As of December 1, 2020, Focal Point is retired and repurposed as a reference repository. We value the wealth of knowledge that's been shared here over the years. You'll continue to have access to this treasure trove of knowledge, for search purposes only.
New TIBCO Community Coming Soon
In early summer, TIBCO plans to launch a new community—with a new user experience, enhanced search, and expanded capabilities for member engagement with answers and discussions! In advance of that, the current myibi community will be retired on April 30. We will continue to provide updates here on both the retirement of myibi and the new community launch.
What You Need to Know about Our New Community
We value the wealth of knowledge and engagement shared by community members and hope the new community will continue cultivating networking, knowledge sharing, and discussion.
During the transition period, from April 20th until the new community is launched this summer, myibi users should access the TIBCO WebFOCUS page to engage.
This seems like the most basic of things to want to do but so far IBI still hasn't given me an answer (case opened 5/22). I'm just trying to pass information securely from my Tomcat application to a WF Server.
We have an existing application running on Tomcat that authenticates the user and stores information about them as session variables. We want to add reporting to this application which will require securely passing these values from the session to the WF Report server.
While I can freely access the session values within my application, session information is limited to the context it was created in so it's unavailable to the WF Servlet as that runs under a different context.
I know I can't be the only one doing this so what am I missing?
WF Server 7.1, WF Client installed on Tomcat as per the IBI instructions. No other IBI tools.
It feels that way. IBI is getting back to me today and they say they have a solution. I'll post it back here if it works so others can benefit.
What bugs me is this is such a basic thing. I can see where this isn't a problem if you are using the other IBI tools (which are out of our price range) but anyone doing a self-service app or trying to integrate WF into an existing application must have the same issue.
EJL, This may sound simple, but this is actually hard to do. What you are asking is for a web application to inherit authentication that has already been done from another web application. This is so hard - in fact - that a lot of companies have made lots of money solving just this problem (e.g. ClearTrust, Siteminder, Entrust to name a few).
From where I stand, you have two choices: - Look into session sharing if both web apps are on the same server - I haven't done this, but I've talked to people that say it is possible. - Build your own personal two form authentication process (you really should do two form if you want to avoid spoofing). I have done this a couple of times with web focus.
Either way, you are going to have to develop some Java code, because you cannot do this with focus code.
"There is no limit to what you can achieve ... if you don’t care who gets the credit." Roger Abbott
I really hoped IBI would have given me a way to bring the IBI servlet functionality into the current application, thereby removing all the cross application security issues. That would have been easy for me.
Instead the solution seems to be leaning towards cookies. I'm still waiting on IBI documentation to see how secure we can actually make it. I think a a non-persistent, encrypted cookie, sent with a digital signature would do the trick.
I agree this isn't going to be in Focus code but I'm fine with that. We've got a lot of development options in our "toolbox".
I didn't look into it myself but our lead developer investigated bringing in the WF Servlet and thought there would be issues so we decided to not go down that road thinking IBI had to have a cleaner way.
I've never heard of the WebFocus API but the overview I just read looks very promising. Is this a separate product? I wonder why IBI support didn't mention it as an option.
Almost forgot - Thanks a lot for the information. You've definitely given me some good stuff to research.