Cookie Authentication

Installation and Configuration

Copyright ©

Mindbreeze GmbH, A-4020 Linz, 2017.

All rights reserved. All hardware and software names used are registered trade names and/or registered trademarks of the respective manufacturers.

These documents are highly confidential. No rights to our software or our professional services, or results of our professional services, or other protected rights can be based on the handing over and presentation of these documents. Distribution, publication or duplication is not permitted.

.


Cookie Authentication Permanent link for this heading

The Cookie Authentication Plugin enables Mindbreeze to authenticate Users by a Portal Login.

Configuration Permanent link for this heading

The Cookie Authentication is configured in the Mindbreeze Client Service configuration. The Plugin „SessionAuthenticationService.CookieAuthentication“ has to be added as „Session Authentication Plugin“ to the Client Service configuration. After adding the Plugin the following configuration options are available.

Login Form URLPermanent link for this heading

The „Login Form URL“ defines the Login Form of the Client Service. If the default Login Form is used the URL should be set to
„https://<clientservice+port> /apps/login/login.html?destination=/apps/login/loggedin.html“.

When the User is not logged in this Form is used to enter the username and password of the user. The entered data is transmitted to the Login of the Portal for authorisation.

Sample URLPermanent link for this heading

Sample URL is provided by the Portal and converts the login cookie username and groups. Mindbreeze uses this information for authentication.

Post URL for Login on PortalPermanent link for this heading

The Portal Login URL is specified by this Option. The username and password from 2.1 are posted to this Portal Login URL and the browser receives a Cookie, that will be sent to the „Sample URL“ for further processing.

Additional Login URLsPermanent link for this heading

If the Portal needs additional URLs to be opened before login, the „Additional Login URLs“ are opened and all cookies are collected and sent to the Portal Login.

Additional Form ParamsPermanent link for this heading

Some Portal Login Forms require additional parameters, which can be specified in this Option.

Authentication SzenariosPermanent link for this heading

Mindbreeze Search Client embedded in a Portal Permanent link for this heading

The Portal Login provides a Cookie which can be „cracked“ by the configured „Sample URL“ into credentials. In this scenario only the „Sample URL“ has to be configured.

Mindbreeze Search Client without Portal LoginPermanent link for this heading

If the Mindbreeze Search Client is used and not embedded into the Portal at least „Login Form URL“, „Post URL for Login on Portal“ and „Sample URL“ have to be defined, since Mindbreeze needs to provide its own Login Form and reposts the login information to the Portal. The collected cookies are sent to the „Sample URL“ to get the credentials for authentication.