The following example illustrates an OpenEdge client-side code implementation to support SSO for user authentication into the Business Process Server. The code block uses the Connect( ) and GetClientPrincipal( ) methods added to the Progress.BPM.UserSession class for user authentication using a Client-Principal object.
For more information on these methods of the Progress.BPM.UserSession class, see the OpenEdge Development: ABL Reference guide.
DEF VAR plOK AS LOG NO-UNDO.
DEFINE VARIABLE pURL AS CHAR INITIAL "-URL SBMServerDC://<localhost>:18793/".
DEFINE VARIABLE pUserSession AS Progress.BPM.UserSession.
DEFINE VARIABLE retStr AS CHARACTER.
DEFINE VARIABLE tmpStr AS CHARACTER.
DEFINE VARIABLE hCP AS HANDLE NO-UNDO.
DEFINE VARIABLE dac AS CHARACTER INITIAL "oebpm".
OUTPUT TO bpm_client_sealed.out APPEND.
PUT UNFORMATTED "-- bpm_client_sealed.p start -------------------------" SKIP.
/* create a domain registry in code */
plOK = SECURITY-POLICY:REGISTER-DOMAIN ("bpm", dac).
IF plOK
THEN DO:
plOK = SECURITY-POLICY:LOCK-REGISTRATION().
IF plOK
THEN PUT UNFORMATTED "domain registry OK." SKIP.
ELSE DO:
PUT UNFORMATTED "lock-registration() failed." SKIP.
QUIT.
END.
END.
ELSE DO:
PUT UNFORMATTED "register-domain() failed." SKIP.
QUIT.
END.
IF plOK THEN
PUT UNFORMATTED "sealed CP received from BPM Server is VALID." SKIP.
ELSE DO:
PUT UNFORMATTED "sealed CP received from BPM Server is INVALID." SKIP.
pUserSession:Disconnect(TRUE).
QUIT.
END.
IF (plOK)
THEN DO:
PAUSE.
hCP = pUserSession:GetClientPrincipal().
PUT UNFORMATTED
"after GetClientPrincipal() : hCP= " hCP
" session-id= " hCP:SESSION-ID
" login-state= " hCP:LOGIN-STATE
SKIP.
END.
IF (plOK)
THEN DO:
pUserSession:Disconnect(TRUE).
PUT UNFORMATTED "Disconnected from BPM Server OK." SKIP.
END.
DELETE OBJECT hCP.
PUT UNFORMATTED "-- bpm_client_sealed.p end -------------------------" SKIP.
OUTPUT CLOSE.
QUIT.
