Single Signon for Uluro Web

Single Signon for Uluro Web

A new process for Single Signon for the Uluro Web is available.  The Single Signon process allows Customers to authorize the access to the New Uluro Web without requiring a User Login.

GetUserSession

In order for the Customer web site to authorize the access without login by requesting a User Session.  In order to request the User Session the Customer Web site will make a Web call to the Uluro Web site with parameters.

Input

Adminuser – the administrative User ID

Password – the administrative Password

Account – The account Number of the User

CLID – the Customer ID.  This is only necessary if the Customer is not linked to a Web Site (in customer Maintenance).

The parameters may be passed in the URL or within the Data.  If the parameters is in the data then it will be encrypted if the request is made using https instead of http.

URL

Using the Customer’s Web site is anycreditunion.estatements.com then the URL will be

https://anycreditunion.estatements.com/scripts/rpweb.dll/GetUserSession

or

http://anycreditunion.estatements.com/scripts/rpweb.dll/GetUserSession

Result

The result will be the web site for the login.

This is controlled by the template session.htm.  By default this contains

URL=http://<#vhost>/<#AppName>/Main?SID=<#NewSessionid>

To force https change this to

URL=https://<#vhost>/<#AppName>/Main?SID=<#NewSessionid>

The Customer Web site redirects the end user to this web site.

Example Programs

Obtaining URL for Single Signon from New Remoteprint Web

Perl

==============================================

#!/usr/bin/perl

#

# Test File for Perl

#             This file will request a session from the Trans Web Site

#

# REQUIRES PERL VERSION >= 5.6.0

#

 

use strict;

use warnings;

 

use LWP::UserAgent; # These modules need to be installed

use HTTP::Request;

use URI::Escape;

 

my $url = 'https://anycreditunion.estatements.com/scripts/rpweb.dll/GetUserSession';

 

my $client_id = "9";    # client ID

my $adminuser = "test"; # admin user

my $password  = "test"; # admin password

my $account   = "3405"; # account number

 

my $data = "clid="      . uri_escape($client_id);

$data    = "&adminuser=". uri_escape($adminuser);

$data   .= "&password=" . uri_escape($password);

$data   .= "&account="  . uri_escape($account);

 

my $user_agent  = new LWP::UserAgent();

my $request = new HTTP::Request('POST', $url);

$request->content_type('application/x-www-form-urlencoded');

$request->content($data); # add the data

 

my $response = $user_agent->request($request); # make the request

 

print $response->content;

========================================

 

The $response->content will be the URL to send to the user

 

URL=https:// anycreditunion.estatements.com /scripts/rpweb.dll/Main?SID=[B84A-26D281E-0B65ED]

 

PHP

==============================================

<?php

/* Test File for PHP

                This file will request a session from the Trans Web Site

 

REQUIRES lib_cURL

 

*/

 

$url = "https://anycreditunion.estatements.com/scripts/rpweb.dll/GetUserSession";

 

$client_id = "9";    // client ID

$adminuser = "test"; // admin user

$password  = "test"; // admin password

$account   = "3405"; // account number

 

$data = http_build_query(

                array(

                                'clid' => $client_id,

                                'adminuser' => $adminuser,

                                'password' => $password,

                                'account' => $account,

                ),

                '',

                '&'

);

 

echo $response;

 

$cURL_call = curl_init($url); // create a cURL object

 

/*@@@@@@@@@@@@@@@@@@@@@@@

  @@ cURL will ignore errors and warnings caused by an invalid/self-signed

  @@ security certificate when CURLOPT_SSL_VERIFYPEER is set to "false"

  @@

  @@ This should only be used when testing with a self-signed

  @@ security certificate; it should *NOT* be used in production */

//curl_setopt($cURL_call, CURLOPT_SSL_VERIFYPEER ,false);

/*@@@@@@@@@@@@@@@@@@@@@@@*/

 

curl_setopt($cURL_call, CURLOPT_POST           ,1); // use cURL to send the data as a POST

curl_setopt($cURL_call, CURLOPT_HEADER         ,false); // use cURL to send the data as a POST

curl_setopt($cURL_call, CURLOPT_POSTFIELDS     ,$data); // the fields to POST

curl_setopt($cURL_call, CURLOPT_RETURNTRANSFER ,1); // store the return value instead of outputting it directly

$response = curl_exec($cURL_call); // make the request

 

echo $response;

?>

========================================

 

The $response will be the URL to send to the user

 

URL=https:// anycreditunion.estatements.com /scripts/rpweb.dll/Main?SID=[B84A-26D281E-0B65ED]

 

ASP

==============================================

<%@ Language=vbScript%>

 

<%

' Test File for ASP (VBScript)

'               This file will request a session from the Trans Web Site

'

' REQUIRES ServerXMLHTTP Object

'

 

dim url

url = "https://www3.demoweb9.com/scripts/rpweb.dll/GetUserSession"

 

dim client_id ' client ID

client_id = "9"

 

dim adminuser ' admin user

adminuser = "test"

 

dim password ' admin password

password  = "test"

 

dim account ' account number

account = "3405"

 

dim data

data = data & "clid="      & Server.URLEncode(client_id)

data = data & "&adminuser="& Server.URLEncode(adminuser)

data = data & "&password=" & Server.URLEncode(password)

data = data & "&account="  & Server.URLEncode(account)

 

dim data_request

set data_request = server.CreateObject("MSXML2.ServerXMLHTTP") ' create a serverXMLHTTP object

 

' @@@@@@@@@@@@@@@@@@@@@@@

' @@ The following suppresses the errors and warnings

' @@ caused by an invalid/self-signed security certificate:

' @@ "The certificate authority is invalid or incorrect"

' @@

' @@ This should only be used when testing with a self-signed

' @@ security certificate; it should *NOT* be used in production

'data_request.setOption(2) = 13056

' @@@@@@@@@@@@@@@@@@@@@@@

 

data_request.open "POST", url, False

data_request.setRequestHeader "Content-Type", "application/x-www-form-urlencoded"

 

data_request.send(data) ' make the request

 

dim response

response = data_request.responseText

Response.write response

 

set data_request = nothing

%>

========================================

 

The response will be the URL to send to the user

 

URL=https:// anycreditunion.estatements.com /scripts/rpweb.dll/Main?SID=[B84A-26D281E-0B65ED]

 

0 Comments

Article is closed for comments.
Powered by Zendesk