Can anyone please tell me how to configure datacontrol to access secured webservice ??
In my application I am doing the following steps,
1) Generating datacontrols directly by using secured webserive wsdl.
2) Dragged method(getEmployee(Object)) from datacontrol and dropped it in a UI(MethodExecution.amx).
3) Created another page(LoginPage.amx) for entering username and password.
4) When user enters detail in LoginPage.amx and click submit. These details needs to be injected into webservice request to invoke "Secured webservice" method(getEmployee(Object)) in "MethodExecution.amx".
I searched in Google and got only one link related to this, a link by andrejus "http://andrejusb.blogspot.be/2012/11/adf-mobile-secured-web-service-access.html", however from this example I am not understanding how they are injecting username/password into webservice request, What is the use of using adfCredentialstore??, Why do we need to use security policies??
Can anyone please tell me how can i implement this functionality(Invoking secured webservice method) in my mobile application.
There is a step by step video with the process here: https://blogs.oracle.com/shay/entry/accessing_secure_web_services_from
Note that the demo uses a "remote" login server, and you are describing a local login.
Related
When trying to add the Kinetise Service from the Bluemix Catalog, a pop-up appears saying:
Service broker error: {"description"=>"Error 500 received from broker url https://bluemix.marketplace.ibmcloud.com/api/custom/cloudfoundry/v2/service_instances/6b04405f-96d7-413a-91f2-92f036fc0bf7"}
I haven't found any pb recorded on the Bluemix Status page.
I'm currently on US-South.
This problem depends most likely by some issues in responding at the broker side.
Could you please open a ticket at Bluemix support using one of the following methods:
Use the Support Widget. It is available from the user avatar in the
upper right corner of the main Bluemix UI. After opening the support
widget panel, select Get Help > Get In Touch, select the type of
assistance you need, and then fill out the support form.
Use the Support Site 'Get Help' form. This form is available on a
separate site that is made available for ticket submission when you
cannot log into Bluemix and access the Support Widget. Go to
http://ibm.biz/bluemixsupport and fill in the support request form.
This is a known issue and is being worked out by the Kinetise team. Will update you as soon the service becomes available.
Http Form adapter serves as an authentication service in my application. I have not implemented any application on the Identity Provider to get user inputs.
Therefore, on successful authentication, SP verifies the user's signature and redirects to the application. At my target Resource, I receive an open token. Is it still possible to utilize the open Token Jar to read the user attributes from OTK?
**Note: ** In Service Provider, I use open token Adapter.
Also, please let me know if there is any other possible way of getting the user attributes other than using the open token adapter/http form adapter.
Thanks.
There are numerous SP Adapters you can choose to use for your last mile integration with your application. The OpenToken Adapter is just one of them. If your application is in Java and you are using the SP OpenToken Adapter, then you would most likely use the Java OpenToken Agent implementation within your application to read the OTK (documented in the Java Integration Kit). If you look at the Add Ons list, there are actually 3 flavors of OTK Agents (.NET, Java and PHP from PingID. Ruby on Rails and Perl are available via respective Open Source repositories).
However, you are not limited to OpenToken Adapters. The Agentless Integration Kit is also very popular for SP/last-mile integration with PingFederate.
Unfortunately, the question is just too open ended for the Stackoverflow format. I would suggest talking to your Ping Identity Solution Architect who can help steer you in the right direction and ask the necessary follow-up questions on your use case.
If understand the question correctly, you desire attributes to be fulfilled that the web application can read and utilize. This starts with the SP Connection configuration. I am going to assume you are using Active Directory and already configured that data source along with the Password Credential Validator (PCV) for the HTML Form IdP Adapter. In the SP Connection you will need to extend the attribute contract to define the values to put into the SAML assertion and then use the Active Directory data source to fulfill the attributes. When the SAML assertion is received by the PingFederate SP role server, the SP Adapter maps the attribute values from the SAML assertion into the OpenToken. When your application receives the OpenToken, it can read the values.
When user clicks "Share on Twitter" button on my site, I'd like to prepopulate that tweet with an image (let's assume that image is served from my server).
It would be great if I could do it with Twitter's web intent, but that's apparently not possible: https://twittercommunity.com/t/tweet-intent-with-image/18740
It seems like I could use Twitter's POST media/upload API, but in that case I would have to implement 3-legged oAuth authorization? It also seems that is not possible to do it directly from the client (due to CORS issues and I'd have to expose my app's secret key in JavaScript code).
So I guess for this to work I'd need to have some server as middleman between the client running my API and Twitter's oAuth provider?
Is there any service that you could recommend that takes care of it - I found about oAuth.io, I guess they act as a described middleman?
The third possible approach I found would be via Twitter Cards. Is it possible to make it work since I dynamically generate the content via AJAX calls?
This lit a beam of hope in me, but I'm not totally sure what it means yet: https://twittercommunity.com/t/crawler-ajax-escaped-fragment-support/16129
My actual situation: I'm developing an Angular app that displays Highcharts charts and I'd like my users to be able to share their screenshots.
My current high-level idea is: Highcharts' export feature sends request to their server to generate the image, it creates an image and serves it there for 30 seconds - and I'm given it's link in a callback on client.
Now I can store that image somewhere else (my or Twitter's server?) and then we come to the problem described above.
I'd be grateful on any advice how to do this in a most elegant way that would also be as frictionless as possible for the users. (e.g. oAuth requires that they authorize the app to post on their behalf)
From my salesforce application, I need to connect to quickbook api and create vendors by a batch job.
For this Do I need to add whole Oauth process (add 'Connect to quickbooks' button and there will be a auth page, which when successfull will redirect me to the application).
Or there are other ways in which I can do this.
Can I use connection ticket. If yes, the how ?
Reall stuck here. Any help is appreciated.
Thanks,
You can have a look at IPP's docs. - https://developer.intuit.com/docs/0025_quickbooksapi
The only way to make a call to QBO endpoints is through 3-legged OAuth (using consumerKey, consumerSecret, accessKey and accessSecret). If you have desktop application then you need to have a web component/embedded browser for the first time users. Once you have the end-user tokens, you can store and reuse those for all future API calls.
If you create an app in appcenter, you'll get consumerKey and consumerSecret.
https://developer.intuit.com/Application/Create/IA
Using the above two tokens, you can generate accessToken and accessSecret using the OAuthPlayground.
https://appcenter.intuit.com/Playground/OAuth/IA
Devkit Download link - https://developer.intuit.com/docs/0025_quickbooksapi/0055_devkits
You need to plugin the above 4 tokens with java devkit code to make any QBO V3 REST call.
https://developer.intuit.com/docs/0025_quickbooksapi/0055_devkits/0201_ipp_java_devkit_3.0/0001_synchronous_calls/0001_data_service_apis
Re - Can I use connection ticket. If yes, the how ?
No, OAuth is the only process here.
Vendor API doc - https://developer.intuit.com/docs/0025_quickbooksapi/0050_data_services/030_entity_services_reference/vendor
Hope it will be useful.
Thanks
I am attempting to scrape data from one of my University's websites, which uses Shibboleth as a form of authentication/protection. However, I am having difficulty determining the best way to get past it and to the page I wish to scrape. I have valid credentials, which I could use to log in with. Does anyone have any suggestions for how to accomplish this task?
I have been working on scripting Shibbolized login with success ( in my case, to monitor the health of both the Shibboleth IdP and the applications it protects).
I am using Python's urllib module and their classes to handle the redirect following and cookie passing (for Shibboleth) and login form posting. After a little bit of tinkering urllib gets you most of the way to success with Shibbolized login. You could use this approach to handle the initial login to the Shibbolized website and then handle the scraping with a straight forward use of Python's urllib.
Example Python script for logging into Shibboleth
You could use Mechanize to submit forms and login to the website: http://wwwsearch.sourceforge.net/mechanize/
I believe that ECP profile was design to access Shibboleth protected resources by non-browser client (i.e. command line)
Try one of sample clients available on Shibboleth wiki page I linked above
You can also try Apache JMeter, just record your actions, make some scripting (well it is not so easy in terms of shibboleth), and you can access this pages automatically.
[Edit - better solution]
I believe that on Shibboleth Documentation pages are scripts for Grinder (another load testing tool). This test plans where in fact Python (ok Jython) scripts which should be quite easily modified and used for your purposes
Very late reply, but you could use Facebook Webdriver to do a login and scrape after you're authenticated.