Tek-Tips is the largest IT community on the Internet today!

Members share and learn making Tek-Tips Forums the best source of peer-reviewed technical information on the Internet!

  • Congratulations strongm on being selected by the Tek-Tips community for having the most helpful posts in the forums last week. Way to Go!

[b]Deploying BOXI and security[/b]

Status
Not open for further replies.

moonknightt

Programmer
May 7, 2002
92
US
I am deploying a new boxir2 intallation and i need to set up security. I know boxi allows you to authenticate via enterprise, AD,ldap,NT. We are not using any of those. How do I set up authentication and authorization directly from a security table within database


Thanks for your help
 
Will your users access the BOBJ tools directly from CMC and InfoView - or only through a custom SDK application that connects to both the BOBJ services and your database?

Are you looking to limit access to certain objects or functions within the BOBJ tools for different users and groups - or just control "generic" access to the BOBJ tools?
 
They will be assessing it throught the CMC and infoview by looking to limit access to certain objects or functions and just control "generic" access to the BOBJ tools
 
For direct-access to CMC and InfoView your only choices are Enterprise, LDAP, WinAD or WinNT accounts.

You could write a CUSTOM SDK spplication that would create "Enterprise" accounts on the CMS based on the accounts in your external database, but there is no out-of-the-box function to do that.
 
If there was a security table within the database, how could i use this as my security authentication and authorization
 
You could write a CUSTOM SDK application that would create/synch "Enterprise" accounts on the CMS based on the accounts in your external database "security table", but there is no out-of-the-box function to do that.

You would have to write your own CUSTOM SDK application to manage that synch.
 
Thank you MJRBIM, for all your help. do you know where i can get some omore information about writing a security custom SDK? Do you have any resources
 
We have authentication set up through our own single-sign-on system so that when a user logs in to our portal, they are automatically logged in to InfoView. To do this, we use Enterprise athentication with Trusted Authentication enabled. We set up the users in BOE with the same user ID that they'll use to log in to the portal and a random password (none of the non-administrator users know their specific BOE password.) Using trusted authentication, our portal issues the calls to log them in to InfoView based on the user ID - no password required. This takes care of the authentication piece.

However, for the authorization piece of security, if you're going to use the InfoView application, you MUST have the users and their assignment to user groups set up in the CMC. Having all of this configures in the CMS database is how BO XI knows how to limit what users have access to. BOE WILL NOT read this kind of information from another database.

-Dell

A computer only does what you actually told it to do - not what you thought you told it to do.
 
One of our issues is that we do not have a security policy. We have the users information stored within the database and we need to know how to connect BOE to the security table within the database. We are not implementing LDAP(as of yet). So which of the Security plug in can be used to connect directly to the database for authentication. How will that be set up
 
You're looking at it back to front:
Your user is logged in to your application. Use that information to login to BOXI. This means you'll need to have some code to keep the two in sync in your main application.
Then you need to set up the groups in Enterprise to define who sees what.

Alternatively, use Enterprise to provide the authentication for your main application.

Andrew Baines
 
The user is going to log in only through BOXI not through an application. but the authentication of the users resides in a table on the database. So we will need the users to log into infoview and be authenticated against a table in the database
 
moonknightt wrote -
"The user is going to log in only through BOXI not through an application. but the authentication of the users resides in a table on the database. So we will need the users to log into infoview and be authenticated against a table in the database"
______________

Just to be clear on this - you CAN NOT use your external database to authenticate directly into InfoView.

Your only option is to write a custom SDK application to reproduce/synch your Groups and Users from your external database as ENTERPRISE Groups and Users within the CMS database.

The Groups and Users MUST exist in the CMS database in order for them to be used for InfoView access.

Even LDAP, WinAD and WinNT create aliases in the CMS.

Once those ENTERPRISE Groups and Users exist within the CMS database - you can set the access-rights to InfoView either through the CMC or through your custom SDK application.

 
thanks MJRBIM for clearing that up. How would I sync the usernames and passwords in Enterprise with those in the security table
 
Status
Not open for further replies.

Part and Inventory Search

Sponsor

Back
Top