Authentication methods for integration

Discussions on integrating Dynamic AI content in other applications, web-sites, intranet portals, sharepoint etc.

Moderators: Bob Cergol, Data Access, Cintac

Authentication methods for integration

Postby admin » Fri Jan 30, 2009 12:47 pm

When Integrating Dynamic AI Server or Enterprise Edition content into another browser based system, the Dynamic AI Server will still require user login credentials in order to authenticate the request.

There are currently 3 ways to do authenticate:

    Embedding login credentials in an URL
    Embedding login credentials in a form posting
    Creating a authentication token that is digitally signed with a trusted certificate (This method requires a third party component. It is described below. -For details, please get in touch with your vendor.)



The Url method
Lets look at a simple direct call to a report:
(you can see these in the report documentation for each report you have)
Image

Code: Select all
http://DynamicAIServer/aidemo/ai.asp?UID=administrator&PW=secret&DAI_R=1001


The DAI_R parameter indicates the report ID, the UID is the User ID and PW is the password.
This will be sent in clear text, unless you encrupt the connection using SSL.

Other parameters (filters, device type, behaviour, styling etc.) can be found here: http://support.dynamicai.com/forum/viewtopic.php?t=122

The Form post method
All of these parameters can be ues in the url directly, or placed in a (hidden) form on a web page such as:
Code: Select all
<HTML>
<BODY onload='BB.submit();'>
<FORM NAME=BB METHOD=POST ACTION="http://DynamicAIServer/aidemo/ai.asp">
<INPUT TYPE=HIDDEN NAME="UID" VALUE="administrator">
<INPUT TYPE=HIDDEN NAME="PW" VALUE="secret">
</FORM>
</BODY>
</HTML>

The form data can also be encrypted by using a SSL certificate on the Dynamic AI Server.

The Secure Token method
This method relies on an external mechanism for authentication (XMA) being in place. This could be a Windows Active Directory, LDAP or any other authentication mechanism. The XMA is responisble for authenticating the user, and for generating a time stamped ticket. The ticket consists of user ID and report ID, and optionally Dynamic AI alias information, and is digitally signed and encrypted using the private key of the XMA.

The Dynamic AI Server, is configured to trust the XMA and will decrypt and authenticate tickets using the public key of the XMA. If the timestamp of the request is within limits, the request is processed - otherwise it is denied.

*)This method requires a third party component. To get more information, please contact your vendor.
User avatar
admin
Certified Dynamic AI Professional
 
Posts: 177
Joined: Thu Jan 01, 1970 1:00 am
Location: Copenhagen, Denmark

Return to Integration

cron