Hi all,
i have a question concerning the process of trusted SSO via java:
We have a java application running on a WebSphere v6.
Through this app, we connect to a BO XI R2 server using the BOE Java API and RAS Java API.
There's nothing to do with jsps or web viewing.
The user interacts with a java swing gui and all is handled in java code:
We just supply the crystal report templates (rpt files) with parameters, commit them to the infoStore and export them using the ReportClientDocument.getPrintOutputController().export() method. The result is displayed as PDF.
Now we want to process the authentication by trusted SSO.
When I read the xir2_bip_admin_en.pdf, that shipped with the server installation, I only found the following phrases concerning trusted SSO:
-> To configure the server to use Trusted Authentication
1. Log on to the Central Management Console with administrative rights.
2. Go to the Authentication management area of the CMC.
3. Click the Enterprise tab.
4. Enable Trusted Authentication.
5. Create a shared secret for your users.
Note: The shared secret is used by the client and the CMS to create a
trusted authentication password. This password is used to establish trust.
6. Enter a timeout value for your trusted authentication requests.
Note: The timeout value determines how long the CMS waits for the
IEnterpriseSession.logon() call from the client application.
-> To configure the client to use Trusted Authentication
1. Create a valid configuration file on the client machine.
The following conditions apply for the configuration file:
• The name of the file must be TrustedPrincipal.conf.
• The file must be located at businessobjects_root/win32_x86/
plugins/auth/secEnterprise.
• The file must contain SharedSecret=secretPassword, where
secretPassword is the trusted authentication password.
2. Use the session manager to create a trusted principal and log on to the
CMS:
ISessionMgr sessionMgr =
CrystalEnterprise.getSessionMgr();
ITrustedPrincipal trustedPrincipal =
sessionMgr.createTrustedPrincipal("userName",
"cmsName");
IEnterpriseSession enterpriseSession =
sessionMgr.logon(trustedPrincipal);
That sounds simple.
Now my Question:
To configure the Client, i have to put the TrustedPrincipal.conf file into the named directory OF A BUSINESSOBJECTS INSTALLATION???
That doesnt make sense to me.
The machine that executes the java code has no businessobjects installation and shouldnt get any at all. Thats the reason why i chose java. what a nonsense.
Of course i wrote a little java test app:
While processing the
ISessionMgr.logon(ITrustedPrincipal)
method, the following exception occured (obviously cause the client machine has no business objects installation):
Can anybody please bring some light into the scenery? Or explain me how to configure SSO correctly.
Thanks
ulliM
i have a question concerning the process of trusted SSO via java:
We have a java application running on a WebSphere v6.
Through this app, we connect to a BO XI R2 server using the BOE Java API and RAS Java API.
There's nothing to do with jsps or web viewing.
The user interacts with a java swing gui and all is handled in java code:
We just supply the crystal report templates (rpt files) with parameters, commit them to the infoStore and export them using the ReportClientDocument.getPrintOutputController().export() method. The result is displayed as PDF.
Now we want to process the authentication by trusted SSO.
When I read the xir2_bip_admin_en.pdf, that shipped with the server installation, I only found the following phrases concerning trusted SSO:
-> To configure the server to use Trusted Authentication
1. Log on to the Central Management Console with administrative rights.
2. Go to the Authentication management area of the CMC.
3. Click the Enterprise tab.
4. Enable Trusted Authentication.
5. Create a shared secret for your users.
Note: The shared secret is used by the client and the CMS to create a
trusted authentication password. This password is used to establish trust.
6. Enter a timeout value for your trusted authentication requests.
Note: The timeout value determines how long the CMS waits for the
IEnterpriseSession.logon() call from the client application.
-> To configure the client to use Trusted Authentication
1. Create a valid configuration file on the client machine.
The following conditions apply for the configuration file:
• The name of the file must be TrustedPrincipal.conf.
• The file must be located at businessobjects_root/win32_x86/
plugins/auth/secEnterprise.
• The file must contain SharedSecret=secretPassword, where
secretPassword is the trusted authentication password.
2. Use the session manager to create a trusted principal and log on to the
CMS:
ISessionMgr sessionMgr =
CrystalEnterprise.getSessionMgr();
ITrustedPrincipal trustedPrincipal =
sessionMgr.createTrustedPrincipal("userName",
"cmsName");
IEnterpriseSession enterpriseSession =
sessionMgr.logon(trustedPrincipal);
That sounds simple.
Now my Question:
To configure the Client, i have to put the TrustedPrincipal.conf file into the named directory OF A BUSINESSOBJECTS INSTALLATION???
That doesnt make sense to me.
The machine that executes the java code has no businessobjects installation and shouldnt get any at all. Thats the reason why i chose java. what a nonsense.
Of course i wrote a little java test app:
While processing the
ISessionMgr.logon(ITrustedPrincipal)
method, the following exception occured (obviously cause the client machine has no business objects installation):
Code:
com.crystaldecisions.sdk.exception.SDKException$TrustedPrincipalConfigError: Fehler beim Lesen des gemeinsamen geheimen Schlüssels aus der vertrauenswürdigen Subjekt-Konfigurationsdatei.
at com.crystaldecisions.sdk.framework.internal.c.a(Unknown Source)
at com.crystaldecisions.sdk.framework.internal.d.logon(Unknown Source)Thanks
ulliM