Anonymization of urls
Procedure for automatic connection and anonymization of urls
This document describes how to authenticate automatically without using the user and pass parameters in the various modules of DigDash Enterprise (dashboards, configuration pages).
The principle is to request, once authenticated, a tokenid allowing during its use to create a new session based on that requested by the current session.
This token allows you to create an automatic session without having to specify the user name and password.
This tokenid is for single use only, the same tokenid cannot be used to create more than one session. To create several sessions, several tokenid are necessary.
Here is the procedure:
- Classic authentication via login page or user login and password.
- REST API tokenid request.
- Use of tokenid in an url allowing to create an automatic session without authentication.
Example:
- Tokenid retrieval through a web service with the following url:
- ex : http://localhost:8080/ddenterpriseapi/DDEnterpriseServlet?user=admin&pass=admin&method=newAuthToken
Use of the method = newAuthToken parameter allowing the return of this url to recover the new tokenid thus generated.
- ex : http://localhost:8080/ddenterpriseapi/DDEnterpriseServlet?user=admin&pass=admin&method=newAuthToken
- Use of tokenid in a dashboard:
- ex : http://localhost:8080/digdash_dashboard/index.html?user=admin&authToken=tokenid
The tokenid parameter is the one returned in step 1.
- ex : http://localhost:8080/digdash_dashboard/index.html?user=admin&authToken=tokenid