Jazz Forum Welcome to the Jazz Community Forum Connect and collaborate with IBM Engineering experts and users

How to do Jazz FormBased Authantation.

 Hii,


I am integrating SystemWeaver with CCM application. I am using Basic Authentication but is not working now I need to know how to do Jazz Form Base Authentication. Can any one please provide some support on this.

This is my Basic Authentication code correct me if anything is worng

try
            {
                var request = (HttpWebRequest)WebRequest.Create(url);
                request.Method = "GET";

                if (username != null)
                {
                                 

                   
                   var base64Credentials = GetEncodedCredentials(username, password);
                                    
                   
                  request.Headers.Add("Authorization", "Basic" + base64Credentials);
             
                 request.ContentType = "application/json; charset=UTF-8";
               
                }
              
                //Any certificat accept
                System.Net.ServicePointManager.ServerCertificateValidationCallback = (senderX, certificate, chain, sslPolicyErrors) => { return true; };

                var response = request.GetResponse();
                using (Stream responseStream = response.GetResponseStream())
                {
                    using (var reader = new StreamReader(responseStream, Encoding.UTF8))
                    {
                        return reader.ReadToEnd();
                    }
                }
            }

Thank you,
Regards,
Pavan m.

0 votes


Accepted answer

Permanent link
The first time you hit a protected page, you'll get a 200 response and there will be session cookies set, and the response headers give you what approach to use:
 - first check for the header 'x-com-ibm-team-repository-web-auth-msg' and see if it's set to 'authrequired'. If this is the case then it's form based authentication directly to the JTS
 - if that check is false, then look for the header 'www-authenticate' and if that's present you need to do Basic Auth to an OpenID based server like the Jazz Authentication Server

Once you go through the auth above you will either be redirected back to your original page (form based), or you will need to explicitly re-request the original page (Basic).

In either case, check for the 'x-com-ibm-team-repository-web-auth-msg' header and make sure it's not 'authfailed'
Ralph Schoon selected this answer as the correct answer

0 votes


One other answer

Permanent link
I have tried to explain how this is done here:


I am currently not completely sure which Authentication to use when. It appears that Form Based Authentication works against systems that are set up without Jazz Authorization Server e.g. my local test system.

Basic Auth appears to be working with systems that have JAS set up and configured (assuming that https://jazz.net/jazz/ is setup this way, but I have validated against another system I know has these characteristics).

When I try to use Basic Auth against my test system without JAS configured, I get a header
X-com-ibm-team-repository-web-auth-msg: authrequired

and a Location header

Form Based Auth works with this system (liberty with local user authentication).

0 votes

Comments

Thanks Davyd,


that makes it clearer. 

Your answer

Register or log in to post your answer.

Dashboards and work items are no longer publicly available, so some links may be invalid. We now provide similar information through other means. Learn more here.

Search context
Follow this question

By Email: 

Once you sign in you will be able to subscribe for any updates here.

By RSS:

Answers
Answers and Comments
Question details
× 10,926

Question asked: Jul 22 '21, 3:55 a.m.

Question was seen: 1,165 times

Last updated: Jul 23 '21, 1:44 a.m.

Confirmation Cancel Confirm