Single Signon for Uluro Web
A new process for Single Signon for the Uluro Web is available. The Single Signon process allows Customers to authorize the access to the New Uluro Web without requiring a User Login.
GetUserSession
In order for the Customer web site to authorize the access without login by requesting a User Session. In order to request the User Session the Customer Web site will make a Web call to the Uluro Web site with parameters.
Input
Adminuser – the administrative User ID
Password – the administrative Password
Account – The account Number of the User
CLID – the Customer ID. This is only necessary if the Customer is not linked to a Web Site (in customer Maintenance).
The parameters may be passed in the URL or within the Data. If the parameters is in the data then it will be encrypted if the request is made using https instead of http.
URL
Using the Customer’s Web site is anycreditunion.estatements.com then the URL will be
https://anycreditunion.estatements.com/scripts/rpweb.dll/GetUserSession
or
http://anycreditunion.estatements.com/scripts/rpweb.dll/GetUserSession
Result
The result will be the web site for the login.
This is controlled by the template session.htm. By default this contains
URL=http://<#vhost>/<#AppName>/Main?SID=<#NewSessionid>
To force https change this to
URL=https://<#vhost>/<#AppName>/Main?SID=<#NewSessionid>
The Customer Web site redirects the end user to this web site.
Example Programs
Obtaining URL for Single Signon from New Remoteprint Web
Perl
==============================================
#!/usr/bin/perl
#
# Test File for Perl
# This file will request a session from the Trans Web Site
#
# REQUIRES PERL VERSION >= 5.6.0
#
use strict;
use warnings;
use LWP::UserAgent; # These modules need to be installed
use HTTP::Request;
use URI::Escape;
my $url = 'https://anycreditunion.estatements.com/scripts/rpweb.dll/GetUserSession';
my $client_id = "9"; # client ID
my $adminuser = "test"; # admin user
my $password = "test"; # admin password
my $account = "3405"; # account number
my $data = "clid=" . uri_escape($client_id);
$data = "&adminuser=". uri_escape($adminuser);
$data .= "&password=" . uri_escape($password);
$data .= "&account=" . uri_escape($account);
my $user_agent = new LWP::UserAgent();
my $request = new HTTP::Request('POST', $url);
$request->content_type('application/x-www-form-urlencoded');
$request->content($data); # add the data
my $response = $user_agent->request($request); # make the request
print $response->content;
========================================
The $response->content will be the URL to send to the user
URL=https:// anycreditunion.estatements.com /scripts/rpweb.dll/Main?SID=[B84A-26D281E-0B65ED]
PHP
==============================================
<?php
/* Test File for PHP
This file will request a session from the Trans Web Site
REQUIRES lib_cURL
*/
$url = "https://anycreditunion.estatements.com/scripts/rpweb.dll/GetUserSession";
$client_id = "9"; // client ID
$adminuser = "test"; // admin user
$password = "test"; // admin password
$account = "3405"; // account number
$data = http_build_query(
array(
'clid' => $client_id,
'adminuser' => $adminuser,
'password' => $password,
'account' => $account,
),
'',
'&'
);
echo $response;
$cURL_call = curl_init($url); // create a cURL object
/*@@@@@@@@@@@@@@@@@@@@@@@
@@ cURL will ignore errors and warnings caused by an invalid/self-signed
@@ security certificate when CURLOPT_SSL_VERIFYPEER is set to "false"
@@
@@ This should only be used when testing with a self-signed
@@ security certificate; it should *NOT* be used in production */
//curl_setopt($cURL_call, CURLOPT_SSL_VERIFYPEER ,false);
/*@@@@@@@@@@@@@@@@@@@@@@@*/
curl_setopt($cURL_call, CURLOPT_POST ,1); // use cURL to send the data as a POST
curl_setopt($cURL_call, CURLOPT_HEADER ,false); // use cURL to send the data as a POST
curl_setopt($cURL_call, CURLOPT_POSTFIELDS ,$data); // the fields to POST
curl_setopt($cURL_call, CURLOPT_RETURNTRANSFER ,1); // store the return value instead of outputting it directly
$response = curl_exec($cURL_call); // make the request
echo $response;
?>
========================================
The $response will be the URL to send to the user
URL=https:// anycreditunion.estatements.com /scripts/rpweb.dll/Main?SID=[B84A-26D281E-0B65ED]
ASP
==============================================
<%@ Language=vbScript%>
<%
' Test File for ASP (VBScript)
' This file will request a session from the Trans Web Site
'
' REQUIRES ServerXMLHTTP Object
'
dim url
url = "https://www3.demoweb9.com/scripts/rpweb.dll/GetUserSession"
dim client_id ' client ID
client_id = "9"
dim adminuser ' admin user
adminuser = "test"
dim password ' admin password
password = "test"
dim account ' account number
account = "3405"
dim data
data = data & "clid=" & Server.URLEncode(client_id)
data = data & "&adminuser="& Server.URLEncode(adminuser)
data = data & "&password=" & Server.URLEncode(password)
data = data & "&account=" & Server.URLEncode(account)
dim data_request
set data_request = server.CreateObject("MSXML2.ServerXMLHTTP") ' create a serverXMLHTTP object
' @@@@@@@@@@@@@@@@@@@@@@@
' @@ The following suppresses the errors and warnings
' @@ caused by an invalid/self-signed security certificate:
' @@ "The certificate authority is invalid or incorrect"
' @@
' @@ This should only be used when testing with a self-signed
' @@ security certificate; it should *NOT* be used in production
'data_request.setOption(2) = 13056
' @@@@@@@@@@@@@@@@@@@@@@@
data_request.open "POST", url, False
data_request.setRequestHeader "Content-Type", "application/x-www-form-urlencoded"
data_request.send(data) ' make the request
dim response
response = data_request.responseText
Response.write response
set data_request = nothing
%>
========================================
The response will be the URL to send to the user
URL=https:// anycreditunion.estatements.com /scripts/rpweb.dll/Main?SID=[B84A-26D281E-0B65ED]
0 Comments