Form Based Authentication for WebSphere Portal
I have been meaning to post about this for a few weeks now but have been flat out on some great wins for ISW. A cou[ple of great Portal wins and a couple of new Connections sites. (I might post about these shortly).
One of the methods of authentication with WebSphere Portal is Form Based Authentication. This is effectively where the client/user connects to the Portal login page and automatically enters the user name and password into the appropriate fields and then "POSTS" the form. This triggers the authentication and logs the user on.
The reason why we were looking at this is we were trying to get SearchBlox working for a client that was interested in using it to index and search their WebSphere Portal. SearchBlox is quite similar to the Google Mini search appliance in that it only support Basic HTTP Authentication and Form Based Authentication (Google Search Appliance offers a number of other means of authenticating over and above these).
So to test Form Based Authentication out with Websphere Portal I initially thought I would create a simple Widgit in my Notes client sidebar. To configure the widgit you simply create a web page widgit and choose the Form Option (HTTP Post). The widgit wizard then loads the page and you choose the logon form and enter the appropriate field values for the username and password. This works a treat and delivers a simple Widgit that will take you to the portal and log you on via Form Based Authentication. Nice!
So having done that and showing that WebSpere Portal does support Form Based Authentication I figured it should be simple to get it going with Searchblox. And it should have been! When you configure Searchblox you point it to the logon page, specify which fields to use, and provide the username and password for the fields. Simple really! But this is where I went slightly wrong.
I made the mistake of pointing the Form URL to the Portal login page. I ran the indexer and all I would get was about 4-5 pages indexed. These were the pages off course that were unauthenticated pages. Searchblox wasn't getting authenticated. After messing around for a few hrs I just couldn't figure out what was going on. Then it came to me! Off course I was pointing to the Portal Login Page which was wrong. I should have been pointing to the Login Form in the Login Portlet!
Using Firebug you can drill into the source of the Portal Login Page and find the Form URL that you need to use. As you can see in this source code the Form URL is available. Once I realised this I updated the Searchblox settings to use this URL for the Form Based Authentication URL and ran the indexer again. Off it went, logged into the site, and indexed the entire site successfully!