Content Porter uses Basic auth to communicate with the ImportExport service. This means the federated security approach will not work.
Luckily, we have the Basic Authenticator that exposes the ADFS authentication as a basicHttp endpoint. Using this endpoint, the authenticator creates a new security principal and sets it in the current Thread and HttpContext.
As such, Content Porter works again out of the box:
For the Basic Authenticator to intercept requests for the basicHttp endpoint, I defined a regular expression that is matched against the URL of the request:
The expression above matches all requests to:
Luckily, we have the Basic Authenticator that exposes the ADFS authentication as a basicHttp endpoint. Using this endpoint, the authenticator creates a new security principal and sets it in the current Thread and HttpContext.
As such, Content Porter works again out of the box:
For the Basic Authenticator to intercept requests for the basicHttp endpoint, I defined a regular expression that is matched against the URL of the request:
<add key="BasicAuthPath" value="(?i)/templating/.+\.asmx|/webservices/(core|importexport)service\d{4,6}\.svc/(streamdownload_basichttp|basichttp|script(?!/js))|/wflistener/wflistener\.asmx|/webdav|/monitoring/tridionmonitoringagent.asmx"/>
- /templating/ folder, and files that end with .asmx extension. These are the services AssemblyTemplateUploadWebService.asmx and CompoundTemplateWebService.asmx
- CoreService and ImportExportService under /webservices, and files that end with extension .svc, followed by either:
- streamdownload_BasicHttp -- used for streaming binaries to/from a webservice
- basicHttp -- exposes Basic authentication to the webservice
- script, perhaps followed by /js -- exposes the services as web GET method of a REST API
- /wflistener/wflistener.asmx -- old style Workflow listener webservice
- /webdav -- exposes WebDAV to Basic auth
- /Monitoring/TridionMonitoringAgent.asmx -- allows access to the Monitoring Web Service
Comments