Subscribe to feed

 

How to Test the Custom Authentication SDK Example

This tutorial first explains how to build a custom authentication site, then how to build a custom authentication module, and finally how to test the resulting custom web player authentication.

Overview

Properly set up two SDK projects together implement a fully functional web player custom authentication mechanism. The step-by-step instructions detail the required procedures. To work out-of-the-box, default values are used for the custom authentication site and the Web Player server installation path.

Background Information

• Implementing Web Player Custom Authentication
  The Web Player Custom Authentication framework enables the development of a different authentication mechanism than the ones available out-of-the-box.
• How to Implement Custom Authentication
  Web Player custom authentication is implemented in two steps. First the custom authenticator is created, then it is enabled in the Web Player configuration.

Prerequisites

• Spotfire SDK\Examples\Extensions\
  + SpotfireWebDeveloper.CustomWebAuthenticationSiteExample
  + SpotfireWebDeveloper.CustomWebAuthenticationExample
• Access to a running Web Player server.
  It is recommended to run the Web Player server and the custom authentication site on the same machine.
• Basic knowledge of Spotfire Server and Web Player server impersonation is presumed.

Building the custom authentication site

1. Open the SpotfireWebDeveloper.CustomWebAuthenticationSiteExample project in Visual Studio®. If a prompt is displayed asking if a virtual directory in IIS should be created, click Yes.

   Troubleshooting

   If no virtual directory has been created and no prompt was displayed, do it manually: Open the project properties page for the project and select the Web page. Make sure the Use IIS Web server option is selected and then press the Create Virtual Directory button.

   Configuring option

   The default URL /SpotfireWebDeveloper.CustomWebAuthenticationSiteExample of the custom authentication site can be changed if the associated change is made to the web.config file of the Web Player server: If the custom authentication site is changed from /SpotfireWebDeveloper.CustomWebAuthenticationSiteExample to /login, add the following element to the <appSettings> section:

   <add key="SpotfireWebDeveloper.CustomWebAuthenticationSite.AccessService" 
        value="http://localhost/login/AccessService.asmx"/>

2. Open the web.config file of the SpotfireWebDeveloper.CustomWebAuthenticationSiteExample project and locate the following line:

   <add key="WebPlayerURL" value="http://WebPlayerServer/SpotfireWeb"/>

   Replace WebPlayerServer with localhost, or, if the Web Player server and this custom authentication site run on different machines, replace it by the name of the Web Player server.
3. Build the solution.
   There should be no errors or warnings.
4. Open /SpotfireWebDeveloper.CustomWebAuthenticationSiteExample in a browser.
   Result: A web page with two input fields and a button is displayed.

   Troubleshooting

   If an error is displayed, make sure that the Default.aspx document type is in the default document type list for this web application. Otherwise, add it manually from the Microsoft® Management Console for Internet Information Services. Also make sure that anonymous access for this web application is enabled.

Building the custom authentication module

1. Open the SpotfireWebDeveloper.CustomWebAuthenticationExample project in Visual Studio®.
2. Verify that the assembly references in the project correctly target the assemblies in the Binaries folder of the SDK.
3. Build the solution.
   There should be no errors or warnings.
4. Copy the SpotfireWebDeveloper.CustomWebAuthenticationExample.dll assembly build to the bin subfolder of the Web Player root.

Testing the custom web authentication

Open the Web Player's web.config file and make the following adjustments:

1. Set the authentication mode to none and comment out the following element:

   <deny users="?" />

   Anonymous access to the Web Player server is now permitted.
2. Add the following element as a child to the setup/authentication element:

   <customAuthenticator type="SpotfireWebDeveloper.CustomWebAuthenticationExample.CustomWebAuthenticator, SpotfireWebDeveloper.CustomWebAuthenticationExample" />

3. Add an impersonation user to handle the actual authentication between the Web Player server and the Analytics Server.
4. Verify that the Analytics Server has enabled impersonation.
5. Verify that IIS is set up to allow for anonymous access to the Web Player server.
6. Open a web browser and go to the URL of the Web Player server, for instance /spotfireweb.
   An error message appears stating that the user is not authenticated.

At this point the custom authentication mechanism comes into play. The following schematic image explains how the custom authentication example projects relate to each other in a runtime sequence:

Referring to the step numbers in the graphic, trigger the custom authentication mechanism:

1. Go to the URL of the custom authentication site.
   In the Name field, enter the name of a known user.
   In the Password field, enter some random combination of valid password characters.
   Press the Sign In button.
2. The custom authentication site first appends a cookie containing a ticket to the current session, and then directs the call to the Web Player server. The custom authentication site contains a mapping from the ticket to the known user name.
3. The custom authentication module that was added to the Web Player application retrieves the ticket. It then makes a web service call back to the custom authentication, site supplying the ticket as argument. The return value is the authenticated user name.
4. Using the impersonation user and user name returned by the web service method call, an authentication is attempted with the Analytics Server.
5. If the authentication is successful the library view of the Web Player is shown.
   If the authentication fails an error message is presented.