Manage collaboration access

By default, the PureWeb server manages the collaboration workflow under the hood, and any user who wants to join a session simply navigates to the share URL, which redirects to the server's Collaboration Login page, where users must enter the password.

It is rarely necessary to change this workflow, but for those unusual situations, the information on this page will provide guidance.

How-to

Bypass the collaboration login

APIs:

WebClient.joinSession() | HTML5 | Android
PWWebClient.joinSession() | iOS

When you set up collaboration using share URLs, by default users are prompted to log into the PureWeb server before they can join a session. It is possible to bypass this login by connecting the client using joinSession, When using this method, you provide the share URL and password directly in the parameters, making it unnecessary for users to enter them separately.

To set this up, you change the logic for connecting a client so that if the URL is a regular application URL, the connection should be done using connect, but if the URL is a share URL, the connection should be done using joinSession.

 

In HTML5 clients, because the collaboration connection workflow assumes that the collaborators already have access to the client, you must direct collaborators to the view URL for your client (see About the application URLs), which implies allowing public access to the view URL.

To do this, you must modify the pureweb-context.xml file. See Controlling access to applications.

The new value for the intercept-url pattern element should look something like this:
<s:intercept-url pattern="/pureweb/view" access="hasAnyRole('ROLE_PUREWEB_USER', 'ROLE_PUREWEB_COLLABORATOR', 'ROLE_ANONYMOUS')"/>

HTML5

Assuming the share URL and password values were previously obtained and stored in the relevant variables:

pureweb.joinSession(shareUrl,sharePassword);

iOS (Obj-C)

Assuming the share URL and password values were previously obtained and stored in the relevant variables:

[_framework.client joinSession:[newUrl absoluteString] sharePassword:password];

Android

Assuming the share URL and password values were previously obtained and stored in the relevant variables:

joinSession(shareUrl.getText().toString(), password.getText().toString());

Restrict collaboration access to authenticated users

By default, collaboration access is anonymous. In other words, any user who is provided with the share URL and a password can join. However, you may change this behavior so that only users who are already authenticated may join.

Restricting collaboration access to authenticated users is only supported when collaboration participants directly access the share URL. It is not supported when using the joinSession method to bring a participant into a session.

This is a system administration task that requires editing the PureWeb server's pureweb-context.xml configuration file.

  1. Navigate to the PureWeb server's Configuration page. Under System Configuration, click the pureweb-context.xml link to open the file.
  2. Navigate to the following code snippet:

    <!-- pureweb collaboration -->
    <!-- Allow anonymous access to collaboration -->
    <s:intercept-url pattern="/pureweb/share" access="hasAnyRole('ROLE_PUREWEB_USER', 'ROLE_PUREWEB_COLLABORATOR')"/>    
    
    <!-- Force ROLE_PUREWEB_USER access to collaboration (comment out line above)
    <s:intercept-url pattern="/pureweb/share" access="hasRole('ROLE_PUREWEB_USER')"/>
    <s:intercept-url pattern="/pureweb/share/**" access="hasRole('ROLE_PUREWEB_USER')"/>
    -->
  3. Comment out the line containing access="hasAnyRole" and uncomment out the lines containing access=hasRole". The end result should look like this:

    <!-- pureweb collaboration -->
    <!-- Allow anonymous access to collaboration -->
    <!-- <s:intercept-url pattern="/pureweb/share" access="hasAnyRole('ROLE_PUREWEB_USER', 'ROLE_PUREWEB_COLLABORATOR')"/> -->
            
    <!-- Force ROLE_PUREWEB_USER access to collaboration (comment out line above) -->
    <s:intercept-url pattern="/pureweb/share" access="hasRole('ROLE_PUREWEB_USER')"/>
    <s:intercept-url pattern="/pureweb/share/**" access="hasRole('ROLE_PUREWEB_USER')"/>