2 Replies Latest reply on Feb 9, 2016 7:00 AM by pcrownov

    Opensearch; authentication and users

    pcrownov

      I am trying to configure Opensearch within Jive to use our internal search application which I have already recoded to enable atom and rss responses. The issue I am running into is whenever I try to "test" the service I am getting a message that it was "unable to fetch stream from url". The sbs.log says it is hitting a 408 (Timeout) but this is happening almost immediately which seems odd to me, and my server says it is responding with a 303 (Redirect) to the SAML login since Basic failed. My only thought is that Jive isn't passing the authentication to the server, which I have verified by looking at the headers coming into the service when I make the "test" request from jive. I have put in the authentication credentials in the opensearch configuration screen, but the column titled "Requires Authentication" is set to "No" and I am thinking that it needs to be "Yes" before it will ever send them. I was looking through opensearch spec but cannot find any xml tag that would set that value to true so was wondering if someone knew what field I am supposed to specify in the opensearch.xml to force authentication from Jive?

       

      I also was wondering if it is possible to send the user's account or id through to the opensearch server as I have to key off of that to provide results specific to each user. I can work around this if that isn't possible but if someone has any experience doing this or can point me in the right direction I would appreciate it! Thanks for any help!

       

      Tagging Ryan Rutan since I am sure he either has worked with this or knows someone who has

        • Re: Opensearch; authentication and users
          mcollinge

          We use opensearch for Product results on our site. We extended the base class (OpenSearchEngineImpl.java) to allow us to substitute in extra things into the URL. Out of the box it looks like it supports;

           

          {searchTerms}

          {startPage}

          {startIndex}

          {indexOffset}

          {pageOffset}

          {count}

          {language}

           

          {custom:userName}

          {custom:passWord}

           

          However, these last 2 are marked for use with the Lunatech Confluence OpenSearch plugin.

            • Re: Opensearch; authentication and users
              pcrownov

              Hey Matt, Thanks for the reply!

               

              Are the username and password you are specifying here for the user that is making the search request, or so that the system can authenticate to the api endpoint? or both I guess.. To clarify what my setup is, I have a user that is the single login point from Jive to our OpenSearch provider and then the searching user's username is appended onto the api call being made. So I thought the authentication in the OpenSearch setup in Jive would pass the credentials for that login, and then modify the api call it is making to pass the username only.

               

              It looks like what you are saying is at the least I need to create a plugin to modify OpenSearch to allow for the username to be appended to the API, and possibly also enhance it so that the username and password for authenticating to the API are actually used.