cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
Showing results for 
Search instead for 
Did you mean: 

Community Tip - When posting, your subject should be specific and summarize your question. Here are some additional tips on asking a great question. X

Thingworx proper login system

xotzHelper
11-Garnet

Thingworx proper login system

Hi!! i have the authetication extension and i can use a external page to authenticate a user. But this still as it's flaws, for example: if the password or username are incorrects the page will be redirected to a formlogin.

 

I want to go further, i want to create a actual login system inside thingworx, is it possible ? what do i have to do ?

 

 

Thank you.

9 REPLIES 9
PaiChung
22-Sapphire I
(To:xotzHelper)

OOTB Thingworx provides the FormLogin (Organization approach)

Outside of that you can use the SSO approach that works with your IDM system

@PaiChung , thank you for the response, can you please elaborate ?

@PaiChung thank you for the response, but i already try with this and the issue challenge is never called. So what i intend to do is alter the actual thingworx itself. is it possible ?

PaiChung
22-Sapphire I
(To:xotzHelper)

Not recommended and also not upgrade proof.

However you could consider customizing the actual FormLogin mashup that is created based on the Organization.

However it is hard to imagine the SSO route not working because you should be able to do a full custom login/portal setup with that.

Can you check what i did worng please ? thank you. @PaiChung 

 

package com.thingworx.extension;

import java.io.IOException;

import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;

import org.joda.time.DateTime;

import com.thingworx.entities.utils.EntityUtilities;
import com.thingworx.logging.LogUtilities;
import com.thingworx.relationships.RelationshipTypes.ThingworxRelationshipTypes;
import com.thingworx.security.authentication.AuthenticationUtilities;
import com.thingworx.security.authentication.AuthenticatorException;
import com.thingworx.security.authentication.CustomAuthenticator;
import com.thingworx.things.Thing;
import com.thingworx.types.primitives.DatetimePrimitive;
import com.thingworx.types.primitives.StringPrimitive;


import org.slf4j.Logger;

public class CustomizedAuthenticator extends CustomAuthenticator {
	private static final long serialVersionUID = 1L;
	static Logger _securityLogger = LogUtilities.getInstance().getSecurityLogger(CustomizedAuthenticator.class);
	String username = null;
	String password = null; 

	public CustomizedAuthenticator() {
		// TODO Auto-generated constructor stub
	}

	@Override
	public void authenticate(HttpServletRequest request, HttpServletResponse response) throws AuthenticatorException {
		username = request.getHeader("thingworx-form-userid");
		password = request.getHeader("thingworx-form-password");

		if (username.isEmpty() || password.isEmpty())
			throw new AuthenticatorException("User login info is empty and not sufficient");

		try {
			// This section logs the latest login time and login user to a thing called
			// Subscribing to these properties via DataChange event will allow this
			// information to be stored
			Thing LoginHelper = (Thing) EntityUtilities.findEntity("AuthenticationStamper", ThingworxRelationshipTypes.Thing);
			LoginHelper.setPropertyValue("LatestLoginUser", new StringPrimitive(username));
			LoginHelper.setPropertyValue("LatestLoginTime", new DatetimePrimitive(DateTime.now()));

			_securityLogger.info("Registered Login Attempt at " +DateTime.now() + " by " + username);
			// Checks that user exists and validates credentials through all configured
			// DirectoryServices
			// (one is the internal directory of ThingWorx users, one could be LDAP if
			// configured);
			// throws exception if can't validate
			AuthenticationUtilities.validateCredentials(username, password);
			// REQUIRED: tells rest of ThingWorx which user is logged in for purposes of
			// permissions, etc.
			this.setCredentials(username);
			_securityLogger.info("Custom authentication was completed");
		} catch (Exception ex) {
			setRequiresChallenge(true);
			_securityLogger.error("An error ocurred. " + ex.getMessage());
		}
	}

	@Override
	public void issueAuthenticationChallenge(HttpServletRequest httpRequest, HttpServletResponse httpResponse) throws AuthenticatorException {
	_securityLogger.info("Customized Authentication Called issueAuthenticationChallenge");
	
	String urlString= "http://localhost/";
	try{
		httpResponse.sendRedirect(urlString);
       }
       catch(IOException e)
       {
        e.printStackTrace();
       }
	}
	@Override
	public boolean matchesAuthRequest(HttpServletRequest httpRequest) throws AuthenticatorException {
		String requestURI = httpRequest.getRequestURI();
		if(requestURI.equals("/Thingworx/action-login")) {
			_securityLogger.info("ActionLogin/CustomLogin was utilized for the submission of credentials");
			username = httpRequest.getParameter("thingworx-form-userid");
            password = httpRequest.getParameter("thingworx-form-password");
            _securityLogger.info("Customized Authentication Will Handle This Request For: " + username);
        } else {
        	_securityLogger.warn("This authenticator can not handle the request, challenge is required"); 
            setRequiresChallenge(true);  
		}
	return true;
	}
}

 

PaiChung
22-Sapphire I
(To:xotzHelper)

I'm very sorry but I am not a developer familiar with the auth/sso coding

slangley
23-Emerald II
(To:xotzHelper)

Hi @xotzHelper.

 

Here are a couple of links that might be helpful:

 

Login Authenticators

Create an Authentication Extension

 

If you still have questions after reviewing this information, please let us know.

 

Regards.

 

--Sharon

slangley
23-Emerald II
(To:slangley)

Hi @xotzHelper.

 

If one of the previous responses answered your question, please mark the appropriate one as the Accepted Solution for the benefit of others with the same question.

 

Regards.

 

--Sharon

Announcements


Top Tags