logo

Warning: The forum is now for consultation only. Please use GitHub Discussions to post any questions or comments.


Welcome Guest ! To enable all features please Login or Register.

Notification

Icon
Error

2 Pages12>
Options
Go to last post Go to first unread
RamKumar  
#1 Posted : Tuesday, June 5, 2018 10:46:59 AM(UTC)
RamKumar

Rank: Newbie

Groups: Registered
Joined: 5/31/2018(UTC)
Posts: 1
India
Location: Hyderabad

We are using following code in our web application to authenticate user which will also be authenticated in seal report.We are using "Basic Authentication" as security provider in SR designer tool.

var sealServer = "http://192.168.10.54/seal/";//SR report url which we got after publishing it on IIS.
$.post(sealServer+"SWILogin", {
user: "name", // The user name
password: "password" // The password
})
.done(function (data) {
if (!data.error) { / Do your job here / }
})

When we execute above code this execute automatically as
1. "GET" request and we get "302 status code"

2. "POST" request and we get "302 status code"

3. "GET" request and we get "302 status code"

4. "GET" request and we get "302 status code"

5. "GET" request and we get "404 status code"

and http://..../seal/(X(1)S(e31pvpzum4d30t3cohrsb3aq))/SWILogin?AspxAutoDetectCookieSupport=1 404 (Not Found) error comes

How can I login using "SWILogin" API.
We solve above issues using webconfig file.(editing file and set:<sessionState mode="InProc" cookieless="false" timeout="20" />)
It executes "SWILogin" API and gets correct response but after that we execute "SWIExecuteReport" which goes to LoginPage of SR tool.

I don't need double authentication process(1st Authentication done by WebApplication and again same user has to be verified in SR tool).
Hence,I want to drop the login page of SR tool while I follow the flow of WebApplication.

Edited by user Tuesday, June 5, 2018 11:02:23 AM(UTC)  | Reason: Not specified

epf  
#2 Posted : Tuesday, June 5, 2018 11:01:29 AM(UTC)
epf

Rank: Administration

Groups: Administrators
Joined: 12/20/2013(UTC)
Posts: 1,209
Switzerland

Thanks: 14 times
Was thanked: 206 time(s) in 199 post(s)
After your post, if the result is successful, you should go
http://192.168.10.54/seal/ by JavaScript and hopefully you are logged

However, I don't know if the Login screen will be prompted (to be checked)...

It looks like your IIS does not allow Cookies, I don't know if it is a problem...

RamKumar  
#3 Posted : Tuesday, June 5, 2018 12:25:47 PM(UTC)
RamKumar

Rank: Newbie

Groups: Registered
Joined: 5/31/2018(UTC)
Posts: 1
India
Location: Hyderabad

Thanks for your quick reply.
But when we unable the cookies we get a successfull response otherwise
1. "GET" request and we get "302 status code"

2. "POST" request and we get "302 status code"

3. "GET" request and we get "302 status code"

4. "GET" request and we get "302 status code"

5. "GET" request and we get "404 status code"

and http://..../seal/(X(1)S(e31pvpzum4d30t3cohrsb3aq))/SWILogin?AspxAutoDetectCookieSupport=1 404 (Not Found) error comes


The issue is still not resolved.
We have done the below step to allow cookies from IIS.
(In IIS->Feature Views->Session State we have allow Cookies in IIS.)

epf  
#4 Posted : Tuesday, June 5, 2018 12:59:58 PM(UTC)
epf

Rank: Administration

Groups: Administrators
Joined: 12/20/2013(UTC)
Posts: 1,209
Switzerland

Thanks: 14 times
Was thanked: 206 time(s) in 199 post(s)
It looks like a side effect when Cookies are disabled...
Difficult to fix this without the debugger/and perhaps some code changes...
Sorry, but we have no experience for this scenario
epf  
#5 Posted : Wednesday, June 6, 2018 6:39:42 AM(UTC)
epf

Rank: Administration

Groups: Administrators
Joined: 12/20/2013(UTC)
Posts: 1,209
Switzerland

Thanks: 14 times
Was thanked: 206 time(s) in 199 post(s)
I made a check on the code and it looks like the Web Report Server forces a re-connection with an empty user/password...
This fix can be made in HomeControllerSWI.cs line 29:

Code:
if (WebUser == null || !WebUser.IsAuthenticated || (!string.IsNullOrEmpty(user) && WebUser.WebUserName != user))


With this fix, I am enable login through http://localhost:17178/seal/WebInterfaceSamples.html,
then when I go to http://localhost:17178/seal, I am still logged.

This will be included in the next release, otherwise, just recompile the Web Report Server.
RamKumar  
#6 Posted : Thursday, June 7, 2018 12:38:26 PM(UTC)
RamKumar

Rank: Newbie

Groups: Registered
Joined: 5/31/2018(UTC)
Posts: 1
India
Location: Hyderabad

We have resolved above issue using following code.





Can we have encrypted and decrypted login credentials ?
RamKumar  
#7 Posted : Thursday, June 7, 2018 12:42:30 PM(UTC)
RamKumar

Rank: Newbie

Groups: Registered
Joined: 5/31/2018(UTC)
Posts: 1
India
Location: Hyderabad

We have resolved above issue using following code.


loadReport() {
if (this.cntr == 0) {
this.cntr = 1;
} else {
var sealServer = "http://......./seal/";
var self = this;
var form1 = $('<form method="post" target="Companyiframe" />');
form1.attr('action', sealServer + "SWExecuteReport");
form1.append($('<input />').attr('type', 'hidden').attr('name', 'path').attr('value', "\\" + self.ReportName.title + ".srex"));
form1.children('input').attr('type', 'hidden');
$('body').append(form1);

form1.submit();
}
}
myFunction() {
this.name = 'TestView';
var self = this;
var sealServer = "http://...../seal/";



var form = $('<form method="post" target="loginresponse" />');
form.attr('action', sealServer + "SWILogin");
form.append($('<input />').attr('type', 'hidden').attr('name', 'user').attr('value', "SealUser"));
form.append($('<input />').attr('type', 'hidden').attr('name', 'password').attr('value', "Seal@2018"));
form.children('input').attr('type', 'hidden');
$('body').append(form);

form.submit();




}
<div class="content-wrapper">
<h3 align="center" style="font-size:20px;font-weight:600;">{{headTitle}}</h3>
<div class="container">
<iframe name="Companyiframe" id="Companyiframe" style="width:100%; height: 600px;" align="middle" scrolling="yes" frameBorder="0"></iframe>
<iframe name="loginresponse" (load)="loadReport();" style="width:100%; height: 600px;display:none" align="middle" scrolling="yes" frameBorder="0"></iframe>
</div>
</div>

Here we are passing user credentials in plain text in web application, but we need it in encrypted text.
Can you please provide solution for how to decrypt it in SR tool.
epf  
#8 Posted : Friday, June 8, 2018 6:14:47 AM(UTC)
epf

Rank: Administration

Groups: Administrators
Joined: 12/20/2013(UTC)
Posts: 1,209
Switzerland

Thanks: 14 times
Was thanked: 206 time(s) in 199 post(s)
Actually there is no encryption mechanism for this in SR...
I would say that if you login from your browser, you have to pass a user/password, but I do not think you can encrypt them from the Browser side...
From where comes your user name/password ?
If you web server provides encrypted user name/password, you should be able to decrypt them in the Custom Security script of your provider.
I would more recommend to build up and to pass a token which can last 1 min.
Then in the custom script, just decode it.

There a a lot of C# stuff to do this (check System.Security.Cryptography), just include the good librairies at the be beginning (@using)
Code:

@using Seal.Model
@using Seal.Helpers
@{
    SecurityUser user = Model;
	//Basic authentication script: use the user name and password to authenticate the user and set his name and security groups...
	//user.WebUserName -> user name from the login screen
	//user.WebPassword -> password from the login screen
        var myDecryptedPassword = /* Decrypt your password here */
...
}


Note that you may reference your own Assemblies by adding your *.dll in the Repository folder: Assemblies.


Did you consider login directly from your Web Server (check source code in the TestSealWebInterface.cs) ?
Code:
            response = await httpClient.PostAsJsonAsync(serverURL + "SWILogin", new { user = "", password = "" });
            var profile = await response.Content.ReadAsAsync<SWIUserProfileResponse>();
            Assert.IsTrue(string.IsNullOrEmpty(profile.error));
            Assert.IsTrue(!string.IsNullOrEmpty(profile.group));


RamKumar  
#9 Posted : Monday, June 11, 2018 6:42:56 AM(UTC)
RamKumar

Rank: Newbie

Groups: Registered
Joined: 5/31/2018(UTC)
Posts: 1
India
Location: Hyderabad

Thank you for the solution...



I want to pass one ID(not to be use for login purpose) from web portal to SR for data level filtering so how can i pass it from web portal and accept it in SR for Query.
epf  
#10 Posted : Monday, June 11, 2018 9:34:26 AM(UTC)
epf

Rank: Administration

Groups: Administrators
Joined: 12/20/2013(UTC)
Posts: 1,209
Switzerland

Thanks: 14 times
Was thanked: 206 time(s) in 199 post(s)
SR will take only user name/password.
You can change the source code to handle more fields...
However in the user name, you can pass an id, that will allow to query a table in your database to define your restrictions...etc.


RamKumar  
#11 Posted : Monday, June 11, 2018 12:49:43 PM(UTC)
RamKumar

Rank: Newbie

Groups: Registered
Joined: 5/31/2018(UTC)
Posts: 1
India
Location: Hyderabad

Originally Posted by: epf Go to Quoted Post
SR will take only user name/password.
You can change the source code to handle more fields...
However in the user name, you can pass an id, that will allow to query a table in your database to define your restrictions...etc.







we are not using source code , want to pass one ID when "SWExecuteReport" method execute and accept in SR for filtering data ,so please give me solution how i pass and accpt in SR

i am trying with below code but how can i access in SR

form.attr('action', sealServer + "SWExecuteReportToResult");
form.append($('<input />').attr('name', 'r0_name').attr('value', "Quantity"));
form.append($('<input />').attr('name', 'r0_operator').attr('value', "Between"));
form.append($('<input />').attr('name', 'r0_value_1').attr('value', "34"));
form.append($('<input />').attr('name', 'r0_value_2').attr('value', "123"));

Edited by user Monday, June 11, 2018 1:02:39 PM(UTC)  | Reason: Not specified

epf  
#12 Posted : Monday, June 11, 2018 2:39:13 PM(UTC)
epf

Rank: Administration

Groups: Administrators
Joined: 12/20/2013(UTC)
Posts: 1,209
Switzerland

Thanks: 14 times
Was thanked: 206 time(s) in 199 post(s)
Did you consider this:
Create a dedicated restriction in your model, set it as Prompted and as Parameter (like sample '51-User Input')
Then you can pass the value for this restriction at run-time, then use it in a Task script to modify the SQL of your model...
TheWildHealer  
#13 Posted : Thursday, December 13, 2018 2:56:02 PM(UTC)
TheWildHealer

Rank: Newbie

Groups: Registered
Joined: 12/11/2018(UTC)
Posts: 3
France

Thanks: 2 times
Originally Posted by: epf Go to Quoted Post
I made a check on the code and it looks like the Web Report Server forces a re-connection with an empty user/password...
This fix can be made in HomeControllerSWI.cs line 29:

Code:
if (WebUser == null || !WebUser.IsAuthenticated || (!string.IsNullOrEmpty(user) && WebUser.WebUserName != user))


With this fix, I am enable login through http://localhost:17178/seal/WebInterfaceSamples.html,
then when I go to http://localhost:17178/seal, I am still logged.

This will be included in the next release, otherwise, just recompile the Web Report Server.



Is this live in 4.1 ? I have the exact same problem in 4.1 :

error

Edited by user Thursday, December 13, 2018 3:00:42 PM(UTC)  | Reason: Not specified

epf  
#14 Posted : Thursday, December 13, 2018 3:11:32 PM(UTC)
epf

Rank: Administration

Groups: Administrators
Joined: 12/20/2013(UTC)
Posts: 1,209
Switzerland

Thanks: 14 times
Was thanked: 206 time(s) in 199 post(s)
Yes, this code is in the 4.1...
TheWildHealer  
#15 Posted : Thursday, December 13, 2018 3:20:12 PM(UTC)
TheWildHealer

Rank: Newbie

Groups: Registered
Joined: 12/11/2018(UTC)
Posts: 3
France

Thanks: 2 times
Well I am in 4.1 and I have the problem still. What can I do ? Want any additionnal logs ?
epf  
#16 Posted : Thursday, December 13, 2018 3:25:50 PM(UTC)
epf

Rank: Administration

Groups: Administrators
Joined: 12/20/2013(UTC)
Posts: 1,209
Switzerland

Thanks: 14 times
Was thanked: 206 time(s) in 199 post(s)
Can you make a scenario based on https://sealreport.org/d...WebInterfaceSamples.html ?
Thank you.
TheWildHealer  
#17 Posted : Thursday, December 13, 2018 3:30:05 PM(UTC)
TheWildHealer

Rank: Newbie

Groups: Registered
Joined: 12/11/2018(UTC)
Posts: 3
France

Thanks: 2 times
I don't think I understand what you mean by scenario, but I think the code that made the error might be close to what you ask

Code:

<!DOCTYPE html>
<html lang="en" dir="ltr">
    <head>
        <meta charset="utf-8">
        <title>Test report embedding</title>
        <script src="https://ajax.googleapis.com/ajax/libs/jquery/3.3.1/jquery.min.js"></script>
        <script type="text/javascript">
            $(document).ready(function() {
                $.post("http://localhost/seal/SWILogin", {
                    user: "user",
                    password: ""
                }).done(function(data) {
                    if(!data.error) {
                        //some code, not reached because of the 404
                    }
                })
            })
        </script>
    </head>
    <body>
        <div id="container">
        </div>
    </body>
</html>

Edited by user Thursday, December 13, 2018 3:30:43 PM(UTC)  | Reason: added precisions

epf  
#18 Posted : Thursday, December 13, 2018 3:58:10 PM(UTC)
epf

Rank: Administration

Groups: Administrators
Joined: 12/20/2013(UTC)
Posts: 1,209
Switzerland

Thanks: 14 times
Was thanked: 206 time(s) in 199 post(s)
This works fine using the code in WebInterfaceSamples.html so is it related to your IIS configuration ?
TheWildHealer  
#19 Posted : Thursday, December 13, 2018 4:09:17 PM(UTC)
TheWildHealer

Rank: Newbie

Groups: Registered
Joined: 12/11/2018(UTC)
Posts: 3
France

Thanks: 2 times
Probably, how should I troubleshot that ? I have no experience with IIS.
epf  
#20 Posted : Thursday, December 13, 2018 5:08:15 PM(UTC)
epf

Rank: Administration

Groups: Administrators
Joined: 12/20/2013(UTC)
Posts: 1,209
Switzerland

Thanks: 14 times
Was thanked: 206 time(s) in 199 post(s)
I made a quick try and I enabled the CROF policy and set the Session states to Cookies in the web.config...and your sample works fine
Here is the web.config used:

Code:
<?xml version="1.0" encoding="utf-8"?>
<!--
  For more information on how to configure your ASP.NET application, please visit
  http://go.microsoft.com/fwlink/?LinkId=169433
  -->
<configuration>
  <configSections>
    <sectionGroup name="applicationSettings" type="System.Configuration.ApplicationSettingsGroup, System, Version=4.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089">
      <section name="Seal.Properties.Settings" type="System.Configuration.ClientSettingsSection, System, Version=4.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089" requirePermission="false" />
    </sectionGroup>
  </configSections>
  <applicationSettings>
    <Seal.Properties.Settings>
      <setting name="RepositoryPath" serializeAs="String">
        <value></value>
      </setting>
    </Seal.Properties.Settings>
  </applicationSettings>
  <appSettings>
    <add key="webpages:Version" value="2.0.0.0" />
    <add key="webpages:Enabled" value="false" />
    <add key="PreserveLoginUrl" value="true" />
    <add key="ClientValidationEnabled" value="true" />
    <add key="UnobtrusiveJavaScriptEnabled" value="true" />
    <add key="DebugMode" value="false" />
  </appSettings>
  <system.web>
    <compilation debug="false" targetFramework="4.5" />
    <pages>
      <namespaces>
        <add namespace="System.Web.Helpers" />
        <add namespace="System.Web.Mvc" />
        <add namespace="System.Web.Mvc.Ajax" />
        <add namespace="System.Web.Mvc.Html" />
        <add namespace="System.Web.Routing" />
        <add namespace="System.Web.WebPages" />
        <add namespace="System.Data" />
      </namespaces>
    </pages>
    <sessionState cookieless="UseCookies" timeout="120" />
  </system.web>
  <system.webServer>
	  <httpProtocol>
		<customHeaders>
		  <add name="Access-Control-Allow-Origin" value="*" />
		  <add name="Access-Control-Allow-Methods" value="GET, PUT, POST, DELETE, HEAD, OPTIONS" />
		  <add name="Access-Control-Allow-Credentials" value="true" />
		  <add name="Access-Control-Allow-Headers" value="X-Requested-With, origin, content-type, accept" />
		</customHeaders>
	  </httpProtocol>
      <validation validateIntegratedModeConfiguration="false" />
    <modules runAllManagedModulesForAllRequests="true" />
    <handlers>
      <remove name="ExtensionlessUrlHandler-ISAPI-4.0_32bit" />
      <remove name="ExtensionlessUrlHandler-ISAPI-4.0_64bit" />
      <remove name="ExtensionlessUrlHandler-Integrated-4.0" />
      <add name="ExtensionlessUrlHandler-ISAPI-4.0_32bit" path="*." verb="GET,HEAD,POST,DEBUG,PUT,DELETE,PATCH,OPTIONS" modules="IsapiModule" scriptProcessor="%windir%\Microsoft.NET\Framework\v4.0.30319\aspnet_isapi.dll" preCondition="classicMode,runtimeVersionv4.0,bitness32" responseBufferLimit="0" />
      <add name="ExtensionlessUrlHandler-ISAPI-4.0_64bit" path="*." verb="GET,HEAD,POST,DEBUG,PUT,DELETE,PATCH,OPTIONS" modules="IsapiModule" scriptProcessor="%windir%\Microsoft.NET\Framework64\v4.0.30319\aspnet_isapi.dll" preCondition="classicMode,runtimeVersionv4.0,bitness64" responseBufferLimit="0" />
      <add name="ExtensionlessUrlHandler-Integrated-4.0" path="*." verb="GET,HEAD,POST,DEBUG,PUT,DELETE,PATCH,OPTIONS" type="System.Web.Handlers.TransferRequestHandler" preCondition="integratedMode,runtimeVersionv4.0" />
    </handlers>
    <staticContent>
      <remove fileExtension=".woff" />
      <mimeMap fileExtension=".woff" mimeType="application/font-woff" />
      <remove fileExtension=".woff2" />
      <mimeMap fileExtension=".woff2" mimeType="font/x-woff" />
    </staticContent>
  </system.webServer>
  <runtime>
    <assemblyBinding xmlns="urn:schemas-microsoft-com:asm.v1">
      <dependentAssembly>
        <assemblyIdentity name="Newtonsoft.Json" publicKeyToken="30ad4fe6b2a6aeed" culture="neutral" />
        <bindingRedirect oldVersion="0.0.0.0-11.0.0.0" newVersion="11.0.0.0" />
      </dependentAssembly>
      <dependentAssembly>
        <assemblyIdentity name="System.Web.Helpers" publicKeyToken="31bf3856ad364e35" />
        <bindingRedirect oldVersion="1.0.0.0-3.0.0.0" newVersion="3.0.0.0" />
      </dependentAssembly>
      <dependentAssembly>
        <assemblyIdentity name="System.Web.WebPages" publicKeyToken="31bf3856ad364e35" />
        <bindingRedirect oldVersion="1.0.0.0-3.0.0.0" newVersion="3.0.0.0" />
      </dependentAssembly>
      <dependentAssembly>
        <assemblyIdentity name="System.Web.Mvc" publicKeyToken="31bf3856ad364e35" />
        <bindingRedirect oldVersion="1.0.0.0-5.2.6.0" newVersion="5.2.6.0" />
      </dependentAssembly>
    </assemblyBinding>
  </runtime>
</configuration>
thanks 1 user thanked epf for this useful post.
TheWildHealer on 12/14/2018(UTC)
Users browsing this topic
Guest (3)
2 Pages12>
Forum Jump  
You cannot post new topics in this forum.
You cannot reply to topics in this forum.
You cannot delete your posts in this forum.
You cannot edit your posts in this forum.
You cannot create polls in this forum.
You cannot vote in polls in this forum.