT)
The community will be in read-only from Monday 11:59pm (PT) to Wednesday 7:30am (PT)
Project and Portfolio Management Practitioners Forum
cancel
Showing results for 
Search instead for 
Did you mean: 

PPMC Web Services SSO Login

Highlighted
rayzrayz
Acclaimed Contributor

PPMC Web Services SSO Login

Trying to implement SSO on a Web Service Client. I am following the instructions in the document hp_man_PPM9.10_WebServices_Programmers_pdf shown below.

 

  • Has anyone sucessfully completed this and have you any code samples?
  • Where is the token retrieved from once a sucessful login is performed?
  • The latest exception I receive is Exception in thread "main" java.lang.NoClassDefFoundError: com/kintana/rmi/Remote yet I can't find this class in any of the Web Services toolkit Jars.

 

Integration with a Client-Side Log-In Module
To complement the integration with client-side log-in module, follow these
steps:
1. Develop a Java Authentication and Authorization Service (JAAS) log-in
module that authenticates with the SSO system and receives an SSO token.
The token could be set as a private credential in the Subject class.
PPM Center has already provided such a module:
Web Service Security 471
com.kintana.sc.security.auth.SiteMinderLoginModule
2. Create the JAAS configuration file under the $WebServiceToolkit/java/
conf directory
Example:
#authentication.conf
SiteMinder {
com.kintana.sc.security.auth.SiteMinderLoginModule required
debug=true;}
3. Specify the JAAS login configure system property in the command lines
used to invoke the Web services in the compile_client.bat file
Example:
java -Dclient.repository.dir=%WSCLIENT_HOME% -classpath
%CPATH%
-Djava.security.auth.login.config==%WSCLIENT_HOME%/conf/
authentication.conf
examples.pm.ProjectServiceClient https://localhost:8443/itg/
ppmservices/ProjectService "kevin8"
4. Add logic in the Web service client to invoke JAAS login
Examples:
public Subject login() {
LoginContext lc = null;
lc = new LoginContext(
" MyCustomModule ",
myCallbackHandler
);
lc.login();
return lc.getSubject();
}
5. Add the SSO token as cookie in the Web service client.
Examples: Set a HTTP cookie in axis2 Web service client.
public void setSSOCookie(Stub stub, String ssoToken) {
List headers = new ArrayList();
//Set the required session variable for SSO system
Header header = new Header(
"Cookie",
"SMSESSION=" + ssoToken
);
headers.add(header);
ServiceClient client = stub._getServiceClient();
Options option = client.getOptions();
472 Chapter 11
option.setProperty(HTTPConstants.HTTP_HEADERS,
headers);
}
6. Call the corresponding method to set the SSO cookie after a stub is created.
7. Make the desired Web service request with the SSO cookie you set.

3 REPLIES
mike_se
New Member

Re: PPMC Web Services SSO Login

Hi,

 

I do not have a sample app, though just wanted to give some thoughts that may help.

 

See Page 57 for a diagram of how the authentication is being done when Web Services  are used. With SSO in the browser, the login information is passed in the http header. With the Web Services, this has to be done with custom calls from PPM to whatever is authenticating the Users to set the SSO cookie, and then submitting the Web Services call to update/get the data from PPM. PPM comes with a SiteMinder module for this, though for other SSO modules, would probably have to ask the specific product vendor how best to build one of these modules for remote calls.  

 

Hopefully you are using SiteMinder. The login behavior will be the same as if opening the Workbench using Mixed Security mode with SiteMinder integration. That might be why you are seeing the RMI type of errors. Probably not related to your Web Services test, as it is probably a User trying to open the Workbench. Though the issue might be the same that the SiteMinder module is not set up properly for PPM to use to authenticate the Users. If can first get that Workbench opening properly in Mixed Mode (see the Installation and Administration Guide's "Integration Architecture for Mixed Mode" section), then the SSO should work as expected as well.

 

-Mike 

“HP Support
If you find that this or any post resolves your issue, please be sure to mark it as an accepted solution.”
lss123
Member

Re: PPMC Web Services SSO Login

Is that document still attached to this thread?  Did I miss it?

 

If not, could you re-attach it?  I'm looking to do SSO for web services for HP Service Manager, and I might be able to use that document.  Thanks.

mike_se
New Member

Re: PPMC Web Services SSO Login

Hi,

 

We were referencing the one on the Manuals Site.

 

There are two Guides for PPM and Web Services:

Web Services Guide

Web Services Programmer’s Guide

 

The first is an overview, and the latter goes in to more details for developers.

 

-Mike

“HP Support
If you find that this or any post resolves your issue, please be sure to mark it as an accepted solution.”
//Add this to "OnDomLoad" event