Cookie Authentication
Installation and Configuration
Copyright ©
Mindbreeze GmbH, A-4020 Linz, 2018.
All rights reserved. All hardware and software names used are registered trade names and/or registered trademarks of the respective manufacturers.
These documents are highly confidential. No rights to our software or our professional services, or results of our professional services, or other protected rights can be based on the handing over and presentation of these documents. Distribution, publication or duplication is not permitted.
.
Cookie Authentication 
The Cookie Authentication Plugin enables Mindbreeze to authenticate Users by a Portal Login.
Configuration
The Cookie Authentication is configured in the Mindbreeze Client Service configuration. The Plugin „SessionAuthenticationService.CookieAuthentication“ has to be added as „Session Authentication Plugin“ to the Client Service configuration. After adding the Plugin the following configuration options are available.
Login Form URL
The „Login Form URL“ defines the Login Form of the Client Service. If the default Login Form is used the URL should be set to
„https://<clientservice+port> /apps/login/login.html?destination=/apps/login/loggedin.html“.
When the User is not logged in this Form is used to enter the username and password of the user. The entered data is transmitted to the Login of the Portal for authorisation.
Sample URL
Sample URL is provided by the Portal and converts the login cookie username and groups. Mindbreeze uses this information for authentication.
Post URL for Login on Portal
The Portal Login URL is specified by this Option. The username and password from 2.1 are posted to this Portal Login URL and the browser receives a Cookie, that will be sent to the „Sample URL“ for further processing.
Additional Login URLs
If the Portal needs additional URLs to be opened before login, the „Additional Login URLs“ are opened and all cookies are collected and sent to the Portal Login.
Additional Form Params
Some Portal Login Forms require additional parameters, which can be specified in this Option.
Authentication Szenarios
Mindbreeze Search Client embedded in a Portal
The Portal Login provides a Cookie which can be „cracked“ by the configured „Sample URL“ into credentials. In this scenario only the „Sample URL“ has to be configured.
Mindbreeze Search Client without Portal Login
If the Mindbreeze Search Client is used and not embedded into the Portal at least „Login Form URL“, „Post URL for Login on Portal“ and „Sample URL“ have to be defined, since Mindbreeze needs to provide its own Login Form and reposts the login information to the Portal. The collected cookies are sent to the „Sample URL“ to get the credentials for authentication.