Accessing authentication information

Previous Topic Next Topic
 
classic Classic list List threaded Threaded
2 messages Options
Reply | Threaded
Open this post in threaded view
|

Accessing authentication information

Michael Imhof
The OFBIZ technique to secure external calls is to add "login.username" and "login.password" to
the parameters. But we don't want to add this additional parameters to every call.

Our .NET client, wich is calling the OFBIZ webservices, is adding username/password as credentials
to the call (like it's common for basic authentication).

Serverside (OFBIZ) I would like to extract this additional information (username/password) and
check OFBIZ authorization (via userlogin).
Searching the web, we should do this in the ControlServlet accessing the
       MessageContext.getCurrentContext();
but this call returns <null>.

Does somebody has an idea how to access this information?

Regards,

Michael
Reply | Threaded
Open this post in threaded view
|

Re: Accessing authentication information

Michael Imhof
Redirect to this post:
http://www.nabble.com/Using-Basic-Authentication-with-OFBIZ-tf4487032.html

Michael Imhof wrote
The OFBIZ technique to secure external calls is to add "login.username" and "login.password" to
the parameters. But we don't want to add this additional parameters to every call.

Our .NET client, wich is calling the OFBIZ webservices, is adding username/password as credentials
to the call (like it's common for basic authentication).

Serverside (OFBIZ) I would like to extract this additional information (username/password) and
check OFBIZ authorization (via userlogin).
Searching the web, we should do this in the ControlServlet accessing the
       MessageContext.getCurrentContext();
but this call returns <null>.

Does somebody has an idea how to access this information?

Regards,

Michael