Possible to access and pass user credentials to other Application?
Hello,
is it possible to somehow access the username and password typed in the login screen, once they are send to the server (i.e. some server side hook "onLogin")?
We have a use case, where we need to pass on the user credentials to another application (intranet). Since we are currently on Tomcat, I dont see how we could use LTPA (from what I understand that is WAS SSO configuration dependent).
The application we are accessing supports passing username and password (clear text) for authentication. Since both RTC as well as the other app authenticate with ActiveDirectory reusing the credentials from RTC login would work fine ... if we could somehow get a hold of them.
Thanks for any hints.
One answer
Jazz applications use the OAuth protocol for authenticating application-to-application requests, on behalf of the end user. If the application you wish to access supports OAuth, perhaps you could use that approach as well.
Comments
Hi John,
thanks for pointing me to that.
Let's assume we moved to WAS and SSO. How would we get our hands on the LTPA token in order to pass it on to the other application. Is there a way to do that through the API? Or is there a way to read cookies or get direct access to the HTTPServletRequest object?
Just to clarifiy, we do not redirect the user's browser to that other application, but from within RTC need to make a service call to another application (they provide a Java Client API to us which requires a LTPA token to be passed as Java String), using the credentials of the user that is logged on to RTC.
See https://jazz.net/forum/questions/72719/hot-to-get-the-httpservletrequest-object-inside-an-extension this is exactly what we need to do.
Thanks, Nils
Sorry, I'm not familiar with WAS/SSO or LTPA tokens.