Versions Compared

Old Version 35

changes.mady.by.user Erik de Rooij

Saved on

compared with

New Version 36

changes.mady.by.user Erik de Rooij

Saved on

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.

...

Currently the server import support two types of authentication: Basic Authentication and OAuth2.

Basic Authentication

Here is an configuration example showing how to configure Basic Authentication. Only a user name and password need to be configured.

...

As of release 2017.02 it is also possible to configure OAuth2 authentication. This functionality has been backported to Stable 2016.02 and 2017.01, however the way to configure this in the older releases differs.

...

OAuth2 Authentication version 2017.02 and later

Code Block
<general>
	<importTypeStandard>wml2_server</importTypeStandard>
    <serverUrl>https://hicws2.vlaanderen.be/KiWIS/KiWIS</serverUrl>
    <!-- <user>username</user> -->				<!-- normally not required for OAuth2 -->
    <!-- <password>userpassword</password> -->	<!-- normally not required for OAuth2 -->
    <oauth2Config>
		<!-- Required: URL from which to receive the access token -->
    	<authUrl>https://hicwsauth.vlaanderen.be/auth</authUrl>
 		<!-- Optional: For proper OAuth2 authentication a client_id and client_secret are required. However in some cases the authentication URL does not require this. 
			 Instead Basic Authentication is required to access the authUrl. Here the user and password fields shown above are required -->
		<clientId>openid client id</clientId>
		<clientSecret>openid client secret</clientSecret>
		<!-- Optional Array: Scope of request -->
        <scope>openid</scope>
        <scope>email</scope>
		<!-- Optional Array: Audience for whom request is intended. Used to validate response. If omitted the clientId and username become are used -->
        <audience>audienceId</audience>
        <audience>audienceId2</audience>
       <!-- Optional: Issuer of the access token. Used to validate response. If omitted the root url of authUrl is used. -->
        <issuer>http://localhost:8080/KiWebPortal/auth</issuer>
       <!-- Optional: A refresh token can be used if provider supports this. -->
        <refreshToken>refresh access token</refreshToken>
	</oauth2Config>
	...
 </general>

OAuth2 Authentication versions before 2017.02

Code Block
<general>
	<importTypeStandard>wml2_server</importTypeStandard>
    <serverUrl>https://hicws2.vlaanderen.be/KiWIS/KiWIS</serverUrl>
    <!-- <user>username</user> -->				<!-- normally not required for OAuth2 -->
    <!-- <password>userpassword</password> -->	<!-- normally not required for OAuth2 -->    
	...
 </general>
<properties>
   <string key="authUrl" value="https://hicwsauth.vlaanderen.be/auth" />
   <string key="issuer" value="http://localhost:8080/KiWebPortal/auth" />
   <string key="clientId" value="id...." />
   <string key="clientSecret" value="*****" />
</properties>

WaterML2 IdMap configuration

...