ibm-connectionsibm-sbt

Connectons API: Posting on behalf of others / Impersonation

I'm currently implementing a solution, where an external tool is making posts to the Connections API. These calls are made via basic authentication with a service account configured in the external tool.

However, I need the posted content in Connections to appear as posted by another user than the service account (users ids/emails are known to the external tool). Is there any way, the service account can post on behalf of others/impersonate users when posting to the API?

Solution

  • You need to add support for your the external user account to the right websphere roles

    These Application / Roles are: WidgetContainer trustedExternalApplication, admin

    You can follow this article to set it up on your system.

    In order to give a user administrative access to widgets, we can assign some privileges to one of the users - fadams.

    You need to start the deployment manager on the quickstart.

    Connect to the system via SSH sudo /etc/init.d/ConServer_DM_was.init start

    Navigate to https://${HOSTNAME}:9044/ibm/console/login.do?action=secure Enter User ID : wasadmin Enter Password : lcsecret Click Login

    Expand Applications > Application Types Click on WebSphere Enterprise Applications

    Select one of the Applications (from the table)

    Application Role Homepage admin WidgetContainer trustedExternalApplication admin Communities widget-admin admin Profiles admin

    Click on Homepage

    Click on "Security role to user/group mapping"

    Select One of the Roles (Admin)

    Click Map Users

    Enter Search String - fadams Click Search Click the Right Arrow Click Ok

    Click Ok

    Click Save

    Repeat for Each Application and Each Role in the Table Above

    ....

    Click System Administration on the Left Click on Nodes Check localhostNode01 Click Synchronize

    The Servers are now synchronized with your updates to the roles.

    Click Servers > Server Types > WebSphere application servers Check conServer Click Restart

    Once you see the Green arrow again, the connections server is fully restarted

    Navigate to https://${HOSTNAME}:444/homepage Login as fadams with your password

    You should see administration on the left side of your connections instance

    http://www-10.lotus.com/ldd/appdevwiki.nsf/dx/How_to_update_the_quickstart_to_support_Widgets