Mindbreeze GmbH, A-4020 Linz, 2019.
All rights reserved. All hardware and software names used are registered trade names and/or registered trademarks of the respective manufacturers.
These documents are highly confidential. No rights to our software or our professional services, or results of our professional services, or other protected rights can be based on the handing over and presentation of these documents. Distribution, publication or duplication is not permitted.
Cookie authentication allows Mindbreeze InSpire to use the credentials of a web portal for the search. The prerequisite is that a logged-in user in the web portal has a cookie (the web portal and Mindbreeze InSpire are on the same host) or a cookie with login information can be requested (the web portal and Mindbreeze InSpire do not have to be on the same host). In addition, the prerequisite that a cookie can be “broken” into user name and its groups by the web portal must be met. Login scenarios can be found in the chapter Login scenarios.
The Cookie Authentication is configured in the Mindbreeze Client Service configuration. The Plugin „SessionAuthenticationService.CookieAuthentication“ has to be added as „Session Authentication Plugin“ to the Client Service configuration. After adding the Plugin the following configuration options are available.
The „Login Form URL“ defines the Login Form of the Client Service. If the default Login Form is used the URL should be set to
When the User is not logged in this Form is used to enter the username and password of the user. The entered data is transmitted to the Login of the Portal for authorisation.
The “Sample URL” must be available from the portal and converts a cookie obtained through the login into the user name and its groups in the portal. A GET request is sent to the “Sample URL” (the header “Cookie” is set), with the headers “X-Username” and “X-Groups” set in the response. This way the Mindbreeze Search Client knows which user is logged in as well as which groups the user belongs to.
This is the login post URL on the portal to which the username and its password from the login form will be posted. In the process, the user name with “credential_0” and the password with “credential_1” are sent to the “Post URL for Login on Portal” via content-type “application/x-www-form-urlencoded.” Mindbreeze receives the cookie in the header “Set Cookie,” which can be resolved into users and groups using the “Sample URL.”
If the Portal needs additional URLs to be opened before login, the „Additional Login URLs“ are opened and all cookies are collected and sent to the Portal Login.
Some Portal Login Forms require additional parameters, which can be specified in this Option.
The Portal Login provides a Cookie which can be „cracked“ by the configured „Sample URL“ into credentials. In this scenario only the „Sample URL“ has to be configured.
If the Mindbreeze Search Client is to be addressed via a URL other than the portal, the following parameters must be configured, and the procedure is as follows: