• State Verified Answer
  • Locked Locked
  • Replies 9 replies
  • Subscribers 94 subscribers
  • Views 9212 views
  • Users 0 members are here
Options
Related
This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

Web session parameters

Ingvar.Johansson
over 7 years ago

Hi.

A partner is implementing 1IM and they struggle with a use case where they need to determine the authentication method used in the 1IM web portal. The user must be authenticated using a smartcard certificate in order to be allowed certain actions in the 1IM web.

Below is some information from the partner:

"Customer is using http://www.avaintec.com/' s CryptoSign software that uses probably PKCS11 standard. 

We need to request information about users login thru HTTP session. Web session should somehow tell us parameters from that CryptoSign software. i.e. there are some other software are doing that thru PKCS11.

We haven’t been able to get any information about this and this is still open. Do you have any technical resources in your organization that might have any understanding how PKI and IT-shop session parameters work?"

 

Anyone who knows if we can parse web session parameters into 1IM?

 

Kind regards,

Ingvar 

  • +1 over 7 years ago
    Hi Ingvar,

    The 1IM web application uses ASP.NET session state, so you can easily read and write session parameters using scripts or Webdesigner-embedded code.
    msdn.microsoft.com/.../03sekbw5.aspx

    Since session state lives on the server, the question is: Is information about the client certificate available on the server? If so, how can it be accessed?

    HTH

    Hanno Bunjes
  • 0 over 7 years ago
    Thanks Hanno. Well I don't really know, but I will pass the information to our partner and hopefully it will help them to move forward a bit.

    cheers,
    Ingvar
  • 0 over 7 years ago
    Got some more info from the partner after sending the above info:

    "
    Actually the problem is how to read server variables Because HTTP header is part of that.
    I have tried several ways like examples below but what I get Is this error:
    Object reference not set to an instance of an object.

    Error comes already in this phase:
    Dim Request As System.Web.HttpRequest = System.Web.HttpContext.Current.Request

    Trying to get one item:
    System.Web.HttpContext HttpContext.User.Identity.AuthenticationType
    OR
    Trying to get entire collection:
    coll=Request.ServerVariables
    "
    Any idea on how to help?

    kind regards,
    Ingvar
  • 0 over 7 years ago
    We'd need the complete stack trace of the exception.
  • 0 over 7 years ago
    this An unhandled exception occurred while handing a node.
    at VI.WebDesigner.Editor.FormPreview.Preview.CompileAndRenderFormInternal(ConnectionInfo conn, Boolean displayLoginContext)
    at VI.WebDesigner.Editor.Model.PreviewEnvironment.CreateNewUserSession(ConnectionInfo conn)
    at VI.WebDesigner.Runtime.UserSession.InitializeDbConnection(Boolean isFromSingleSignOn, ConnectData connect)
    at VI.WebDesigner.Action.ActionBase.Execute(ActionExecutor executor)
    at VI.WebDesigner.Action.ActionSequence.ExecuteInternal(ActionExecutor executor)
    at VI.WebDesigner.Action.ActionBase.Execute(ActionExecutor executor) [810222] Error executing script 'Get_ITSHOP_HTTPHeader'.
    at VI.WebDesigner.Action.ActionBase.Execute(ActionExecutor executor)
    at VI.WebDesigner.Action.UpdateDefinition.ExecuteInternal(ActionExecutor executor)
    at VI.WebDesigner.Action.UpdateDefinition.SetValue(ActionExecutor executor, IDataRow setValueRow, IDocumentColumn col, DataExpression expr)
    at VI.WebDesigner.Expression.DataExpression.EvaluateSingleRow(ActionExecutor executor, RowPointer row)
    at VI.WebDesigner.Expression.BoundDataExpression.EvaluateSingleRow(ActionExecutor executor, RowPointerStack rowP)
    at VI.WebDesigner.Expression.DataExpression.EvaluateSingleRow(ActionExecutor executor, RowPointerStack rowStack)
    at VI.WebDesigner.Expression.UnaryNode.Eval(ActionExecutor executor, RowPointerStack row)
    at VI.WebDesigner.Expression.Function.DbScriptFunction.EvalFunction(ActionExecutor executor, RowPointerStack row, Object[] argumentValues)
    at VI.DB.Scripting.ScriptInstance.Eval(String key, Object[] parameters) Object reference not set to an instance of an object.
    at DynScripts.Scripts_675EC79186A44F1EB988B34A89D1560B.Get_ITSHOP_HTTPHeader()
  • 0 over 7 years ago
    Try running it outside of WebDesigner; in an IIS-hosted application.
  • 0 over 7 years ago
    Below is what the partner runs and the results:

    --- start---
    Imports System.Text
    Imports System
    Imports System.Web
    Imports System.Collections.Specialized.NameValueCollection
    Imports System.Web.SessionState

    Public Function Get_ITSHOP_HTTPHeader() As String


    Dim loop1, loop2 As Integer
    Dim arr1(), arr2() As String
    Dim coll As System.Collections.Specialized.NameValueCollection
    Dim Request As System.Web.HttpRequest = System.Web.HttpContext.Current.Request
    Dim UserType As String= System.Web.HttpContext.Current.User.GetType.ToString

    coll=Request.ServerVariables
    arr1 = coll.AllKeys
    For loop1 = 0 To arr1.GetUpperBound(0)
    VID_Write2Log("c:\temp\IIS_HTTP_REQUEST.TXT", "Key: " & arr1(loop1))
    arr2 = coll.GetValues(loop1) ' Get all values under this key.
    For loop2 = 0 To arr2.GetUpperBound(0)
    VID_Write2Log("c:\temp\IIS_HTTP_REQUEST.TXT", UserType)
    Next loop2
    Next loop1


    Return "the end"
    End Function
    --end--


    The result is pretty much same. The trace below is from application log under IIS

    Error executing script 'Get_ITSHOP_HTTPHeader'.
    at VI.DB.Scripting.ScriptInstance.Eval(String key, Object[] parameters)
    at VI.WebDesigner.Expression.Function.DbScriptFunction.EvalFunction(ActionExecutor executor, RowPointerStack row, Object[] argumentValues)
    at VI.WebDesigner.Expression.UnaryNode.Eval(ActionExecutor executor, RowPointerStack row)
    at VI.WebDesigner.Expression.DataExpression.EvaluateSingleRow(ActionExecutor executor, RowPointerStack rowStack)
    at VI.WebDesigner.Expression.DataExpression.EvaluateSingleRow(ActionExecutor executor, RowPointer row)
    at VI.WebDesigner.Action.FillTable.FillFromRule(ActionExecutor executor, IRuntimeTable tbl, Int32 loadLimit)
    at VI.WebDesigner.Action.FillTable._ExecuteInternal(ActionExecutor executor)
    at VI.WebDesigner.Action.FillTable.ExecuteInternal(ActionExecutor executor)
    at VI.WebDesigner.Action.ActionBase.Execute(ActionExecutor executor) Object reference not set to an instance of an object.
    at DynScripts.Scripts_B7BF6A8B19F44C8BB2A1C440374B9B02.Get_ITSHOP_HTTPHeader()


    Cheers,
    Ingvar
  • 0 over 7 years ago
    Can you open a support request for this problem please, there is not an obvious answer I'm afraid.

    Thanks.
  • 0 over 7 years ago
    The customer have opened a support case (Service Request # 3991179). The first response was that it might take some time since it's being handed to development.