Setting up Forms authentication with SmartHybridRealm in OpenEdge 12.2

Overview

Setting up Forms authentication will require you to do the following

  • Modify oeablSecurity.properties

  • Create keystore file

  • Configure .restapplicationsettings

  • Users in SmartFramework Backoffice application

oeablSecurity.properties (webapps\ROOT\WEB-INF)

The following describes the changes between a PASOE instance configured for SmartComponent Library development and a “vanilla” PASOE just created with “%dlc%\servers\pasoe\bin\tcman create -p 47321 -P 47322 testpas”.

Enable oerealm

http.all.authmanager=oerealm

Enable forms authentication

client.login.model=form

Configure Keystore

OEClientPrincipalFilter.registryFile=ABLDomainRegistry.keystore

This file needs to be generated. It is stored in the conf folder of the PASOE instance (not in webapps).

See on how to do that.

Set client principal domain

OEClientPrincipalFilter.domain=testdomain

Set client principal token expiration

OEClientPrincipalFilter.expires=28800

Set client principal to include session id

OEClientPrincipalFilter.ccid=true

Set user domain

OERealm.AuthProvider.multiTenant=false

OERealm.AuthProvider.userDomain=testdomain

Enable SmartHybridRealm class

OERealm.UserDetails.realmURL=internal://nxgas

OERealm.UserDetails.realmClass=Consultingwerk.Web2.SmartFramework.Authentication.SmartHybridRealm

Create Keystore file

This requires two steps to be performed.

See Progress Knowledgebase - How to configure OERealm authentication with PASOE on OE 12.2 description below “Create a domain registry file for the webapp”.

Edit Domain registration file

  • Create a text file called “domreg.csv”

  • Add the following line:

testdomain,test12345
  • Adjust “testdomain” to match your login company

Create keystore file

Execute gendomreg domreg.csv ABLDomainRegistry.keystore and copy the keystore file to the conf directory.

.restapplicationsetting

Change the following poperties:

"clientPrincipalSeal": "test12345",

This must match what was used when generating the keystore file.

"DefaultAuthenticationDomain": "testdomain",

Users in SmartFramework Backoffice application

Login Company

Make sure the “Multi-Tenancy Domain” matches what you used in the configuration so far (testdomain in that sample):

User Security ID

Make sure to set a User Security ID. This needs to be a unique positive integer.

With this configuration, the demo user should be able to login as:

demo@testdomain