Expand my Community achievements bar.

Dive into Adobe Summit 2024! Explore curated list of AEM sessions & labs, register, connect with experts, ask questions, engage, and share insights. Don't miss the excitement.

How to use SAMLAuthProviderService?

Avatar

Level 1

I want to authenticate a username/password in my Workbench process from LDAP (Active Directory).

I searched and found this component SAMLAuthProviderService in the Foundation.

It requires input "credentials" (datatype Map), "AuthConfigs" (datatype List ), and output Echoed-Value (datatype AuthResponse).

I am unable to find how to use this component, what input to pass in what format.

I couldn't even find any documentation for this component anywhere in the Help, or forums or documents.

If anyone could point me to the documentation for this component, or give me an idea about how to use this component, it'll be great help.


Thanks,

5 Replies

Avatar

Level 10

You need to configure LiveCycle User Manager to use LDAP to authenticate users.

You can configure that from adminui under Settings/User Management.

Jasmin

Avatar

Level 1

Dear Jasmin,

I believe you are talking about letting LDAP users to login to Adobe LiveCycle interfaces, e.g. Workspace.

I have already done that, and need something different. Here is the scenario I am working on:

There is a PDF form that has to be filled in offline. The user is also supposed to enter username/password in this form which gets locked once entered.

Then this PDF form is brought physically on a CD or flash drive to IT building where it is put into an Adobe LiveCycle Watched Folder.

My LiveCycle Workbench process gets triggered by this PDF in watched folder, and it picks this PDF.

Now in my process I have to extract the username/password from this PDF and authenticate it against LDAP.

I looked for components in Workbench and found SAMLAuthProviderService and it seemed like what I am looking for.

Please suggest a solution for my scenario.

Thanks.

Avatar

Level 10

Sorry about that.

I did misread you post.

I think this quick start might be helpful: http://help.adobe.com/en_US/livecycle/9.0/programLC/help/index.htm?content=000446.html#1548679

I hope this is a better answer

Jasmin

Avatar

Level 1

Alright, so I can use the authentication part of the quickstart Java code to build my own Java component for LiveCycle and use it in my process.

Thanks.

But have a look at the attached screenshot. Do you think it could be possible to directly use the QPACK provided in LiveCycle in the Foundation Category, called SAMLAuthProviderService. Is it possible to just configure the properties of this QPACK and use it to authenticate the username/password, taking advantage of LiveCycle's built-in capabilities instead of creating my own Java component to do so?

authenticateComponent.PNG

Avatar

Former Community Member

As I see you just want to authenticate username/password in your workbench process(Yes an LDAP user).

SAMLAuthProvider service is not meant for plain username/password authentication. The purpose of SAMLAuthproviderservice is to let you authenticate in a scenario where you maintain let say 2 LDAPS, one which acts as a Directory provider(with no password of Users) and another LDAP which acts as Auth Provider for authentication. Basically SAMlAuthproviderService comes into picture when you are referring to Federated Identity.

But in your case as I perceieve, all you need is a an authresult from authentication of a user in your process.

For that try using BeanShell Script.

Here's a sample as to how you can use it in your process,

1. Create a process.

2. Drag an Activity Picker to the SwinLane.

3. Search for a Service named Foundation - > Execute Script

4. Provide the following authentication code to the Script as an Input,

"

import com.adobe.idp.dsc.clientsdk.ServiceClientFactory;
import com.adobe.livecycle.usermanager.client.AuthenticationManagerServiceClient;
import com.adobe.idp.um.api.AuthenticationManager;

ServiceClientFactory scf = ServiceClientFactory.createInstance();
AuthenticationManager authenticationManager = new AuthenticationManagerServiceClient(scf);
authenticationManager.authenticate("userName","password".getBytes());

"

5. You can use the username/password as variables in the script above by using PatExecContext(http://kb2.adobe.com/cps/402/kb402587.html)