xWeb: Authenticate User Sample

This article provides a game plan for how, from an external non-eWeb site, you can authenticate a user in NetForum using xWeb. This solution assumes that NetForum is the main repository for usernames and passwords.

Limitations

This is not a single sign on solution. If you also have an eWeb site, this solution will not log the user into eWeb. If you are looking for a single sign on solution, then another approach must be taken.

This solution assumes that your program can work with XML, Web Services, and SOAP.

xWeb Configuration

Ensure that xWeb is configured correctly.

xWeb Web Methods

You will need to call a series of three xWeb web methods and call them sequentially. For more on these methods, see the links below.

Authenticate

First, call the xWeb: Authenticate method by passing a username and password for your application. This is NOT the username/password of the member/user. The username and password will be supplied by Abila. In the response you will get an AuthorizationToken in the SOAP Header in the response.

WebLogin

Next, call xWeb: WebLogin web method. You will pass the login and clear-text password entered by the user/member on your own website. This username/password is different from the username/password you used for your own program in the Authenticate method above. You will also pass an <overrideKey> parameter.

In the SOAP response, you will get a WebLoginResult containing a CustomerKey. In the SOAP Header, you will get an AuthorizationToken back again, which you will pass to the next web method in your SOAP Header.

GetIndividualInformation

Call the xWeb: GetIndividualInformation web method and pass the CustomerKey that was returned in the previous web method.

The response from this web method will return you more information about this individual, such as name, membership, etc.

Membership Information

If you would also like to get membership information, see XWeb: GetQuery Member Information for strategies on how to pull this information using xWeb: GetQuery.