Platform Service

Nearly every of the requests to the Platform are authenticated. The only not authenticated requests are those to the service description. The following authentication methods are supported:

• Windows Authentication
• Forms Authentication
• Basic Authentication

It is very important to have in mind that Platform authentication use .DWPLATFORMAUTH cookie. In HTML applications cookies are managed by the browser so clients do not have to care about it, but for desktop applications it is client responsibility to keep and attach it in every request header.

When login into the Platform service there is an option to specify a product type which have to be used for the login. The product type determine some of the permissions and licenses that will be booked or required. Currently supported product types are:

• Mobile - Requires Mobile license
• EmailArchivingServer - Do not require any license but have very limited permissions up to store document
• PlatformService - Currently book DocuWare licenses (concurrent and named)

The default application type is PlatformService.

Note that the Forms authentication has been slightly changed. Normally, if a request is not authenticated then a response with the status code 302 is returned which redirects to the login page. However, this is not the correct response, and service clients expect a 401 response when a request is not authenticated.

Therefore the Platform returns a 401 response with a HTML body containing a HTML redirect using a refresh META tag pointing to the login page. So a web browser still redirects to the login page while a service client gets the correct response. In order to make this work in IIS we have to switch off the custom error pages.