chemistry-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Jay Brown <jay.br...@us.ibm.com>
Subject Re: IBM FileNet P8 CMIS URL addressability + Daeja ViewOne Viewer
Date Thu, 28 Aug 2014 16:10:29 GMT

No we don't currently support this but I am just trying to think this
through from a security perspective if we wanted to add a feature.
We can't include the user's security token in all of the returned stream
url's by default. I would have to be requested.

Would you want the client to request the document with an extra extension
parameter indicating that the stream url should be returned with the
current users LTPA token embedded? (includeAuthToken=true)


Jay Brown
Senior Engineer, ECM Development
IBM Software Group
jay.brown@us.ibm.com
www.linkedin.com/in/parityerror/


|------------>
| From:      |
|------------>
  >--------------------------------------------------------------------------------------------------------------------------------------------------|
  |Tim Webster <tim.webster@gmail.com>                                             
                                                                 |
  >--------------------------------------------------------------------------------------------------------------------------------------------------|
|------------>
| To:        |
|------------>
  >--------------------------------------------------------------------------------------------------------------------------------------------------|
  |"dev@chemistry.apache.org" <dev@chemistry.apache.org>                           
                                                                 |
  >--------------------------------------------------------------------------------------------------------------------------------------------------|
|------------>
| Date:      |
|------------>
  >--------------------------------------------------------------------------------------------------------------------------------------------------|
  |08/28/2014 02:37 AM                                                                   
                                                           |
  >--------------------------------------------------------------------------------------------------------------------------------------------------|
|------------>
| Subject:   |
|------------>
  >--------------------------------------------------------------------------------------------------------------------------------------------------|
  |Re: IBM FileNet P8 CMIS URL addressability + Daeja ViewOne Viewer                     
                                                           |
  >--------------------------------------------------------------------------------------------------------------------------------------------------|





Jay,

I've re-read your email, and I think I misunderstood what you were
saying...

*"We currently only support LTPA tokens with the FileNet CMIS server.   So
if your client adds a 'Cookie' header with a value of a valid LTPA token
(for the domain where the CMIS and CE server reside)  your request will
succeed without a challenge for credentials. "*

This is fine if we were actually constructing the HTTP request ourselves,
but we're not - the Daeja ViewOne applet is doing it.

*"...would you need us to support the passing of the token as a parameter
in the Content stream URL?"*

This would in fact help - if the content stream URL contained the token, I
could just pass that URL to the applet and it can do the rest.  As it is,
does P8 support any URL of this type to retrieve content?

Thanks,

Tim




On Wed, Aug 27, 2014 at 6:26 PM, Jay Brown <jay.brown@us.ibm.com> wrote:

> We currently only support LTPA tokens with the FileNet CMIS server.   So
> if your client adds a 'Cookie' header with a value of a valid LTPA token
> (for the domain where the CMIS and CE server reside)  your request will
> succeed without a challenge for credentials.
>
> Does this help you or would you need us to support the passing of the
> token as a parameter in the Content stream URL?
>
>
> Jay Brown
> ECM Development, IBM
>
>
> [image: Inactive hide details for Tim Webster ---08/27/2014 03:36:11
> AM---Hi, I'm looking to stream documents to the Daeja ViewOne View]Tim
> Webster ---08/27/2014 03:36:11 AM---Hi, I'm looking to stream documents
to
> the Daeja ViewOne Viewer applet using a
>
>
>
>    From:
>
>
> Tim Webster <tim.webster@gmail.com>
>
>    To:
>
>
> "dev@chemistry.apache.org" <dev@chemistry.apache.org>
>
>    Date:
>
>
> 08/27/2014 03:36 AM
>
>    Subject:
>
>
> IBM FileNet P8 CMIS URL addressability + Daeja ViewOne Viewer
> ------------------------------
>
>
>
> Hi,
>
> I'm looking to stream documents to the Daeja ViewOne Viewer applet using
a
> single URL.  I understand that a document can be retrieved from the
> repository using a URL like so:
>
> http://host:port
>
> /fncmis/resources/DEV/ContentStream/idd_9B7C7D0A-A236-489C-A512-AB32B2E676D7/0/document1.xlsx

>
> However the server prompts the user for basic HTTP authentication
> credentials.  It looks like Alfresco has a way to deal with this:
>
> https://wiki.alfresco.com/wiki/URL_Addressability
>
> Is there anything similar we can do for FileNet?
>
> Sorry a bit off-topic, but if there are any IBM people out there, do you
> know if credentials can be supplied to the Daeja ViewOne applet? Maybe
this
> would be a way to deal with it instead...
>
> Thanks,
>
>
>


Mime
  • Unnamed multipart/related (inline, None, 0 bytes)
View raw message