calling agent from XPages - login form appears

0
votes

I am calling an agent from an XPage via SSJS:

importPackage(java.net);
importPackage(java.io);

var protocol = context.getUrl().getScheme();    
var host = context.getUrl().getHost();
var url = protocol + "://" + host;
var path = env["dir_path"];
var dbName = datasource["db_app_filepath"];
var agentRef = "response?OpenAgent";
var paramName = "custId";

var urlAgent = url + "/" + path + dbName + "/" + agentRef;
var agent:URL = new URL(urlAgent);
var agentConnection:URLConnection = agent.openConnection();
var inputReader:BufferedReader = new BufferedReader(new InputStreamReader(agentConnection.getInputStream()));
var res:String="";
while ((inputLine = inputReader.readLine()) != null) {
    res+=inputLine;
}
print("value form agent = " + res);

The agent just returns a simple string:

Option Public
Option Declare

Sub Initialize
    Dim session As New NotesSession
    Dim creator As String
    creator = session.EffectiveUserName
    Print "Hello World " + creator
End Sub

But in the print statement in the console I see that the login form is presented.

If I access the agent directly in a browser window I get as example returned:

Hello World CN=§Unrestricted §Signer/OU=System/O=ACME

This is the username which I have set in the Run on behalf of property in the agent.

On the XPage I am already authenticated.

Should I provide the credentials in my call or?

The idea behind the code is that I want to check if the user is not creating double entries for a type of object. The objects (Notes documents) have Readers restriction so user X may not see user Y's entries.

2
javaxpagesxpages-ssjs
The backend SSJS code is calling the agent as anonymous and is therefore authenticated. So either allow the agent to be run as anonymous or provide credentialsPer Henrik Lausten
do you really want to call it via HTTP?Frantisek Kossuth
@FrantisekKossuth my code has not left my dev environment...Patrick Kwinten
@PerHenrikLausten how can I include the credentials?Patrick Kwinten
@PatrickKwinten yes, sessionAsSigner can work assuming the signer has the necessasry read access. Otherwise you can use sessionAsSignerWithFullAccessPer Henrik Lausten

2 Answers

3
votes

ODA has a method for this purpose and if you use the native server session, it should have access - if the server doesn't have access, you'll have a bigger problem at some point with your application.

Factory.getSession(SessionType.NATIVE).getDatabase(filePath).getView("myView").checkUnique(key, Document)

checkUnique() takes an object of the key(s) in the view to check against uniqueness, and the current document. Obviously if a user re-saves a document, it will be unique in the view, so you don't want to throw an error. Similarly, if the keys can be changed, just performing the check on creation will not prevent uniques.

0
votes

You do need to provide credentials if you want to call an agent via http(s). You could do this using the https://username:password@restofurl format. Of course that’s a headache to maintain.

Update Verify what gets stored in the log. A Browser would convert that syntax into a Basic Auth header and a normal URL. In Java you might need to create that header yourself. /Update

The alternative that might work for you: since your browser is authenticated, use an Ajax call from the browser to trigger the agent.

Try that if sessionAsSigner isn’t the user you want to run with.

Of course: don’t do agents is best. You could have a managed bean that creates its own server.id based session.