New Ranks & Badges For The Community!
Notice something different? The ranks and associated badges have gone "Star Fleet". See what they all mean HERE
Highlighted
Absent Member.. Absent Member..
Absent Member..
784 views

skip login screen(web)

Hello, expert.

 

Are there good way to skip login screen.

 

My customer has web portal that is need to login.(The portal is within a company.)

They'd like to make link on the portal and if user click it, runch SM web client.

 

They said the portal can pass login/password for the portal using http request like http:xxxxx/username=xxx/password=xxxx on the portal.

The authentication for SM is using SM operator record.(So SM has same login/password for the portal).

 

Then they just want to skip login screen.

 

Is it possible?

Tags (1)
0 Likes
4 Replies
Highlighted
Absent Member.. Absent Member..
Absent Member..

My customer's SM version is 9.3.

Regards.

0 Likes
Highlighted
Absent Member.
Absent Member.

You cannot pass id and password in the url although few web application support such feasibility. But in SM , like many other applications, it is good to not have this for security reasons.


Need to implement SSO (single signon) with SSL to achieve the same. By this user logged in to windows system will be automatically logged in SM with same user id.
Follow below link for SSO,

http://h30499.www3.hp.com/t5/HP-Service-Manager-Service/SSO-Integration-on-WEB-TIER-Please-HELP/m-p/6383509/highlight/true#M107617

http://h30499.www3.hp.com/t5/HP-Service-Manager-Service/SSO-Dirty-Guide/m-p/4649194/highlight/true#M43319

http://h30499.www3.hp.com/t5/HP-Service-Manager-Service/Implementation-of-SSO/m-p/6768614/highlight/true#M127625

____________________________________
Assign Kudo, if found post useful and mark it accepted if solves the issue.
Fleet Admiral Fleet Admiral
Fleet Admiral

Well, it _can_ be done, though, as piku said, it's not really secure.

 

In our environment, we use WebSEAL as the authentication that sits in front of the web server that is housing our Service Manager web layer.  We created a custom Java class and placed it in the WEB-INF\classes directory, and then modified the application-context.xml in the WEB-INF directory to use that class as part of the preauthentication filter.

 

We named the Java class 'TAMAuthenticationFilter' and it looks like:

 

import com.hp.ov.cwc.security.acegi.PreAuthenticationFilter;
import java.io.PrintStream;
import javax.servlet.http.HttpServletRequest;

public class TAMAuthenticationFilter extends PreAuthenticationFilter
{
protected String getAuthenticatedUsername(HttpServletRequest paramHttpServletRequest)
{
String str = paramHttpServletRequest.getHeader("iv-user");
str = str.toUpperCase();
return str;
}
}

 

And then we added an entry in the application-context.xml to reference that class

 

<bean id="SingleSignOn" class="TAMAuthenticationFilter">
<property name="authenticationManager">
<ref bean="authenticationManager"/>
</property>
<property name="defaultRole">
<value>ROLE_PRE</value>
</property>
</bean>

 

And then in the filterChainProxy, we added that SingleSignOn to the proxy chain

 

/**=httpSessionContextIntegrationFilter,lwSsoFilter,SingleSignOn,anonymousProcessingFilter

 

So, you'll have to do some of your own experimenting and figure out what works for you, but _how_ it works - 

 

WebSEAL authenticates the user based on their credentials at their PC and passes the username on to the Service Manager web server in a header with the attribute 'iv-user'.  The custom Java class grabs the value within that header and passes that on to the web server.  The custom bean reference passes that value on to the Service Manager application server which validates the user against the HPSM operator table and lets them into the tool.

 

Highlighted
Absent Member.. Absent Member..
Absent Member..

Thank you for your reply, Piku and Jacob.

 

I am not good at Java and web technology.


So it takes much time to read your reply and understand it.

I can catch it's not so easy way to resolv my customer's request.
(I think I get a good example by Jacob, but I can't catch it soon. sorry.)

Of cource I read some manuals Piku pickued up.

 

Regards.

0 Likes
The opinions expressed above are the personal opinions of the authors, not of Micro Focus. By using this site, you accept the Terms of Use and Rules of Participation. Certain versions of content ("Material") accessible here may contain branding from Hewlett-Packard Company (now HP Inc.) and Hewlett Packard Enterprise Company. As of September 1, 2017, the Material is now offered by Micro Focus, a separately owned and operated company. Any reference to the HP and Hewlett Packard Enterprise/HPE marks is historical in nature, and the HP and Hewlett Packard Enterprise/HPE marks are the property of their respective owners.