Skip to main content
EMS Software, LLC

Portal Authentication Methods

Note: EMS applications do not natively support SAML.You must use our Portal authentication to use SAML.

Server Variable Method (Header Variable)

Server Variable/Header Variable is a collection of variables that are set by Internet Information Server (IIS). 

Applications like SiteMinder create custom server variables for portal site use.

Code example: 

Set the Portal Authentication Method parameter to Server Variable and type the appropriate variable for the Portal Authentication Variable parameter.  Direct users to your EMS Web App Default.aspx page.

Server Variable Method – Federated (SAML)

SAML can be leveraged for authentication with your EMS applications by leveraging our portal authentication method and a service provider of your choosing.

Method 1: Locally installed Service Provider

Using this method, you install a service provider of choice on the webserver hosting the EMS web applications. All traffic is routed through that service provider (typically via an ISAPI filter). This service provider will manage all of the authentication for the user. Once the user has successfully authenticated it will pass an identifier for the user to the EMS application using one of our portal methods. In this scenario typically the Server Variable (Header) method is used.

Steps to Configure, Method 1

  1. Install and configure a service provider on the EMS web server
  2. Set the service provider to protect the specified EMS web applications
  3. Configure the service provider to pass the required user attributes
  4. In EMS configure the EMS Web App parameter “Portal Authentication Method”
  5. In EMS configure the applicable Portal Authentication Variables.

Steps to Configure, Method 2

This method can be common if there is already a server configured with a service provider in your environment, handling authentication for other applications. In EMS you can configure your application to re-direct any login requests to the other server to be authenticated. Once the user is authenticated, the server with your service provider installed sends the user back to the EMS Application with an identifier for the user in the header, or within a cookie. The EMS application reads this header, or cookie value, and leverages portal authentication to sign the user in with the matched credentials.

  1. Install and configure a service provider on the EMS web server
  2. Set the service provider to protect the specified EMS web applications
  3. Configure the service provider to pass the required user attributes
  4. In EMS configure the EMS Web App parameter “Portal Authentication Method”
  5. In EMS configure the applicable Portal Authentication Variables.
  6. In EMS Change the Login URL under Configuration>Everyday User Applicaitons>Web App Menus
    1. Select Login.aspx, Click Edit
    2. Enter in the URL to your Remote Service Provider
  7. Configure your remote Service provider to send the user back to the default.aspx page of the web application that the request originated from.

EMS Configuration

Please reference our Portal Authentication section for further details around the configuration required within EMS. There are a number of different options available. You will need to know the method that the user identifying value will be passed and the name of that value. Other values can also be passed (ie: email address and phone number) to aid in automatic web user account provisioning as well.

Session Method

A session is a way to provide/maintain user state information in an inherently stateless environment.  It provides access to a session-wide cache you can use to store information.

In order to use the session method, set the Portal Authentication Method parameter to Session and type the appropriate variable for the Portal Authentication Variable parameter.  Then you must create an asp.net web page and name it with the .aspx extension similar to the example below.  The asp.net web page created must be copied into the EMS Web App root web directory.  It must be copied there in order for EMS Web App to read the session variable.

You will need to pass through the user’s email address or external reference to your asp.net web page.

Code example in vb.net:

<%@ Import Namespace="System" %>

<script runat="server" language="vb">

            Sub Page_Load(ByVal sender As System.Object, ByVal e As System.EventArgs)

                        Session.Item("EMS Web AppSession") = "test@emssoftware.com"

                        Response.Redirect("Default.aspx")

            End Sub

</script>

Form Method

Forms enable client-side users to submit data to a server in a standardized format via HTML.  The creator of a form designs the form to collect the required data using a variety of controls, such as INPUT or SELECT.  Users viewing the form fill in the data and then click Submit to send the data to the server.

To use the form method, set the Portal Authentication Method parameter to Form and type the appropriate variable for the Portal Authentication Variable parameter.  To create portals through a form, create a web page with a form similar to below.  Once the user logs on through the portal, the form below can be submitted to log the user on to EMS Web App.

Code example in HTML:

            <Form name="form1" method="Post" action=" http://[ServerName]/ EMSWebApp/Default.aspx ">

                        <input type="hidden" id="EMS Web AppFORM" name="EMS Web AppFORM" value="test@emssoftware.com>

                        <input type="submit" value="submit">

</form>

A cookie is a small piece of information stored by the browser. Each cookie is stored in a name/value pair called a crumb—that is, if the cookie name is "id" and you want to save the id's value as "this", the cookie would be saved as id=this.

You can store up to 20 name/value pairs in a cookie, and the cookie is always returned as a string of all the cookies that apply to the page.  This means that you must parse the string returned to find the values of individual cookies.  Cookies accumulate each time the property is set.  If you try to set more than one cookie with a single call to the property, only the first cookie in the list will be retained.

To use the cookie method, set the Portal Authentication Method parameter to Cookie and type the appropriate variable for the Portal Authentication Cookie Key parameter.  Then create a web page with code similar to below.  Once the user logs on through the portal, take their user logon information and create a cookie.  After the cookie is created send the user to your EMS Web App Default.aspx page.

Code example in Active Server Pages 2.0:

<%@LANGUAGE="VBSCRIPT" %>

<%

            Response.Expires = -1

            Response.Cookies("EMS Web AppCookie")("CookVal") = "test@emssoftware.com"

            Response.Cookies("EMS Web AppCookie").Path = "/"

            Response.Cookies("EMS Web AppCookie").Expires = DateAdd("m", 3, Now)

            Response.Redirect("http://[ServerName]/ EMSWebApp/Default.aspx ")

%>

Query String Method

A query string is information appended to the end of a page's URL.  An example using portal authentication is below

           

Code example:

              http://[ServerName]/ EMSWebApp/Default.aspx?MCQS=test@emssoftware.com

 

To use the query string method, set the Portal Authentication Method parameter to Query String and type the appropriate variable for the Portal Authentication Variable parameter.