Skip to main content
Skip table of contents

Basic Authentication

Core Concepts

When using Basic Authentication, clients include authentication credentials (user name and password) in each request in the "Authorization" Header.

In order to use Basic Authentication, the service must have a HAKOM ACL database configured.

Users must then be configured and granted access to the service by configuring their password and assigning roles.

Enable Basic Authentication

It is now possible to deactivate Basic Authentication separatelly. For this purpose the following setting has been added to the HAKOM.Config:

XML 
<HAKOMConfiguration>
    <products>
        <WebTSMServices>
            <Authentication>
                <IntegratedIdentityProvider>
					<Enabled>true</Enabled>
                    <EnableBasicAuthentication>true</EnableBasicAuthentication>
                </IntegratedIdentityProvider>
            </Authentication>
        </WebTSMServices>
    </products>
</HAKOMConfiguration>


If <EnableBasicAuthentication> is set to "true", authentication via Basic scheme is possible. If set to "false" Basic authentication is no longer possible. If this setting is not available in the HAKOM.Config, authentication via the Basic authentication scheme is enabled by default.


For authentication using the Basic scheme, the integrated identity provider has to be enabled!

Configuring Users

In the table ACL_USER, add an entry for the user (fields which are not relevant for authentication have been omitted in this example):

PASSWORD

OSUSERNAME

E76A1CF8AC791CA9A7AF62397E058D0F4F90B7BC66556D672331D0CDE3366813Max

A SHA-256 hash of the password must be stored in uppercase and hexadecimal format.

There are several tools available online and offline for generating hashes from passwords.

Assigning Roles

Find the user you would like to assign a role to and copy its ID.

For some operations (deletions, etc.) users must be assigned a special role called "Administrator". This role should already be present in the table ACL_ROLE.

Find the entry and copy its ID.

Now, create an entry in ACL_USERROLE that maps the USER_ID to the ROLE_ID.

Let Users Change their Passwords

In practice, it might be advisable to assign users generated passwords, then inform them to change it themselves. This can be done using the

CODE 
PUT /auth/providers/hakom/users/{ID|name}/password

endpoint. For more information, point the users to Open API Reference


JavaScript errors detected

Please note, these errors can depend on your browser setup.

If this problem persists, please contact our support.

Contact Support Close