Skip to main content
Question

IFS Cloud 22R1 , How to enable Basic Auth for a Standard RestAPI   

S
Sidekick (Employee)
Forum|alt.badge.img+9
  • Shou
  • Sidekick (Employee)
  • 50 replies

Hi , I just installed IFS Cloud 22R1 ,

during the installration ,I set

“ifsappproxy.basicAuth = enabled”   in ifscloud-value.yaml.

 

So, my question is, 

what is the next step?

for a specfic Projection(eg: ScrappingCausesHandling.svc) , how to make it support Basic Auth?

 

 

  1. in APPS 10 , via API Explorer , we can set a projection to “Include in Compatibility Application Type ” to make it support basic Auth.   How to do this in IFS Cloud?

      

        2. I alrady read this post , but is doesn’t mention how to enable a specific projection

            

https://community.ifs.com/ifs-framework-experience-employees-partners-only-109/how-to-enable-basic-authentication-for-the-integration-projections-gsdtech-16114

 

Charith Epitawatta
ZTC ZTC JGOTA
2 people like this
  • Charith Epitawatta
    Charith Epitawatta
  • ZTC ZTC JGOTA
    ZTC ZTC JGOTA

12 replies

Rifki Razick
Hero (Employee)
Forum|alt.badge.img+9
  • Rifki Razick
  • Hero (Employee)
  • 72 replies
  • June 2, 2022

Hi @Shou ,

You don’t have to do anything extra here. “Include in Compatibility Application Type ” is not applicable for IFS Cloud. Therefore you should be able to call the API by setting the required headers for basic auth in the http request. Have you tried calling the API using a tool like Postman?

Also please be mindful that Basic auth. is not recommended in production due to security reasons.

Regards,

/Rifki

Rifki
JohannesKnust
Hero (Partner)
Forum|alt.badge.img+12

You had a look at the given details from IFS in the technical documentation?
https://docs.ifs.com/techdocs/22r1/030_administration/030_integration/300_ifs_connect/010_configure_connect/060_transport_connectors/configure_rest_transport_connector/#basic-authentication

S
Sidekick (Employee)
Forum|alt.badge.img+9
  • Shou
  • Author
  • Sidekick (Employee)
  • 50 replies
  • June 2, 2022
JohannesKnust wrote:

You had a look at the given details from IFS in the technical documentation?
https://docs.ifs.com/techdocs/22r1/030_administration/030_integration/300_ifs_connect/010_configure_connect/060_transport_connectors/configure_rest_transport_connector/#basic-authentication

Thanks.

But the documention is for outbound.   IFS call external system’s rest API.

while, I’m talking about Inbound.

S
Sidekick (Employee)
Forum|alt.badge.img+9
  • Shou
  • Author
  • Sidekick (Employee)
  • 50 replies
  • June 2, 2022
Rifki Razick wrote:

Hi @Shou ,

You don’t have to do anything extra here. “Include in Compatibility Application Type ” is not applicable for IFS Cloud. Therefore you should be able to call the API by setting the required headers for basic auth in the http request. Have you tried calling the API using a tool like Postman?

Also please be mindful that Basic auth. is not recommended in production due to security reasons.

Regards,

/Rifki

@Rifki Razick

Yes, I tried, but failed.  (same postman setting works for APPS 10)

 

 

Rifki Razick
Hero (Employee)
Forum|alt.badge.img+9
  • Rifki Razick
  • Hero (Employee)
  • 72 replies
  • June 3, 2022

@subslk any thoughts?

Rifki
Charith Epitawatta
Ultimate Hero (Employee)
Forum|alt.badge.img+31

Hi @Shou

Shou wrote:

during the installration ,I set

“ifsappproxy.basicAuth = enabled”   in ifscloud-value.yaml.

 

Please also double check if you have passed basicAuth parameter to the installer correctly. You can refer to “The parameters order” documentation, which can be found here:

https://docs.ifs.com/techdocs/22r1/070_remote_deploy/010_installing_fresh_system/200_installing_ifs_cloud/035_ifs_cloud_ifsinstaller/030_installation_parameters/#the-parameters-order

You can either pass it using the ifscloud_values.yaml file using the correct YAML syntax as mentioned in above documentation or pass it directly through the command line using a --set flag. 

Parameters for proxy documentation can be found here:

https://docs.ifs.com/techdocs/22r1/070_remote_deploy/010_installing_fresh_system/200_installing_ifs_cloud/035_ifs_cloud_ifsinstaller/030_installation_parameters/#parameters-for-proxy

Hope this helps!

Charith - https://charith.xyz
B
1 person likes this
  • B
    Ben Monroe
S
Sidekick (Employee)
Forum|alt.badge.img+9
  • Shou
  • Author
  • Sidekick (Employee)
  • 50 replies
  • June 3, 2022

@Charith Epitawatta 

I run:

.\installer.cmd --set action=mtinstaller --values ifscloud-values.yaml --values solutionset.yaml 

to install the middle tier

 

and my  ifscloud-values.yaml looks like this:

------------

…….

ifsappiam:
  ifsReadonlySuppUserExpiryEnabled: true
  ifsReadonlySuppUserEnabled: true
  ifsadminTempPasswordEnabled: true

ifsappproxy:
  accessLogEnabled: false
  basicAuth: enabled
  
ifsappodata:
  replicas: 1
  logLevel: error

…..

-------------

 

please tell me if there anything not follow the documentation.

Charith Epitawatta
1 person likes this
  • Charith Epitawatta
    Charith Epitawatta
S
Sidekick (Employee)
Forum|alt.badge.img+9
  • Shou
  • Author
  • Sidekick (Employee)
  • 50 replies
  • June 3, 2022

@Charith Epitawatta @Rifki Razick @subslk 

I just “delete” the middle tier , then re-installed again

, this time I use “--set” flag to ensure that parameter is passed:

.\installer.cmd --set action=mtinstaller --values ifscloud-values.yaml --values solutionset.yaml --set ifsappproxy.basicAuth=enabled
 

while, still basicAuth is not supported 

I just “describe” the ifsapp-proxy pod, and found  BASIC_AUTHstill disabled.

> kubectl describe pod ifsapp-proxy-xxxxxxxx-8k4ph -n ifscloud

seems it is a bug.

 

Charith Epitawatta
1 person likes this
  • Charith Epitawatta
    Charith Epitawatta
H
Hero (Employee)
Forum|alt.badge.img+10
  • hhanse
  • Hero (Employee)
  • 175 replies
  • June 7, 2022

Hi, it seems the techdoc is faulty. I will correct it. Seems you are the first ever trying to set it :)

Which is good as we don’t encourage setting the entire application with basic Auth enabled… i would suggest to adopt the inbound integration to use a proper oAuth token instead…  

If you still really need basic Auth:
The parameter is called basicAuthEnabled and not basicAuth and should be set to true or false

 

Charith Epitawatta
B
2 people like this
  • Charith Epitawatta
    Charith Epitawatta
  • B
    Ben Monroe
H
Hero (Employee)
Forum|alt.badge.img+10
  • hhanse
  • Hero (Employee)
  • 175 replies
  • June 7, 2022

Doc updated on all tracks now - e.g.:
http://techdocs/22r1/070_remote_deploy/010_installing_fresh_system/200_installing_ifs_cloud/035_ifs_cloud_ifsinstaller/030_installation_parameters/#parameters-for-proxy

Charith Epitawatta
ashdlk
B
4 people like this
  • Charith Epitawatta
    Charith Epitawatta
  • ashdlk
    ashdlk
  • B
    Ben Monroe
  • JohannesKnust
    JohannesKnust
S
Sidekick (Employee)
Forum|alt.badge.img+9
  • Shou
  • Author
  • Sidekick (Employee)
  • 50 replies
  • June 14, 2022

@hhanse @Charith Epitawatta @Rifki Razick @subslk 

I just re-create the server with 

basicAuthEnabled: true

this time , as I describe the pod , it do enable the Basic Auth:

 

while, Postman show me another error with a simple GET

you can test with our Internal Server

https://dlk1k8s505.corpnet.ifsworld.com/

ifsadmin/Inter***123

R
Do Gooder (Employee)
Forum|alt.badge.img

Hi there, please note that your call in postman is set to use MAIN and not INT, try calling it like this:
https://xxxxxxxxx.com/int/ifsapplications/projection/v1/yourcall

this INT after / is used to call a basic auth.
you need to enable compatibility mode in API Explorer for this projection

Reply


Terms & ConditionsCookie settings

Cookie policy

We use cookies to enhance and personalize your experience. If you accept you agree to our full cookie policy. Learn more about our cookies.

 
Cookie settings