5 Replies Latest reply on May 11, 2010 9:15 AM by Amit Pugalia

    How to use SAMLAuthProviderService?

    MoOoDe

      I want to authenticate a username/password in my Workbench process from LDAP (Active Directory).

      I searched and found this component SAMLAuthProviderService in the Foundation.

      It requires input "credentials" (datatype Map), "AuthConfigs" (datatype List ), and output Echoed-Value (datatype AuthResponse).

      I am unable to find how to use this component, what input to pass in what format.

      I couldn't even find any documentation for this component anywhere in the Help, or forums or documents.

      If anyone could point me to the documentation for this component, or give me an idea about how to use this component, it'll be great help.


      Thanks,

        • 1. Re: How to use SAMLAuthProviderService?
          Jasmin Charbonneau Level 4

          You need to configure LiveCycle User Manager to use LDAP to authenticate users.

           

          You can configure that from adminui under Settings/User Management.

           

          Jasmin

          • 2. Re: How to use SAMLAuthProviderService?
            MoOoDe Level 1

            Dear Jasmin,

             

            I believe you are talking about letting LDAP users to login to Adobe LiveCycle interfaces, e.g. Workspace.

            I have already done that, and need something different. Here is the scenario I am working on:

            There is a PDF form that has to be filled in offline. The user is also supposed to enter username/password in this form which gets locked once entered.

            Then this PDF form is brought physically on a CD or flash drive to IT building where it is put into an Adobe LiveCycle Watched Folder.

            My LiveCycle Workbench process gets triggered by this PDF in watched folder, and it picks this PDF.

            Now in my process I have to extract the username/password from this PDF and authenticate it against LDAP.

             

            I looked for components in Workbench and found SAMLAuthProviderService and it seemed like what I am looking for.

             

            Please suggest a solution for my scenario.

             

            Thanks.

            • 3. Re: How to use SAMLAuthProviderService?
              Jasmin Charbonneau Level 4

              Sorry about that.

               

              I did misread you post.

               

              I think this quick start might be helpful: http://help.adobe.com/en_US/livecycle/9.0/programLC/help/index.htm?content=000446.html#154 8679

               

              I hope this is a better answer

               

              Jasmin

              • 4. Re: How to use SAMLAuthProviderService?
                MoOoDe Level 1

                Alright, so I can use the authentication part of the quickstart Java code to build my own Java component for LiveCycle and use it in my process.

                Thanks.

                But have a look at the attached screenshot. Do you think it could be possible to directly use the QPACK provided in LiveCycle in the Foundation Category, called SAMLAuthProviderService. Is it possible to just configure the properties of this QPACK and use it to authenticate the username/password, taking advantage of LiveCycle's built-in capabilities instead of creating my own Java component to do so?

                 

                authenticateComponent.PNG

                • 5. Re: How to use SAMLAuthProviderService?
                  Amit Pugalia Level 1

                  As I see you just want to authenticate username/password in your workbench process(Yes an LDAP user).

                  SAMLAuthProvider service is not meant for plain username/password authentication. The purpose of SAMLAuthproviderservice is to let you authenticate in a scenario where you maintain let say 2 LDAPS, one which acts as a Directory provider(with no password of Users) and another LDAP which acts as Auth Provider for authentication. Basically SAMlAuthproviderService comes into picture when you are referring to Federated Identity.

                   

                  But in your case as I perceieve, all you need is a an authresult from authentication of a user in your process.

                  For that try using BeanShell Script.

                  Here's a sample as to how you can use it in your process,

                  1. Create a process.

                  2. Drag an Activity Picker to the SwinLane.

                  3. Search for a Service named Foundation - > Execute Script

                  4. Provide the following authentication code to the Script as an Input,

                  "

                  import com.adobe.idp.dsc.clientsdk.ServiceClientFactory;
                  import com.adobe.livecycle.usermanager.client.AuthenticationManagerServiceClient;
                  import com.adobe.idp.um.api.AuthenticationManager;

                  ServiceClientFactory scf = ServiceClientFactory.createInstance();
                  AuthenticationManager authenticationManager = new AuthenticationManagerServiceClient(scf);
                  authenticationManager.authenticate("userName","password".getBytes());

                  "

                  5. You can use the username/password as variables in the script above by using PatExecContext(http://kb2.adobe.com/cps/402/kb402587.html)