12 Replies Latest reply on Jan 3, 2017 6:19 PM by gordon_sorensen

    Basic authentication for RSS Feeds

    pradeepgm

      Hi,

       

      Anyone enabled basic authentication for Jive RSS Feeds. We have a requirement where in we need to consume Jive RSS Feeds (public and restricted community feeds but only with authentication) outside the Jive application.

       

      When I checked it there is no way to consume RSS Feeds other than the delegated authentication, wonder how others are consuming it.

       

      Pradeep GM

        • Re: Basic authentication for RSS Feeds

          The last time I checked, I'm pretty sure Basic Auth works on the RSS Feed endpoints.  It's not ideal/recommended, but I just tested this against our own Jive Community and it works as expected.  When trying to access a protected feed anonymously it fails...when passing in Basic Auth creds it returns expected output.

            • Re: Basic authentication for RSS Feeds
              pradeepgm

              Please check it against a plain Jive instance with basic authentication or SSO enabled instance. It is not working and we have been told that it is not supported. The only available authentication mechanism for RSS Feed is Delegated Authentication.

               

              RSS feed does not work on the same authentication method as the API, the authentication token system is not the same  - the RSS feature is much older than the V3 API - our only supported OOTB method for the implementation that you are looking for is DA.

               

              As noted above, the only authentication configuration currently supported for allowing an externally accessible RSS feed from a system with SAML SSO implemented is the Delegated Authentication method.

                • Re: Basic authentication for RSS Feeds

                  Pradeep,

                   

                  Apologies.  Apparently our Support customization has probably added HTTP Basic to the Feed urls (I was not aware of this alteration, and hence my misperception) , as I tried it on our cloud sandbox and it doesn't work as you pointed out.

                   

                  Unfortunately, the only work-around I can think of is to create a conversation utility that runs a query against the V3 API and doing some JSON to RSS conversation.  Perhaps something in this thread would help? Re: Have you heard of the jq command line tool for JSON parsing?.  If you could invoke the call, and then output the results to an RSS format, you could put the files generated into a cache/static folder and enable that with a cron job.

                   

                  Hope that helps, but without some sort of translation, I do not see a way to get at this data in the RSS format.

                    • Re: Basic authentication for RSS Feeds
                      pradeepgm

                      OKay,

                       

                      We used to have this supported in 4.5 versions. Somehow it is missing now, don't know why. But we do have a settings in admin console

                       

                      pastedImage_1.png

                       

                      Can't it be enabled with some filter configurations? We just need to bypass it from default filter chain and filter it through community feed string

                       

                      <security:filter-chain pattern="/community/feeds**"

                                      filters="nodeFailoverTestModeFilter, pluginPreFilterChain, securityContextPersistenceFilter, pluginPostSessionContextFilterChain, rememberMeProcessingFilter, basicAuthenticationFilter, exceptionTranslationFilter, partnerUserCheckFilter, contextOptimizationFilter, termsAndConditionsAcceptanceFilter, pluginPostFilterChain"/>

                                                                                                                                                                   

                      <security:filter-chain pattern="/community/feeds/**"

                          filters="nodeFailoverTestModeFilter, pluginPreFilterChain, securityContextPersistenceFilter, pluginPostSessionContextFilterChain, rememberMeProcessingFilter, basicAuthenticationFilter, exceptionTranslationFilter, partnerUserCheckFilter, contextOptimizationFilter, termsAndConditionsAcceptanceFilter, pluginPostFilterChain"/>

                       

                      Any thoughts?

                        • Re: Basic authentication for RSS Feeds
                          pradeepgm

                          Hi Ryan Rutan

                           

                          As mentioned above, is it possible to enable it through some filter configurations?

                           

                          Pradeep GM

                            • Re: Basic authentication for RSS Feeds
                              hymavathi

                              Hi Pradeep,

                              were you able to find a solution for this?We are also having the same issue. Could you please let me know.

                                • Re: Basic authentication for RSS Feeds
                                  pradeepgm

                                  Yes, add below filter chain to your spring security filter

                                   

                                  <security:filter-chain pattern="/community/feeds**"

                                                  filters="nodeFailoverTestModeFilter, pluginPreFilterChain, securityContextPersistenceFilter, pluginPostSessionContextFilterChain, rememberMeProcessingFilter, basicAuthenticationFilter, exceptionTranslationFilter, partnerUserCheckFilter, contextOptimizationFilter, termsAndConditionsAcceptanceFilter, pluginPostFilterChain"/>

                                                                                                                                                                              

                                  <security:filter-chain pattern="/community/feeds/**"

                                      filters="nodeFailoverTestModeFilter, pluginPreFilterChain, securityContextPersistenceFilter, pluginPostSessionContextFilterChain, rememberMeProcessingFilter, basicAuthenticationFilter, exceptionTranslationFilter, partnerUserCheckFilter, contextOptimizationFilter, termsAndConditionsAcceptanceFilter, pluginPostFilterChain"/>

                                    • Re: Basic authentication for RSS Feeds
                                      gordon_sorensen

                                      Pradeep Kumar Ryan Rutan - Noticed this thread and wondering if it will apply to my challenge (warning: I am not  a tech person but trying to find a solution for a member of our web team to implement; worse yet, I'm in the marketing group ).

                                       

                                      Our Jive cloud instance provides both public and private communities. Our private comms are accessible only to our support customers, and we have SSO set up so they can access these private communities with the credentials they also use on our support site. We are making some changes to our support site, and want to pull certain community content in via RSS feeds, in particular the tagged feed and ideas feed.

                                       

                                      The script my colleague developed uses log in credentials I created specifically for this purpose to access our community site, but the script is still unable to authenticate into the site. I changed the Basic Authentication setting to Required found at Admin console>System>Settings>Feeds and still no luck. Not even sure if that has any impact.

                                       

                                      Is this possible to do thru an RSS feed (I hope)? Do we need to go thru an API call?

                                       

                                      Thanks for any help either of you can provide.

                                        • Re: Basic authentication for RSS Feeds

                                          Gordon,

                                           

                                          If your site is using an SSO provider, then Jive cannot be establish authoritative access for usernames/passwords that it doesn't have direct control over.  If you wanted to try this out, you'll need to:  create a standard account in Jive (non-SSO), permission it accordingly and use those credentials to access the RSS Feed.   Note, I would refrain from just sending username/passwords in the HTTP Basic header that is visible to clients, but rather putting some sort of proxy or abstraction in play to keep the credentials protected on the server side.

                                           

                                          Hope that helps,

                                           

                                          RR

                                          1 person found this helpful
                                            • Re: Basic authentication for RSS Feeds
                                              gordon_sorensen

                                              Thanks, Ryan -- appreciate your response. I will try the approach of using a standard account in Jive. But a couple related questions:

                                              1. "Permission it accordingly" - by that assume you mean give it access to the customer only communities by associating that standard account with that permission group.

                                              2. How will the standard account in Jive get around interacting with our SSO? Due to the fact that it goes in programmatically vs the log in process?

                                               

                                              BTW - am pretty certain we are abstracting the credentials.

                                               

                                              thanks again.