October 18, 2007, 11:11 AM
shealy_lfoExternal Authentication
This may be somewhat of a large question, previously we have not done much in the way of Managed Reporting.
We currently have a group of external partners with which we would like to share some very basic reporting outputs. These partners already login to an application we house for placing orders so we have a basic user database in place outside of Managed Reporting User Admin.
We would like to leverage the current authentication process to serve as a single sign-on and pass them through to a reporting view.
All users will fall to a single view so could be part of one group and one domain. Some questions I have are:
1) If they are authenticated externally do I need to have a corresponding user established in User Admin with a common username/password?
2) How do I best pass additional identifying variables from the external app that would further control the output (i.e. JSmith = partner_id 12345)?
October 18, 2007, 11:27 AM
SayedHi Shealy,
If you are planning on using IWA with realmdriver, then you only need user id's on the realm tables. You do not need the passwords. Based on the user id, he/she will be mapped to specific domains, in your case each partner id may be mapped to different domains.
Thanks,
Sayed
October 18, 2007, 12:22 PM
shealy_lfoI wasn't planning on mapping each to its own domain and it doesn't seem like this should have to be necessary. Each user gets the same access and functionality but partner A has all content (i.e. order history) restricted to its content, partner B to its, etc.
October 18, 2007, 12:28 PM
newtofocusYou would only need the user id on the MRE setup.
Please refer to the WebFOCSU security manual that discusses variables that can be passed to MRE by an external app, which then could be used to restrict the view.