Log in with windows credentials (API)

7 posts / 0 new
Last post
BeeandBird
Log in with windows credentials (API)

Hi all!
I'd need to login into Tactic by API using Windows Credentials to authenticate.
This is the scenario:
We set up our Tactic (Ubuntu based server) to recognize Active Directory users.
We have a set of desktop custom tools we are using on client PCs to "talk" with Tactic through its API
We want users to be able, after loggin-in into their windows machines using their ActiveDirectory credentials, to connect to Tactic without having to put credentials again.
What would you suggest to do that?
Thnx in advance,
Vincenzo

oboreo
oboreo's picture
BeeandBird

Hi Oboreo,
in the article you suggest, it assumes you do login into Tactic each time. 

What we really want is to use SSO (Single Sign-On) in the user's credentials. The ones we introduce at the login screen in windows, should be used automatically to login into tactic.

Let's say at the beginning of the day some user gets to work. He logs in into Windows, then opens up our custom UI. This user should not be asked for user id and password again, given they were introduced at windows logon.

In other words: the logon in windows should be enough to give access to the user into Tactic.
Any hint?

Thnx,
Vincenzo

X-jo (not verified)

i would like to know about how to get this done. SSO ie

hus787
hus787's picture

If you want to achieve this through the browser then I don't think it is possible. Well, it is but it would be an overkill, check the ip of the request, then check who is logged in on that IP over the network and get it's username to authenticate.
 
If not, then get rid of the entire active directory authentication on the backend, and simply get the username, (echo %username%) in the custom UI and then authenticate the user.

oboreo
oboreo's picture

Using the Python API, you can use get_ticket(login, password) to get a login ticket from the TACTIC server. And the authenticate method is independent and so you can use Active Directory if you already have that set up in the TACTIC config file.The object that is returned is your login ticket, and so , you can call set_ticket() once and continue to run various API method to access or query the server from then on. This is pretty much a single sign-on. 
# this is modified from the ping.py file found in src/client/examples. 
# assuming you already have the Python API setup as detailed in the developer's doc. 

from tactic_client_lib import TacticServerStub
 19
 20 def main():
 21     # get an instance of the stub
 22     server = TacticServerStub(setup=False)
 23     server.set_project('vfx')
 24     server.set_server('192.168.204.128')
 25     ticket = server.get_ticket('admin','tactic1')
 26     server.set_ticket(ticket)
 27
 28     # start the transaction
 29     server.start("Ping Test")
 30     try:
 31         # print task code and ping the server
 32         print server.eval("@GET(sthpw/task['id','1339'].code)")
 33         print server.ping()
 34     except:
 35         # in the case of an exception, abort all of the interactions
 36         server.abort()
 37         raise
 38     else:
 39         # otherwise, finish the transaction
 40         server.finish()
 
 
 
 
 

 

cargoyle

When I try to run tactic in this manner the script fails to evaluate when I run this line
ticket = server.get_ticket(login, password)
this is the error I get in maya
# Error: line 1: Fault: file C:\Program Files\Autodesk\Maya2017\bin\python27.zip\xmlrpclib.py line 799: <Fault 1: 'get_ticket() takes exactly 3 arguments (4 given)'> #
I knew I had this working a little while ago. but perhaps now I'm missing something.