Saturday, January 10, 2009

LiveCycle Authentication with ColdFusion

Here's a snippet of ColdFusion code that will allow you to athenticate a LiveCycle user using the AuthenticationManagerService service that's shipped with LCES 8.2. You can then use the results to pull the user's oid, userId, full name, etc, from the authenticateResponse.

More importantly, you can use the assertion string to implement SSO with SAML. Once you have the assertion, you can call validateAssertion on the same service to validate the user and get their information. In other words, you can perform the authentication using ColdFusion, and then for example, pass the assertion to your flex app so that you don't force the user to authenticate again.

<cfset username = "administrator">
<cfset password = toBase64('password')>

<cfsavecontent variable="xml">
<SOAP-ENV:Envelope xmlns:SOAP-ENV="http://schemas.xmlsoap.org/soap/envelope/" xmlns:SOAP-ENC="http://schemas.xmlsoap.org/soap/encoding/" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xmlns:xsd="http://www.w3.org/2001/XMLSchema">
<SOAP-ENV:Body>
<m:authenticate xmlns:m="http://adobe.com/idp/services">
<m:username><cfoutput>#username#</cfoutput></m:username>
<m:password><cfoutput>#password#</cfoutput></m:password>
</m:authenticate>
</SOAP-ENV:Body>
</SOAP-ENV:Envelope>
</cfsavecontent>

<cfhttp url="http://servername:portnumber/soap/services/AuthenticationManagerService?wsdl" method="post">
<cfhttpparam type="cgi" name="SOAPAction" value="authenticate">
<cfhttpparam type="xml" name="authenticateRequest" value="#xml#">
</cfhttp>

<cfset xml = xmlParse(cfhttp.filecontent)>
<cfset assertion = xmlSearch(xml, "//*[local-name()='assertion']")>
<cfoutput>#htmleditformat(assertion[1].xmltext)#</cfoutput>

No comments:

Post a Comment