logo
Welcome Guest! To enable all features please Login or Register.

Notification

Icon
Error

Options
Go to last post Go to first unread
RamKumar  
#1 Posted : Tuesday, June 5, 2018 10:46:59 AM(UTC)
RamKumar

Rank: Newbie

Groups: Registered
Joined: 5/31/2018(UTC)
Posts: 1
India
Location: Hyderabad

We are using following code in our web application to authenticate user which will also be authenticated in seal report.We are using "Basic Authentication" as security provider in SR designer tool.

var sealServer = "http://192.168.10.54/seal/";//SR report url which we got after publishing it on IIS.
$.post(sealServer+"SWILogin", {
user: "name", // The user name
password: "password" // The password
})
.done(function (data) {
if (!data.error) { / Do your job here / }
})

When we execute above code this execute automatically as
1. "GET" request and we get "302 status code"

2. "POST" request and we get "302 status code"

3. "GET" request and we get "302 status code"

4. "GET" request and we get "302 status code"

5. "GET" request and we get "404 status code"

and http://..../seal/(X(1)S(e31pvpzum4d30t3cohrsb3aq))/SWILogin?AspxAutoDetectCookieSupport=1 404 (Not Found) error comes

How can I login using "SWILogin" API.
We solve above issues using webconfig file.(editing file and set:<sessionState mode="InProc" cookieless="false" timeout="20" />)
It executes "SWILogin" API and gets correct response but after that we execute "SWIExecuteReport" which goes to LoginPage of SR tool.

I don't need double authentication process(1st Authentication done by WebApplication and again same user has to be verified in SR tool).
Hence,I want to drop the login page of SR tool while I follow the flow of WebApplication.

Edited by user Tuesday, June 5, 2018 11:02:23 AM(UTC)  | Reason: Not specified

epf  
#2 Posted : Tuesday, June 5, 2018 11:01:29 AM(UTC)
epf

Rank: Administration

Groups: Administrators
Joined: 12/20/2013(UTC)
Posts: 533
Switzerland

Thanks: 7 times
Was thanked: 72 time(s) in 70 post(s)
After your post, if the result is successful, you should go
http://192.168.10.54/seal/ by JavaScript and hopefully you are logged

However, I don't know if the Login screen will be prompted (to be checked)...

It looks like your IIS does not allow Cookies, I don't know if it is a problem...

RamKumar  
#3 Posted : Tuesday, June 5, 2018 12:25:47 PM(UTC)
RamKumar

Rank: Newbie

Groups: Registered
Joined: 5/31/2018(UTC)
Posts: 1
India
Location: Hyderabad

Thanks for your quick reply.
But when we unable the cookies we get a successfull response otherwise
1. "GET" request and we get "302 status code"

2. "POST" request and we get "302 status code"

3. "GET" request and we get "302 status code"

4. "GET" request and we get "302 status code"

5. "GET" request and we get "404 status code"

and http://..../seal/(X(1)S(e31pvpzum4d30t3cohrsb3aq))/SWILogin?AspxAutoDetectCookieSupport=1 404 (Not Found) error comes


The issue is still not resolved.
We have done the below step to allow cookies from IIS.
(In IIS->Feature Views->Session State we have allow Cookies in IIS.)

epf  
#4 Posted : Tuesday, June 5, 2018 12:59:58 PM(UTC)
epf

Rank: Administration

Groups: Administrators
Joined: 12/20/2013(UTC)
Posts: 533
Switzerland

Thanks: 7 times
Was thanked: 72 time(s) in 70 post(s)
It looks like a side effect when Cookies are disabled...
Difficult to fix this without the debugger/and perhaps some code changes...
Sorry, but we have no experience for this scenario
epf  
#5 Posted : Wednesday, June 6, 2018 6:39:42 AM(UTC)
epf

Rank: Administration

Groups: Administrators
Joined: 12/20/2013(UTC)
Posts: 533
Switzerland

Thanks: 7 times
Was thanked: 72 time(s) in 70 post(s)
I made a check on the code and it looks like the Web Report Server forces a re-connection with an empty user/password...
This fix can be made in HomeControllerSWI.cs line 29:

Code:
if (WebUser == null || !WebUser.IsAuthenticated || (!string.IsNullOrEmpty(user) && WebUser.WebUserName != user))


With this fix, I am enable login through http://localhost:17178/seal/WebInterfaceSamples.html,
then when I go to http://localhost:17178/seal, I am still logged.

This will be included in the next release, otherwise, just recompile the Web Report Server.
RamKumar  
#6 Posted : Thursday, June 7, 2018 12:38:26 PM(UTC)
RamKumar

Rank: Newbie

Groups: Registered
Joined: 5/31/2018(UTC)
Posts: 1
India
Location: Hyderabad

We have resolved above issue using following code.





Can we have encrypted and decrypted login credentials ?
RamKumar  
#7 Posted : Thursday, June 7, 2018 12:42:30 PM(UTC)
RamKumar

Rank: Newbie

Groups: Registered
Joined: 5/31/2018(UTC)
Posts: 1
India
Location: Hyderabad

We have resolved above issue using following code.


loadReport() {
if (this.cntr == 0) {
this.cntr = 1;
} else {
var sealServer = "http://......./seal/";
var self = this;
var form1 = $('<form method="post" target="Companyiframe" />');
form1.attr('action', sealServer + "SWExecuteReport");
form1.append($('<input />').attr('type', 'hidden').attr('name', 'path').attr('value', "\\" + self.ReportName.title + ".srex"));
form1.children('input').attr('type', 'hidden');
$('body').append(form1);

form1.submit();
}
}
myFunction() {
this.name = 'TestView';
var self = this;
var sealServer = "http://...../seal/";



var form = $('<form method="post" target="loginresponse" />');
form.attr('action', sealServer + "SWILogin");
form.append($('<input />').attr('type', 'hidden').attr('name', 'user').attr('value', "SealUser"));
form.append($('<input />').attr('type', 'hidden').attr('name', 'password').attr('value', "Seal@2018"));
form.children('input').attr('type', 'hidden');
$('body').append(form);

form.submit();




}
<div class="content-wrapper">
<h3 align="center" style="font-size:20px;font-weight:600;">{{headTitle}}</h3>
<div class="container">
<iframe name="Companyiframe" id="Companyiframe" style="width:100%; height: 600px;" align="middle" scrolling="yes" frameBorder="0"></iframe>
<iframe name="loginresponse" (load)="loadReport();" style="width:100%; height: 600px;display:none" align="middle" scrolling="yes" frameBorder="0"></iframe>
</div>
</div>

Here we are passing user credentials in plain text in web application, but we need it in encrypted text.
Can you please provide solution for how to decrypt it in SR tool.
epf  
#8 Posted : Friday, June 8, 2018 6:14:47 AM(UTC)
epf

Rank: Administration

Groups: Administrators
Joined: 12/20/2013(UTC)
Posts: 533
Switzerland

Thanks: 7 times
Was thanked: 72 time(s) in 70 post(s)
Actually there is no encryption mechanism for this in SR...
I would say that if you login from your browser, you have to pass a user/password, but I do not think you can encrypt them from the Browser side...
From where comes your user name/password ?
If you web server provides encrypted user name/password, you should be able to decrypt them in the Custom Security script of your provider.
I would more recommend to build up and to pass a token which can last 1 min.
Then in the custom script, just decode it.

There a a lot of C# stuff to do this (check System.Security.Cryptography), just include the good librairies at the be beginning (@using)
Code:

@using Seal.Model
@using Seal.Helpers
@{
    SecurityUser user = Model;
	//Basic authentication script: use the user name and password to authenticate the user and set his name and security groups...
	//user.WebUserName -> user name from the login screen
	//user.WebPassword -> password from the login screen
        var myDecryptedPassword = /* Decrypt your password here */
...
}


Note that you may reference your own Assemblies by adding your *.dll in the Repository folder: Assemblies.


Did you consider login directly from your Web Server (check source code in the TestSealWebInterface.cs) ?
Code:
            response = await httpClient.PostAsJsonAsync(serverURL + "SWILogin", new { user = "", password = "" });
            var profile = await response.Content.ReadAsAsync<SWIUserProfileResponse>();
            Assert.IsTrue(string.IsNullOrEmpty(profile.error));
            Assert.IsTrue(!string.IsNullOrEmpty(profile.group));


RamKumar  
#9 Posted : Monday, June 11, 2018 6:42:56 AM(UTC)
RamKumar

Rank: Newbie

Groups: Registered
Joined: 5/31/2018(UTC)
Posts: 1
India
Location: Hyderabad

Thank you for the solution...



I want to pass one ID(not to be use for login purpose) from web portal to SR for data level filtering so how can i pass it from web portal and accept it in SR for Query.
epf  
#10 Posted : Monday, June 11, 2018 9:34:26 AM(UTC)
epf

Rank: Administration

Groups: Administrators
Joined: 12/20/2013(UTC)
Posts: 533
Switzerland

Thanks: 7 times
Was thanked: 72 time(s) in 70 post(s)
SR will take only user name/password.
You can change the source code to handle more fields...
However in the user name, you can pass an id, that will allow to query a table in your database to define your restrictions...etc.


RamKumar  
#11 Posted : Monday, June 11, 2018 12:49:43 PM(UTC)
RamKumar

Rank: Newbie

Groups: Registered
Joined: 5/31/2018(UTC)
Posts: 1
India
Location: Hyderabad

Originally Posted by: epf Go to Quoted Post
SR will take only user name/password.
You can change the source code to handle more fields...
However in the user name, you can pass an id, that will allow to query a table in your database to define your restrictions...etc.







we are not using source code , want to pass one ID when "SWExecuteReport" method execute and accept in SR for filtering data ,so please give me solution how i pass and accpt in SR

i am trying with below code but how can i access in SR

form.attr('action', sealServer + "SWExecuteReportToResult");
form.append($('<input />').attr('name', 'r0_name').attr('value', "Quantity"));
form.append($('<input />').attr('name', 'r0_operator').attr('value', "Between"));
form.append($('<input />').attr('name', 'r0_value_1').attr('value', "34"));
form.append($('<input />').attr('name', 'r0_value_2').attr('value', "123"));

Edited by user Monday, June 11, 2018 1:02:39 PM(UTC)  | Reason: Not specified

epf  
#12 Posted : Monday, June 11, 2018 2:39:13 PM(UTC)
epf

Rank: Administration

Groups: Administrators
Joined: 12/20/2013(UTC)
Posts: 533
Switzerland

Thanks: 7 times
Was thanked: 72 time(s) in 70 post(s)
Did you consider this:
Create a dedicated restriction in your model, set it as Prompted and as Parameter (like sample '51-User Input')
Then you can pass the value for this restriction at run-time, then use it in a Task script to modify the SQL of your model...
Users browsing this topic
Forum Jump  
You cannot post new topics in this forum.
You cannot reply to topics in this forum.
You cannot delete your posts in this forum.
You cannot edit your posts in this forum.
You cannot create polls in this forum.
You cannot vote in polls in this forum.