Home
Home
German Version
Support
Impressum
20.5 Release ►

    Main Navigation

    • Preparation
      • Connectors
      • Initial Startup for G6 appliances (before January 2018)
      • Initial Startup for G7 appliances
      • Setup InSpire G7 primary and Standby Appliances
    • Datasources
      • Configuration - Atlassian Confluence Connector
      • Configuration - Best Bets Connector
      • Configuration - Data Integration Connector
      • Configuration - Documentum Connector
      • Configuration - Dropbox Connector
      • Configuration - Egnyte Connector
      • Configuration - GitHub Connector
      • Configuration - Google Drive Connector
      • Configuration - GSA Adapter Service
      • Configuration - HL7 Connector
      • Configuration - IBM Connections Connector
      • Configuration - IBM Lotus Connector
      • Configuration - Jira Connector
      • Configuration - JiveSoftware Jive Connector
      • Configuration - JVM Launcher Service
      • Configuration - LDAP Connector
      • Configuration - Microsoft Dynamics CRM Connector
      • Configuration - Microsoft Exchange Connector
      • Configuration - Microsoft File Connector (Legacy)
      • Configuration - Microsoft File Connector
      • Configuration - Microsoft SharePoint Connector
      • Configuration - Salesforce Connector
      • Configuration - SAP KMC Connector
      • Configuration - SemanticWeb Connector
      • Configuration - ServiceNow Connector
      • Configuration - SharePoint Online Connector
      • Configuration - Web Connector
      • Data Integration Guide with SQL Database by Example
      • Indexing user-specific properties (Documentum)
      • Installation & Configuration - Atlassian Confluence Sitemap Generator Add-On
      • Installation & Configuration - Caching Principal Resolution Service
      • Installation & Configuration - Jive Sitemap Generator
      • Mindbreeze InSpire Search Apps in Microsoft SharePoint 2010
      • Mindbreeze InSpire Search Apps in Microsoft SharePoint 2013
      • Mindbreeze InSpire Search Apps in Microsoft SharePoint Online
      • Mindbreeze Web Parts for Microsoft SharePoint
      • User Defined Properties (SharePoint 2013 Connector)
    • Configuration
      • CAS_Authentication
      • Cognito JWT Authentification
      • Configuration - Alternative Search Suggestions and Automatic Search Expansion
      • Configuration - Back-End Credentials
      • Configuration - Chinese Tokenization Plugin (Jieba)
      • Configuration - CJK Tokenizer Plugin
      • Configuration - Collected Results
      • Configuration - CSV Metadata Mapping Item Transformation Service
      • Configuration - Entity Recognition
      • Configuration - Exporting Results
      • Configuration - GSA Late Binding Authentication
      • Configuration - Index-Servlets
      • Configuration - Item Property Generator
      • Configuration - Japanese Language Tokenizer
      • Configuration - Kerberos Authentication
      • Configuration - Management Center Menu
      • Configuration - Metadata Enrichment
      • Configuration - Metadata Reference Builder Plugin
      • Configuration - Notifications
      • Configuration - Personalized Relevance
      • Configuration - Plugin Installation
      • Configuration - Principal Validation Plugin
      • Configuration - Profile
      • Configuration - Reporting Query Logs
      • Configuration - Reporting Query Performance Tests
      • Configuration - Request Header Session Authentication
      • Configuration - Vocabularies for Synonyms and Suggest
      • Configuration of Thumbnail Images
      • Cookie-Authentication
      • Documentation - Mindbreeze InSpire
      • Google Search Appliance Migration to Mindbreeze InSpire
      • I18n Item Transformation
      • Installation & Configuration - Outlook Add-In
      • Installation - GSA Base Configuration Package
      • Language detection - LanguageDetector Plugin
      • Mindbreeze Personalization
      • Mindbreeze Prediction Service Text Classification
      • Mindbreeze Property Expression Language
      • Mindbreeze Query Expression Transformation
      • Non-Inverted Metadata Item Transformer
      • SAML-based Authentication
      • Trusted Peer Authentication for Mindbreeze InSpire
      • Using the InSpire Snapshot for Development in a CI_CD Scenario
    • Operations
      • app.telemetry Statistics Regarding Search Queries
      • Configuration Usage Analysis
      • Deletion of Hard Disks
      • Handbook - Backup & Restore
      • Handbook - Command Line Tools
      • Handbook - Distributed Operation (G7)
      • Handbook - Filemanager
      • Handbook - Synchronized Operation (G6)
      • Index Operating Concepts
      • Indexing and Search Logs
      • Inspire Diagnostics and Resource Monitoring
      • InSpire Support Documentation
      • Mindbreeze InSpire SFX Update
      • Provision of app.telemetry Information on G7 Appliances via SNMPv3
      • Restoring to As-Delivered Condition
    • User Manual
      • Cheat Sheet
      • iOS App
      • Keyboard Operation
    • SDK
      • api.v2.alertstrigger Interface Description
      • api.v2.export Interface Description
      • api.v2.personalization Interface Description
      • api.v2.search Interface Description
      • api.v2.suggest Interface Description
      • api.v3.admin.SnapshotService Interface Description
      • Debugging (Eclipse)
      • Developing an API V2 search request response transformer
      • Developing Item Transformation and Post Filter Plugins with the Mindbreeze SDK
      • Development of Insight Apps
      • Java API Interface Description
    • Release Notes
      • Release Notes 20.1 Release - Mindbreeze InSpire
      • Release Notes 20.2 Release - Mindbreeze InSpire
      • Release Notes 20.3 Release - Mindbreeze InSpire
      • Release Notes 20.4 Release - Mindbreeze InSpire
      • Release Notes 20.5 Release - Mindbreeze InSpire
      • Release Notes 2018 Spring - Mindbreeze InSpire
      • Release Notes 2018 Winter - Mindbreeze InSpire
      • Release Notes 2019 Fall - Mindbreeze InSpire
      • Release Notes 2019 Winter - Mindbreeze InSpire
    • Security
      • Known Vulnerablities
    • Product Information
      • Product Information - Mindbreeze InSpire - Standby
      • Product Information - Mindbreeze InSpire
    Home

    Path

    Cookie Authentication

    Installation and Configuration

    Copyright ©

    Mindbreeze GmbH, A-4020 Linz, 2020.

    All rights reserved. All hardware and software names used are registered trade names and/or registered trademarks of the respective manufacturers.

    These documents are highly confidential. No rights to our software or our professional services, or results of our professional services, or other protected rights can be based on the handing over and presentation of these documents. Distribution, publication or duplication is not permitted.

    .


    Cookie Authentication Permanent link for this heading

    Cookie authentication allows Mindbreeze InSpire to use the credentials of a web portal for the search. The prerequisite is that a logged-in user in the web portal has a cookie (the web portal and Mindbreeze InSpire are on the same host) or a cookie with login information can be requested (the web portal and Mindbreeze InSpire do not have to be on the same host). In addition, the prerequisite that a cookie can be “broken” into user name and its groups by the web portal must be met. Login scenarios can be found in the chapter Login scenarios.

    Configuration Permanent link for this heading

    The Cookie Authentication is configured in the Mindbreeze Client Service configuration. The Plugin „SessionAuthenticationService.CookieAuthentication“ has to be added as „Session Authentication Plugin“ to the Client Service configuration. After adding the Plugin the following configuration options are available.

    Login Form URLPermanent link for this heading

    The „Login Form URL“ defines the Login Form of the Client Service. If the default Login Form is used the URL should be set to
    „https://<clientservice+port> /apps/login/login.html?destination=/apps/login/loggedin.html“.

    When the User is not logged in this Form is used to enter the username and password of the user. The entered data is transmitted to the Login of the Portal for authorisation.

    Sample URLPermanent link for this heading

    The “Sample URL” must be available from the portal and converts a cookie obtained through the login into the user name and its groups in the portal. A GET request is sent to the “Sample URL” (the header “Cookie” is set), with the headers “X-Username” and “X-Groups” set in the response. This way the Mindbreeze Search Client knows which user is logged in as well as which groups the user belongs to.

    Post URL for Login on PortalPermanent link for this heading

    This is the login post URL on the portal to which the username and its password from the login form will be posted. In the process, the user name with “credential_0” and the password with “credential_1” are sent to the “Post URL for Login on Portal” via content-type “application/x-www-form-urlencoded.” Mindbreeze receives the cookie in the header “Set Cookie,” which can be resolved into users and groups using the “Sample URL.”

    Additional Login URLsPermanent link for this heading

    If the Portal needs additional URLs to be opened before login, the „Additional Login URLs“ are opened and all cookies are collected and sent to the Portal Login.

    Additional Form ParamsPermanent link for this heading

    Some Portal Login Forms require additional parameters, which can be specified in this Option.

    Authentication ScenariosPermanent link for this heading

    Mindbreeze Search Client embedded in a Portal Permanent link for this heading

    The Portal Login provides a Cookie which can be „cracked“ by the configured „Sample URL“ into credentials. In this scenario only the „Sample URL“ has to be configured.

    The Mindbreeze Search Client exists outside the portalPermanent link for this heading

    If the Mindbreeze Search Client is to be addressed via a URL other than the portal, the following parameters must be configured, and the procedure is as follows:

    • The login is done via the “Login Form URL” in order to enter the user name and password.
    • The credentials are then sent to “Post URL for Login on Portal” to receive a cookie.
    • This cookie is then sent to the “Sample URL” in order to resolve the logged in user name and its group membership.

    Download PDF

    • Cookie-Authentication

    Content

    • Cookie Authentication
    • Configuration
    • Authentication Scenarios

    Download PDF

    • Cookie-Authentication