ibmi-brunch-learn

Announcement

Collapse
No announcement yet.

Integrated WS with Auth0 and CWWKS1106A log message

Collapse
X
Collapse
 
  • Page of 1
  • Filter
  • Time
  • Show
Clear All
new posts
Previous template Next
  • #1

    Integrated WS with Auth0 and CWWKS1106A log message

    I have implemented new REST services using AUTH0 authentication and the TAI interceptor. I can tell my test token is validating as when it expires after the allotted 3600 secs the service is no longer authorized through AUTH0 and denies a call to it until I refresh the token. However, I am getting log messages on the HTTP server indicating the following: ws.security.authentication.jaas.modules.HashtableL oginModule A CWWKS1106A: Authentication did not succeed for the user ID {This is the Auth0 ClientID)@clients. An invalid user ID was specified. I picked this project up from a team that never fully implemented Auth0 and is no longer around to answer questions so I am hunting for the why. Has anyone had experience with this authorization scenario? I am thinking a user config for the clientid's go missed but where?

    Any help is appreciated.

    Thank you,
    sg
    Tags: auth0, iws, rest. authentication
  • #2
    I've never worked with AUTH0, indeed, never heard of it prior to your post.... I Googled it and found auth0.com -- it appears to be some sort of service that you can use for authentication.

    The way a TAI interceptor works... if the standard basic authentication fails, your TAI interceptor can allow the request, anyway, and provide a proper userid to run under. It sounds like something is going wrong that the userid you're specifying isn't working. It's hard to tell you why that would be when all we know is the error message -- but from your description, you haven't specified an IBM i user profile, but rather are keeping the auth0 userid. You'll need to somehow map it to a valid ibm i user profile.

    IBM has a simple example of a TAI interceptor here:
    Trust authentication interceptor
    https://www.ibm.com/support/pages/trust-authentication-interceptor
    The IWS server has been enhanced in the area of authentication by allowing for the definition of a user-defined authentication mechanism called the trust association interceptor (TAI).


    I love the name "TAI interceptor", it sounds like "TIE interceptor" like Kylo Ren flies.

    Comment

    Previous template Next
    Working...
    X