SSO between Java EE and Cognos application

前端 未结 2 1870
小蘑菇
小蘑菇 2021-01-23 03:52

Problem description: Theren are two subsystems. One is a web based Java EE application and the other a Cognos reporting tool. Currently, both these applications provide individu

2条回答
  •  被撕碎了的回忆
    2021-01-23 04:03

    You would achieve single sign on between your app and cognos by following these steps:

    (I will assume that you are using LDAP and Java)

    • Install Cognos SDK on the dev machine where you already have Cognos BI server. To try the samples bundled with the Cognos SDK, you will need JDK. If you are already running Cognos without a JDK, Cognos might be using it's bundled JRE, which unfortunately is not from Oracle. In that case, you may have to uninstall Cognos, install Oracle JDK first and then re-install Cognos and Cognos SDK. Otherwise, you will run into some cryptography incompatibility issues.
    • Make sure you have configured a full authentication provider namespace like LDAP correctly.
    • Go to the TrustedSignonSample shipped with Cognos SDK. In Cognos 10, the Java sample can be found under $COGNOS_SDK/java/AuthenticationProvider.
    • Modify the TrustedSignonSample.java and set your LDAP namespace id there. The trusted sign on provider will use this namespace to verify whether the user exist or not.
    • Build the sample using the provided build.bat and you should get a jar file.
    • Read the "readme.txt" that's shipped with the sample and configure this provider correctly.
    • Now, if you go to Cognos login page, you should see two namespace choices.
    • If you are running your app in the same machine as Cognos, just create a cookie with the respective name (refer TrustedSignonSample for the cookie name) and value. You would set the cookie's value as the currently-logged-in-user-of-your-app.
    • That's it, after setting the cookie, if you go to Cognos login page and choose the custom trusted signon provider namespace, you will not be prompted for login.
    • If you don't want Cognos to display login page at all, you can configure your custom trusted signon provider's namespace as the default in cognos configuration.
    • If you are running your app in a different machine than Cognos, you have to make a few more configurations in Cognos global configuration to ensure that it accepts cookies from that machine/domain.

    For more info, refer this "thread":http://businessintelligence.ittoolbox.com/groups/technical-functional/cognos-l/the-cookie-trusted_signon_user-is-not-set-4863689 initiated by yours truly.

    I achieved single sign on between Cognos and my app this way. I hope it helps you.

提交回复
热议问题