Tek-Tips is the largest IT community on the Internet today!

Members share and learn making Tek-Tips Forums the best source of peer-reviewed technical information on the Internet!

Register Log in
  • Congratulations Mike Lewis on being selected by the Tek-Tips community for having the most helpful posts in the forums last week. Way to Go!

Authentification WebService

Status
Not open for further replies.
nicolas46

nicolas46

Programmer
Mar 4, 2010
33
FR
Hi,

I will soon develop 10 news WebMethods in a new Livelink WebService.

I 'm trying to understand how authentification works.

My frist question is : When i call AuthenticateUser method, the password is not encrypted, does this mean that I can see my password in the soap envelop ? (using wireshark for exemple).

I don't understand how SSO authentication works...we don't have any token, how others webMethods can works without this token...?

Is there any book in the KC like "Developer's Guide for extending Livelink Workflow" but for the WebServices ?

Thanks.
 
Sort by date Sort by votes
livelink does not provide means to protect what is being relayed.if your livelink is on https traffic the whole traffic is encrypted using SSL.Old lapi has a product called Secure Conncet which also required you to be on https.

SSO also is done in livelink by putting the livelink webserver under windows authentication(if it is IIS).when a domain user logs into that server then the authenticated user is passed into livelink.This methods is called tunneling.If the method is http then the calls can be seen thru wireshark/fiddler etc.

There is also impersonation in livelink which means you call livelink using a elevated user priv,then this user can act on behalf of any valid user,this is technically impersonation,byut some products call it SSO which IMHO is not the right way to call it.

Well, if I called the wrong number, why did you answer the phone?
James Thurber, New Yorker cartoon caption, June 5, 1937
Certified OT Developer,Livelink ECM Champion 2008,Livelink ECM Champion 2010
 
Upvote 0 Downvote
Thanks ggriffit , I will take a look to this doc when I will have access to the KC (hope soon...)
 
Upvote 0 Downvote
Status
Not open for further replies.

Similar threads

mr522
  • Locked
  • Question
Purge the documents using Content Webservice/Rest API 1
Replies
3
Views
86
appnair
appnair
mr522
  • Locked
  • Question
Category Upgrade using Content Webservices
Replies
1
Views
120
appnair
appnair
nicolas46
  • Locked
  • Question
Calling a LES Webservice throw a WebSSO system
Replies
3
Views
57
appnair
appnair
moningisatish
  • Locked
  • Question
Unable to create docuemt with category in livelink using webservices
Replies
4
Views
71
appnair
appnair
LivelinkHELP
  • Locked
  • Question
Livelink Webservice Authentication
Replies
6
Views
36
LivelinkHELP
LivelinkHELP

Part and Inventory Search

Sponsor

Back
Top