Status: Open
Status: Answered
Status: Closed
Status: Duplicate

REST URL Authentication within Content Server while using WebReports

Posted Dec 04 by Mahesh Pinnamaneni.


I have CS10.5 U2014-09 (configured for Windows Auth) and planning to have multiple REST calls in a WebReport to display the info. Since I have already authenticated in CS via Windows Auth and how can I get the ticket so that I can pass it to multiple REST calls.


1 Answer

BEST ANSWER: As chosen by the author.

I suppose that you generate JavaScript code using the REST API by a WebReports tag or by other means. When you do that, add a JavaScript statement exposing the LLCookie on the page and use the value for the OTCSTicket header when performing the AJAX calls.

The CS REST API does not perform any automatic authorization based on cookies to prevent CSRF attacks. The application using the CS REST API is responsible for authenticating the user and making the authorization token available on the pages, which are going to use the REST API.

The CS pages do not make the ticket available today. It may change in the future, but today you either use WebReports to put it there or you can put the needed script to any page as a HTML fragment using appearances.

 You have subscribed and will receive email notifications of updates to this topic. To unsubscribe, uncheck the checkbox.


Related categories

Related tags

Your answer

To leave an answer, please sign in.