Hi, I want to make SSO login with identity access managment tool , its possible to do this with Rest Api ? for example within /intranet-rest/auto-login , so I create a new package and in my login.tcl , I have redirect link to iam tool there I put my credentials and then I receive an access token So what do you think how should I redirect the token to PO and how to validate it ? is there special endpoint that receive a token? Its possbile to decode the token and take for example the email or username...
Hi Frank , I have question reagrding my SSO implementation, I create my own package that handle the received token from my oidc client, the structure of packages folder and the tcl code its similar to https://github.com/openacs/auth-cas ,the only difference is in my procs.tcl i add a piece of code that decode the token and validate it so my package already installed I can see my new authority. My Problem now that I received the token in the url of my po timesheet instance but Nothing happen from...
Hi Frank, do you think that i need to add new application under the admin/application or normally when I install my package I will be able to see my Authentication in the list of authentication field ? Do I you missing something? Thanks, Tarek
Hi Frank, thanks for the info. I installed correctly and Iam able to see my package in package manager, I create new authority sso ,but the problem in the Authentication tab Iam not able to see my auth. I only see local and Ldap. I was curious why and I checked in error log because I thought is syntx error in my sso-procs.tcl but there are no errors . Do you know why I cant see my auth? thanks Frank and have a nice weekend. best regards,
Hi Tarek, You need to create a new package and "install" the new package using the OpenACS way. There is documentation about this, please search around in Google. Cheers Frank
Hi Frank, Thanks for your response. JavaScript because we are doing this just for testing. As I understand from your feedback , I need to decode the token and take the user information , for example in that token user inc the email address , with the email address I check if the user in timesheet exist , then I create session for that user, right ? my last questions: for the login I need to create new package , I need to create a tcl file that redirect to my oidc client and the another tcl file that...
Hi! With "timesheet" you refer to ]po[, right? can decode I've recently implemented an OpenID server functionality, and there was no need for any JavaScript at all, this implementation was purely back-end. Just FYI... You obviously need to implement the decoding part yourself. I don't see any major issues. Both TCL and JavaScript should have all crypto libraries available, maybe double-check. decode ... before Don't do anything that breaks security... validate Please see the OpenID specs. There are...
Hi Frank, thank you very much for your response, for the moment we are doing just investigation on how to do it, If we need your help I will let you know. I was looking in Openacs.org there are no openid packae availbe. Another Question Please, we implement a openid client (node js app) and using the library of nodejs openid-client , we try to login to timesheet and riderect to openid provider and then we receive the access token inkl (name, username) from the openID Provider and than the Openid...
Hi Tarek, ]project-open[ does not yet support OpenID. The reason for this is that 99% of all customers are using ]po[ behind their corporate firewall, so that it's integrated with ActiveDirectory/LDAP. However, OpenID does not make sense in this usage scenario. The LDAP integration is available as part of the Enterprise Edition. I believe there is an OpenID integration available as part of OpenACS.org. Please have a look there. Creating an OpenID integration for ]po[ would not be difficult. However,...
<meta http-equiv="Content-Type" content="text/html; charset=utf-8"><meta name="Generator" content="Microsoft Word 15 (filtered medium)"><style><!-- /* Font Definitions */ @font-face {font-family:"Cambria Math"; panose-1:2 4 5 3 5 4 6 3 2 4;} @font-face {font-family:Calibri; panose-1:2 15 5 2 2 2 4 3 2 4;} /* Style Definitions */ p.MsoNormal, li.MsoNormal, div.MsoNormal {margin:0cm; font-size:11.0pt; font-family:"Calibri",sans-serif;} a:link, span.MsoHyperlink {mso-style-priority:99; color:blue; text-decoration:underline;}...
Dear Frank, thank you for the clarification of the situation. Best success for all your activities – Antanas
Hi Antanas, ]project-open[ continues just as before. It's our GitLab server that has some issues with DNS resolution from the "inside" (also VPN) vs. from the outside (you, the Internet) since an update. Meanwhile it's the best to take the source code from the official releases (V5.1.beta on SourceForge). I hope we'll get the GitLab stuff running soon... Cheers Frank
Dear Frank, please confirm or revoke that the Project-Open ended his life as an open source development. If I'm wrong, how to gain access to the gitlab.project-open.net ]po[ repo? BR – Antanas
i have this indicator showing when i login to the system. Sorry i am a newbie and i have just started the installation. invalid command name "im_indicator_home_page_component" while executing "im_indicator_home_page_component" ("uplevel" body line 1) invoked from within "uplevel 1 $component_tcl"
Error saving data on the server side.
Hi Frank, during SSH connection my previous credentials which were used in gitlab.project-open.net are not accepted. Is ]po[ repo access now restricted? BR, Antanas
Hi Antanas, We have hidden the Web GUI of the repo. However, the SSH access to GIT should be working. Cheers Frank
Hello, the repository* has been unavailable for several months till now. What is the reason for this? https://gitlab.project-open.net/ BR, Antanas
Hi Lux, I guess it should be enabled the right way using Workflow... For me it's still a complex thing therefore I did it quick-n-dirty way. Insert an email sending command according to example* into /packages/intranet-helpdesk/www/new.tcl starting from line 717. I did it using acs_mail_lite::send. * https://www.project-open.com/en/troubleshooting-emails-notifications BR, Antanas
Hi Lux, you can add translations by yourself using Translation mode (Developer Toolbar > TRN). Enable/disable Developer Toolbar on http://[YOUR_SERVER]/ds More about it: https://www.project-open.com/en/development-tools-and-environment BR, Antanas
Hello Did you get answer to this question? "If sb. for example in the role of a Employee or customer does the same he can choose for example to notify me, but the E-Mail wouldn't be send." I am having same problem that in incidents mail are sent from a admin user account but not when initiated from employees or customers
Hi. We use ProjectOpen V5. I believe there is an out of box functionality for sending email notifications when a ticket is created in system. In our environment, this is happening when ticket is created with a user profile that has "PO Admin" type .. but not for others such as customers, employees etc. I tried to look for any settings in "Privelege" section under "Parameters" .. but could not find any. Th only thing I noticed is there are options in user settings for "subscribing notifications" I...