Connect. Communicate. Collaborate. Securely.

Home » Kerio User Forums » Kerio Workspace » Link with Authentication (Passing authentication details to Workspace)
  •  
cpanderson

Messages: 46
Karma: -1
Send a private message to this user
I have an internal custom application (Ruby on Rails) that authenticates via LDAP. So does our Workspace (v1 soon to be v2) installation.

Is there a way I can pass authentication details from Rails to Workspace? Once a person logs into the Rails application I'd like to automatically authenticate them to Workspace so I can provide a link to it and the user wouldn't have to login twice.

Any help would be appreciated. I hope Kerio is working on a cool API for Workspace.
  •  
Miroslav Osladil (Kerio)

Messages: 188

Karma: 27
Send a private message to this user
Hello,
you can send a JSON-RPC request to Kerio Workspace from your application.

Please keep in mind that the login request must be sent by the client's browser (e.g. javascript xhr request) in the current browser window. If your application will store the SESSION_WORKSPACE and TOKEN_WORKSPACE cookies, you (the user) should be able then to open Kerio Workspace directly without login.

Sample request:
POST /server/data HTTP/1.1
Accept: application/json-rpc
Content-Type: application/json-rpc; charset=UTF-8
Host: workspace.company.tld:443
Content-Length: 211
Connection: close

{"jsonrpc":"2.0","id":1,"method":"Session.login","params":{"userName":"joe","password":"secret","application":{"name":"Sample application","vendor":"Sample vendor","version":"1.0"}}}


Sample response:
HTTP/1.1 200 OK
Server: Apache-Coyote/1.1
Set-Cookie: SESSION_WORKSPACE=36B798C4B9691D74D5F1E549B61323F5; Path=/; Secure
Set-Cookie: TOKEN_WORKSPACE=59b0b1ed13b4965574496185af47d829; Path=/; Secure
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Expires: Thu, 01 Jan 1970 00:00:00 GMT
Content-Type: application/json-rpc;charset=utf-8
Content-Length: 265
Date: Tue, 24 Jul 2012 08:54:28 GMT
Connection: close

{"apiVersion":1,"result":{"token":"59b0b1ed13b4965574496185af47d829","user":{"id":7,"description":"Sample user","emailAddress":"joe<_at_>company.tld","userName":"joe","dashifiedName":"joe-black","fullName":"Joe Black","type":"user"}},"success":true}


Best regards,

Miroslav Osladil
Senior Developer
Kerio Technologies

The views I express are my own and do not necessarily reflect the views of Kerio Technologies.
  •  
cpanderson

Messages: 46
Karma: -1
Send a private message to this user
Ok...I'm on the right track. My application is able to get back the SESSION_WORKSPACE and TOKEN_WORKSPACE cookies, which I'm assuming means that my request has authenticated me.

Now, how do I form a redirect, iframe or clickable link to Workspace with the cookie info? I'm in Rails/Ruby if that helps.

[Updated on: Sun, 29 July 2012 19:33]

  •  
Miroslav Osladil (Kerio)

Messages: 188

Karma: 27
Send a private message to this user
Sorry, I am not a Ruby expert but I guess there is a lot of resources how to do this. You can also use JavaScript with the document.location.href.

The redirect just must be in the same window.

Best regards,

Miroslav Osladil
Senior Developer
Kerio Technologies

The views I express are my own and do not necessarily reflect the views of Kerio Technologies.
  •  
cpanderson

Messages: 46
Karma: -1
Send a private message to this user
Yeah. Can't figure it out. There must be a cookie security issue with the domains. For example...

dev.mydomain.com = my application

workspace.mydomain.com = Kerio Workspace

When setting the cookie if I don't specify the domain the cookies are set under dev.mydomain.com.

If I do specify the domain when setting the cookie as workspace.mydomain.com those cookies don't seem to appear anywhere...at least not in Safari under Mountain Lion.

Plus, the "set-cookie" response coming from Kerio is combining 2 cookies in a single "set-cookie" field, so that's a bit confusing too.

I give up though. Thanks for your help. I hope some API stuff is on it's way...we really need to integrate Workspace into our internal application.



[Updated on: Mon, 30 July 2012 19:22]

  •  
Miroslav Osladil (Kerio)

Messages: 188

Karma: 27
Send a private message to this user
Hello,
yes, that might be the cause. This is called a cross-domain request that tries to block most web browsers if is not sent as the cross-domain request.

Any way... I am curious about the integration with Kerio Workspace.

Please, could you describe a few words about it? What the application does and should do? Is it your own application or some existing known project? Used technologies, environment, etc.

Even the current API is not officially documented and supported we are highly interested in this area. We plan to publish a data access API.

Please PM me if you do not want it publicly.

Thank you!

Miroslav Osladil
Senior Developer
Kerio Technologies

The views I express are my own and do not necessarily reflect the views of Kerio Technologies.
  •  
cpanderson

Messages: 46
Karma: -1
Send a private message to this user
We have an internal business application running on Ruby on Rails with a MySQL database. The application tracks our projects, invoicing, report workflows, and a document management system with hooks into our email server and network file system. We have over 350GB of 50,000 documents (pdfs, word, excel, images) related to our projects plus general business documents like employee information and environmental bulletins.

We have 2 Workspace installations. One for our internal intranet and an external facing one for sharing reports with our clients. We are hoping that we can move all our documents over to Workspace. Starting with general documentation and forms and then, as the API matures, all of our project files so our internal business application can access them.

I'm hoping that the API will have the abilities to

-manage Spaces and Pages
-manage File Libraries
-read and write files from File Libraries
-convert regular file/folder heirarchies into File Libraries.

Also, it struck me strange that pages and space URLs are based on a sequential page number and the name of the page. This would make it very difficult to manage these things through an API unless you could create unique aliases (tags) for them that you could easily reference and even predict.

[Updated on: Wed, 01 August 2012 18:07]

Previous Topic: Preview of file in landscape mode
Next Topic: Partial back-up to second node restore without loss of information
Goto Forum:
  


Disclaimer:
Kerio discussion forums are intended for open communication between forum members and may contain information and material posted by members which may be useful in learning about Kerio products. The discussion forums are not intended to provide technical support for any specific product. Any information implied or expressed in the discussion forums is that of the posting member. Kerio is in no way responsible for the information posted in the forums, or its accuracy. Kerio employees may participate in the discussions, but their postings do not represent an offical position of the company on any issues raised or discussed. Kerio reserves the right to monitor and maintain the forums to promote free and accurate exchange of information.

Current Time: Tue Oct 17 18:41:56 CEST 2017

Total time taken to generate the page: 0.00452 seconds
.:: Contact :: Home ::.
Powered by: FUDforum 3.0.4.