Focal Point Banner


As of December 1, 2020, Focal Point is retired and repurposed as a reference repository. We value the wealth of knowledge that's been shared here over the years. You'll continue to have access to this treasure trove of knowledge, for search purposes only.

Join the TIBCO Community
TIBCO Community is a collaborative space for users to share knowledge and support one another in making the best use of TIBCO products and services. There are several TIBCO WebFOCUS resources in the community.

  • From the Home page, select Predict: WebFOCUS to view articles, questions, and trending articles.
  • Select Products from the top navigation bar, scroll, and then select the TIBCO WebFOCUS product page to view product overview, articles, and discussions.
  • Request access to the private WebFOCUS User Group (login required) to network with fellow members.

Former myibi community members should have received an email on 8/3/22 to activate their user accounts to join the community. Check your Spam folder for the email. Please get in touch with us at community@tibco.com for further assistance. Reference the community FAQ to learn more about the community.


Focal Point    Focal Point Forums  Hop To Forum Categories  WebFOCUS/FOCUS Forum on Focal Point     Configuring custom java security in WF 8 to access BIP using SSO

Read-Only Read-Only Topic
Go
Search
Notify
Tools
Configuring custom java security in WF 8 to access BIP using SSO
 Login/Join
 
JohnQ
Member
posted
I have written a servlet filter to set REMOTE_USER and configured WF for pre-auth. But when I attempt to get to my BIP I still get the sign-in page. Are there other session vars to set so that I can bypass the sign-in page?


WebFOCUS 8
Windows, All Outputs
 
Posts: 4 | Registered: December 10, 2014Report This Post
MattC
Guru
posted Hide Post
Have you adjusted your securitysettings.xml?


<property name="formAuthEnabled" value="false" /> 

<property name="preAuthEnabled" value="true" />




I would think you would want to turn off the formAuth.


WebFOCUS 8.1.05
 
Posts: 496 | Registered: January 04, 2008Report This Post
JohnQ
Member
posted Hide Post
Yes, have that turned off and so we get a 403 denied response back. It is like WFSERVLET is ignoring REMOTE_USER and the console settings to accept pre-auth. There section in the security manual called Configuring Pre-Authentication With Custom Single Sign On (SSO) Solutions really does not provide any specifics about admin console settings so we were hoping that some of the settings mentioned for pre-auth in other sections (like J2EE pre-auth) also needed to be set. For instance, In the filterPreference section of the file, set anonymousAuthEnabled to false,
formAuthEnabled to false, and J2eePreAuthFilterEnabled to true (except we didn't do the last one since that was for j2ee auth). So maybe some of those other settings are not correct? Any suggests from someone who has implemented the custom SSO solution would be appreciated.
Thanks!
John


WebFOCUS 8
Windows, All Outputs
 
Posts: 4 | Registered: December 10, 2014Report This Post
dhagen
Virtuoso
posted Hide Post
preAuthEnabled is expecting a header to contain the user id, not the remote_user. Manage the header in your request wrapper and add the header name to the security settings.


"There is no limit to what you can achieve ... if you don’t care who gets the credit." Roger Abbott
 
Posts: 1102 | Location: Toronto, Ontario | Registered: May 26, 2004Report This Post
Edwin
Member
posted Hide Post
did you try

ibi\tomcat\conf\server.xml (make backup copy)

< !-- Define an AJP 1.3 Connector on port 8009
tomcatAuthentication="false"
protocol="AJP/1.3"
 
Posts: 12 | Location: Dallas, TX | Registered: November 02, 2011Report This Post
  Powered by Social Strata  

Read-Only Read-Only Topic

Focal Point    Focal Point Forums  Hop To Forum Categories  WebFOCUS/FOCUS Forum on Focal Point     Configuring custom java security in WF 8 to access BIP using SSO

Copyright © 1996-2020 Information Builders