Authenticate your integrated application with TeamForge

To help third party developers write integrated applications, CollabNet provides an SDK. At the heart of the SDK is the IntegratedAppSupport helper class. You use IntegratedAppSupport to authenticate integrated application requests with TeamForge, and provide context information for subsequent processing of forms and links within the application.

You can download the SDK from here.

You must call the IntegratedAppSupport class for every request made by the integrated application. This class takes HttpServletRequest and HttpServletResponse for each request and determines whether the user is already authenticated. It also provides project- and user-related information that can be used throughout the request.

Tip: It is a good idea to store this as a ThreadLocal so that it can be used from anywhere in the application.

Here's what you need to do to call IntegratedAppSupport from the application:

Where you construct the IntegratedAppSupport and call ProcessRequest subsequently depends on the architecture of your application. We've provided two cases -- for servlet filters and httpservlets.

ProcessRequest does the following tasks:

It is advisable to set it so that all originating URLs (forms and other links to the application) have the /linkid/prplxxxx in their request URL. For example, in the Pebble application (refer to ./src/net/sourceforge/pebble/domain/'s getUrl method), the URL for each link that goes out of the blog is added a /linkid/prplxxxx to its request URL. This helps subsequent URLs to be validated correctly. You can retrieve the linkid using IntegratedAppSupport.getIntegratedAppId.