Zimbra offers Open Source email server software and shared calendar for Linux and the Mac
Go Back   Zimbra :: Forums > Zimbra Collaboration Suite > Developers
Reload this Page Thirdparty app using zimbra authentication for singlesignon

Welcome to the Zimbra :: Forums!
Welcome, if you would like to post a comment please register. We also encourage you to explore all things Zimbra with our team and members of the community.

Reply
 
LinkBack Thread Tools Search this Thread Display Modes
  #1 (permalink)  
Old 11-14-2006, 03:35 AM
Starter Member
  
Posts: 2
Default Thirdparty app using zimbra authentication for singlesignon
Hi
Context: Iam trying to use the zimbra authentication mechanism for my other application.Users first enters into zimbra. From there they can acess multiple applications, through custom zimmlets. For this we decided to use the already existing ZM_AUTH_TOKEN and user id in the cookie (from sucessfull authorisation with zimbra), to check wheter user is logged in (single signon).

Gone through the /opt/zimbra/doc/soap.txt. Was sucessfully able to pass SOAP request
<SOAP-ENV:Envelope
xmlns:SOAP-ENV="http://schemas.xmlsoap.org/soap/envelope/">
<SOAP-ENV:Header/>
<SOAP-ENV:Body>
<AuthRequest xmlns="urn:zimbraAccount">
<account by="id">manoj@localhost.localdomain</account>
<password>...</password>
<virtualHost>localhost</virtualHost>
</AuthRequest>
</SOAP-ENV:Body>
</SOAP-ENV:Envelope>
and getting the following response in response.xml.

But when we try to pass ZM_AUTH_TOKEN from cookie instead of password we are running into sopa fault exceptions
<SOAP-ENV:Envelope
xmlns:SOAP-ENV="http://schemas.xmlsoap.org/soap/envelope/">
<SOAP-ENV:Header/>
<SOAP-ENV:Body>
<AuthRequest xmlns="urn:zimbraAccount">
<account by="id">manoj@localhost.localdomain</account>
<preauth> ZM_AUTH_TOKEN value from cookie</preauth>
<virtualHost>localhost</virtualHost>
</AuthRequest>
</SOAP-ENV:Body>
</SOAP-ENV:Envelope>

Is it possible to invoke some webservice to check whether the user is logged in based on ZM_AUTH_TOKEN in cookie and userid (user@localhost.localdomain). If so how do we do this.

Thanks in advance
Manoj
Attached Files
File Type: txt response.txt (1.3 KB, 114 views)
Reply With Quote
  #2 (permalink)  
Old 11-14-2006, 09:00 PM
Zimbra Employee
  
Posts: 4,792
Default
Did you look at preauth? It has some ability to check a user's auth and redirect them to a new page.
__________________
Bugzilla - Wiki - Downloads - Offline Client
Reply With Quote
  #3 (permalink)  
Old 11-14-2006, 11:08 PM
Starter Member
  
Posts: 2
Default
Hi Kevin,

Thanks for response. I have not gone through the preauth.txt , which will be doing now.

The soap fault issue is resolved. Our SOAP header in the SOAP message is not proper so we are getting the soapfault exceptions yesterday. Today we were able to sucessfully athenticate from our java programand were able to consume all webservices.

Based on your advice, we will try if preauth mechanism is suitable for our applciation.

Thanks
Manoj
Reply With Quote
Reply

« Previous Thread | Today's Posts or Week's Posts | Next Thread »

Thread Tools Search this Thread
Search this Thread:

Advanced Search
Display Modes
Linear Mode Linear Mode


Similar Threads

Product Information

Why Join?

Registering let's you ask questions, makes it easier to search, displays any files attached to posts, and notifies you about replies.

blog.zimbra.com


Home - Blog - Contact Us - Archive - Top


 

SEO by vBSEO ©2011, Crawlability, Inc.