Focal Point
[SOLVED] Calling ASP application from WebFocus

This topic can be found at:
https://forums.informationbuilders.com/eve/forums/a/tpc/f/7971057331/m/6167093826

January 31, 2013, 07:33 AM
Mike in DeLand
[SOLVED] Calling ASP application from WebFocus
Hi,

We have a few web applications that were written using ASP.NET and C# (yuck). I would like to be able to place these on my dashboards and have the ASP application use the managed reporting credentials. In other words, if you run the ASP app from the dashboard after already logging into managed reporting, no problem. If you try to run the ASP app stand-alone, I want the ASP application to bomb out and tell the user he needs to be in managed reporting first. Has anyone had any experience with this kind of thing? I'm a novice at ASP, so please don't use any big words. Thanks!

This message has been edited. Last edited by: Kerry,


Webfocus 8
Windows, Linux
January 31, 2013, 07:57 AM
dhagen
How secure do you want it? IOWs, does the .Net application require full userid/password authentication, or is it an unsecured application?


"There is no limit to what you can achieve ... if you don’t care who gets the credit." Roger Abbott
January 31, 2013, 08:13 AM
Mike in DeLand
Hi Dan,

Right now the ASP applications use the windows credentials, but we would like to have it so that they could use the webfocus credentials instead. The apps are secure in that you have to be in a certain windows group to be able to use them. I would like to change that to use the managed reporting security (the user id and password that they use to log into the dashboard).


Webfocus 8
Windows, Linux
February 15, 2013, 07:13 PM
dhagen
Sorry Mike, I forgot that I responded to this one.

This can get very tricky very quickly. Since your ASP apps use AD groups, you probably do not want to mess with that. If you want to create the illusion that they have to authenticate through MRE, then this is what you could do:

- Change ASP apps to allow SSO, therefore the user's would not be prompted for user/pass and they would be allowed in so long as they have been granted access to that application.
- In WF, when a request is made to the ASP applications, write a record to a centrally located database with the user id, their WF user id, and the current time stamp before the request is forwarded to the ASP app.
- In the ASP apps, change them to query the central database for the WF user id and time stamp based on their AD id.
- If the user does not exist yet, or the latest time stamp is > 3 seconds old, then kick them out.

It is kind of a rip-off of a poor man multi-factor authentication, but it would get the job done without breaking a sweat.

There are other methods I can think of, but they would require a lot more work.


"There is no limit to what you can achieve ... if you don’t care who gets the credit." Roger Abbott
February 19, 2013, 01:49 PM
Mike in DeLand
Thanks for the tip, Dan!


Webfocus 8
Windows, Linux