I'm building a web application that will have access to PeopleSoft's database via jdbc.
Is it possible that I can use PeopleSoft's id/password for my custom application, so users accessing my website will not have to have another username/password?
Peoplesoft stores user details in the table PSOPRDEFN.
You will be able to verify the username against: PSOPRDEFN.OPRID.
The password field is: OPERPSWD.
Unfortunately the encryption function used for this field: hash() is available only from within peoplecode.
If you want to use a single sign on you should be able to do so by customizing the USERMAINT.gbl component perhaps in the saveprechange peoplecode, to save the password in a second field of your choice with an encryption algorithm that you can implement from JDBC as well.
If you want to reuse PeopleSoft security, you'd need to connect at a higher level than JDBC straight into the database. You could look at a component interface (codeable in Java) or send a SOAP message into PeopleSofts Integration Gateway - both methods would authenticate you against peopleSoft using its own security mechanisms.
The old way was to customize psuser.c to your needs and recompile as a new dll, used it your program, assuming you're on a Microsoft platform. As mentioned above, you could have a peoplesoft developer create a component interface ( or use the one that is delivered ). You can export wrapper Java or C/C++ code from a CI, a template. This code can then be used in an external program to call the CI. one way or the other, you have to interface with peopletools to call their decrypt for passwords.
Depending on how dynamic your business is, whether you add lots of employees each day, you could export psoprdefn using app messaging to another database. On the send, you could encrypt passwords however you like. But as you can surmise, this would not be real-time.
One thing I remember doing long ago was have a peoplesoft tech person develop a page the sole functionality of which was to call my java class and which obtained user/pswds as needed. Once I had them, I was good to go.
You can use the psjoa.jar , in that way you can signon via app.server using the same users and passwords in the psoprdefn table.
PeopleSoft has an LDAP integration ability but it has to be configured. If you are accessing via a Java wrapper around a component interface, a special account can be set up in PeopleSoft with access only to the underlying component, but the login/password would have to be passed into the component interface. This can be encrypted or sent over https.
PeopleSoft also has what it calls "row level" security - the ability to partition data sets so that for example your code could only access employee data within a specific business unit or accounting info for a particular line of business. This is all controlled within the PeopleSoft online security application.
Related
We'd like to allow our users to make changes to our ERP (only very limited conditions) from within the smartsheet. Is there a way to add a web service call based on changes to a cell?
It's certainly possible to do what you've described (provided, of course, that your ERP supports inbound web service calls to update data there).
If you're wanting to do this programmatically (i.e., by writing a script in Python or any other supported language), you can use the Smartsheet API to create one or more webhooks that will monitor Smartsheet for the type of changes you specify, and send your integration notifications when those events occur. Your integration would then listen for those inbound event notifications, and when they are received, it would programmatically issue the appropriate web service call(s) to update data in the ERP.
It's also worth mentioning that, depending on what ERP you're using, it may be possible for you to accomplish your goal without having to write any code. If you're interested in exploring the feasibility of that approach, I'd suggest you check out products like Zapier, Power Automate, etc. to see if they offer a connector for Smartsheet and your ERP. You may also want to check out the Smartsheet Connectors and Integrations page to see if there's a connector for your ERP listed there.
I have some tables from Postgres database to be integrated into Salesforce as external objects. I went through some video tutorials and documentations where I was recommended to use Salesforce Connect which supports providers with "OData" protocol support. Is it possible to integrate Postgres tables into Salesforce as external objects without Salesforce Connect?
Thanks.
Be careful with the phrase "external objects". To me, the use of those particular words implies the specific implementation of external data access/federation delivered with Salesforce Connect. I don't believe that there is any alternative if your goal is to create "real" external objects (named "objectname__x") within Salesforce.
There are, though, Salesforce integration solutions from the likes of Progress, Jitterbit, Mulesoft, and Informatica and others that can be used to access PostgreSQL, with varying degrees of coding being required. You won't get "external objects", but you will be able to access data residing off-cloud in a PostgreSQL database from your Salesforce system.
Hope this helps.
Currently the way to integrate data from external storages (Postgres in your case) without Salesforce Connect is implement your custom logic for synchronization using REST or SOAP API, Apex classes and triggers, Salesforce Workflows and Flows. Also you will need to implement appropriate interfaces on side of your data storage. Complexity of all these steps depends on complexity of your existing data model and infrastructure around it.
I have a newmips app (on the Cloud) and I want to interact with my data. The only interaction I found in newMips was a data export to CSV or Excel (for the import I think I should go to the studio).
I need to display my data with the tools I developed on my web site (PHP).
Is there a CRUD (or at least a read) in a REST standard (or not)? Or is it possible to know the database connection that will give me access to my data tables ?
Newmips natively exposes REST API services on all entities managed.
To use it, you must define a client account (with role / group) in API credential menu of authentification module (use drop-down list on left of the editor to access it).
Documentation of your application API is auto-generated and can also be accessed in authentification module.
Note. There is no other tools yet available (except export features) to retrieve data.
I am working on an application where I need to setup identity server 4. I have an api as resource. and a web forms application as client.I have few roles like teachers, students, parents in my database. How can I use this custom database and perform authentication and authorization without using identity?
Please suggest.
From your other question here I get a better idea of what you want.
I think one solution for what you want would be to setup identityserver4 in a seperate project with its own seperate database. I noticed the tag identityserver3, but I think it is quite safe to go for identityserver4. It shouldn't make a difference for the client/user since they are conceptually compatible.
1) Give your application a client/secret (which you configure in identityserver) in order to identify your application and grant access to the resource api. Here is some information: http://docs.identityserver.io/en/dev/quickstarts/1_client_credentials.html
You'll only need to configure one client to protect your resource from the outside. The only way to access the resource api is through your application, since your application is making the actual calls. This is also the drawback, you cannot expose the token to the outside world.
Since your client isn't the actual user, you'll need to identify the user. You can use any mechanism based on your current model as you like. A simple user/pass (with or without asp.net identity) could be enough to determine the roles. But please keep in mind that your application has full access to the resource api.
2) However, since identityserver is available, why not use it? Why don't you want to use the identitymodel? I think you should consider to seperate the identity information and your datamodel. Your datamodel shouldn't be aware of the security. And the security has nothing to do with your datamodel.
When you create a seperate database for identityserver you have one place to configure the identity users. All you need is a reference (sub) to the user in the datamodel. http://docs.identityserver.io/en/dev/quickstarts/2_resource_owner_passwords.html
Add claims or roles and everything is in place and you'll see there is no need to keep identity data in your custom database. The structure of your custom database stays intact, including the user table but without the identity data.
I think this is a safer solution and considering the good documentation and sample projects it may even turn out to be a quicker solution.
I want to keep things as simple as possible and I don't want a complicated security mechanism. Basically I need for a user an ID and an e-mail address and I really don't want to bother about other things. Also, I was a minimum overhead in terms of security (if there is anoter provider who can do it for me, that's even better).
What is the simplest way to do this? I was thinking about incorporating LiveID or OpenID by I don't know what are the advantages/disadvantages.
I am working with the Azure SDK.
If you use the Windows Azure Access Control Service, you can basically outsource all identity management. Take a look at the Windows Azure Platform Training Kit - there's a lab called "Introduction to the AppFabric Access Control Service 2.0" that will get you up and running quickly. Currently, you can choose any combination of the following identity providers:
WS-Federation
Facebook
Windows Live ID
Google
Yahoo!
"Simple" for whom?
The simplest strategy for you would probably be to use ASP.NET's standard SQL-based authentication provider. You just run a script against your database to set up all the tables, and then you use ASP.NET's built-in utility methods to authenticate. Give your user-specific tables a foreign key reference to that user's ID, and you're good to go. We've done this, and never had any trouble with it. It's a tried and well-used system, so you know you won't be introducing any security invulnerabilities by hacking your own solution together. (see SqlMembershipProvider vs a custom solutions)
If you want something simple for the user, then an OpenId solution would be my pick. Set up something like StackOverflow has, where you can let users choose an account from a number of trusted providers to allow them to log in. From the user's perspective, it's really nice not to have to remember one more username and password for one more site.