Focal Point Banner


As of December 1, 2020, Focal Point is retired and repurposed as a reference repository. We value the wealth of knowledge that's been shared here over the years. You'll continue to have access to this treasure trove of knowledge, for search purposes only.

Join the TIBCO Community
TIBCO Community is a collaborative space for users to share knowledge and support one another in making the best use of TIBCO products and services. There are several TIBCO WebFOCUS resources in the community.

  • From the Home page, select Predict: WebFOCUS to view articles, questions, and trending articles.
  • Select Products from the top navigation bar, scroll, and then select the TIBCO WebFOCUS product page to view product overview, articles, and discussions.
  • Request access to the private WebFOCUS User Group (login required) to network with fellow members.

Former myibi community members should have received an email on 8/3/22 to activate their user accounts to join the community. Check your Spam folder for the email. Please get in touch with us at community@tibco.com for further assistance. Reference the community FAQ to learn more about the community.


Focal Point    Focal Point Forums  Hop To Forum Categories  WebFOCUS/FOCUS Forum on Focal Point     [SOLVED] How to pass user's password

Read-Only Read-Only Topic
Go
Search
Notify
Tools
[SOLVED] How to pass user's password
 Login/Join
 
Amber
Gold member
posted
I am trying to use the dashboard to access another program by executing a URL. This requires passing the user id and password.

I am capturing/passing the user's logon using
-SET &USERID = GETUSER(USERID);

How do I capture and pass their password as well to automatically log them onto the external site?
Thanks!

This message has been edited. Last edited by: Kerry,


WebFOCUS 768
OS/400
HTML, also quite a few active reports and excel.
 
Posts: 59 | Registered: June 18, 2009Report This Post
<JG>
posted
Take a look at the security and administration manual (DN 4500790.0509) which you can download from IBIs doc site.

There are various methods of passing the password but you will have to modify site.wfs via the admin console.

What you need to do is related directly to how your security is configured and how users logon.

Bear in mind though if you pass the password it will be in plain text, not encrypted and a lot of companies do not allow that.
 
Report This Post
Cati - France
Gold member
posted Hide Post
Amber,

We work on AS400 and we have been confronted to this problem.
The only secured solution is to reenter the login the first time you enter the external site. Then, during the session, you have a cookie containing the passowrd and you can access the external site as you want.
The cookie is automatically destroyed when you quit the session.

First, we tried to use the trusted mode but it's not enough secured.

Catherine


7.7.02 (Html, Excel, Ahtml, Pdf,Graph,.....)
OS400 V5R3, V5R4
Windows 2000/2003/2007/2010
 
Posts: 68 | Location: France | Registered: February 27, 2008Report This Post
Amber
Gold member
posted Hide Post
I've read the Sercurity and Administration Manual. Lot's of information on passwords. But how do you ask for it in the fex? In the manual it only shows in HTML. I'm not understanding, I guess. Is there a line of code, like GETUSR, I can write in my fex that will capture the user's password in plain text?


WebFOCUS 768
OS/400
HTML, also quite a few active reports and excel.
 
Posts: 59 | Registered: June 18, 2009Report This Post
Francis Mariani
Expert
posted Hide Post
<set> IBIC_user = &IBIC_user (pass)
<set> IBIC_pass = &IBIC_pass (pass)

are two of many custom settings you can add to site.wfs (best done via the WebFOCUS Administration Console > Custom Settings). The danger of course, is that the password will be exposed if it's used in the URL (or if &ECHO is set to ALL in the fex). Catherine has made a good suggestion regarding the use of cookies.

I'd suggest reading the Security manual some more.


Francis


Give me code, or give me retirement. In FOCUS since 1991

Production: WF 7.7.05M, Dev Studio, BID, MRE, WebSphere, DB2 / Test: WF 8.1.05M, App Studio, BI Portal, Report Caster, jQuery, HighCharts, Apache Tomcat, MS SQL Server
 
Posts: 10577 | Location: Toronto, Ontario, Canada | Registered: April 27, 2005Report This Post
Darin Lee
Virtuoso
posted Hide Post
I don't think so. The only way to handle it is through cookies, if you're wanting to go to some external site. If you think about it, that would seem to be a huge security hole if you could just throw in a function that would capture a user's password in plain text. That would expose the password to who knows who. It would be easy to get the password and impersonate the user wherever you wanted. Get back with Cati - she seems to have already solved the problem.


Regards,

Darin


In FOCUS since 1991
WF Server: 7.7.04 on Linux and Z/OS, ReportCaster, Self-Service, MRE, Java, Flex
Data: DB2/UDB, Adabas, SQL Server Output: HTML,PDF,EXL2K/07, PS, AHTML, Flex
WF Client: 77 on Linux w/Tomcat
 
Posts: 2298 | Location: Salt Lake City, Utah | Registered: February 02, 2007Report This Post
Amber
Gold member
posted Hide Post
The web address I am using doesn't show the user id or password. It just passes the vales and displays a generic address.


WebFOCUS 768
OS/400
HTML, also quite a few active reports and excel.
 
Posts: 59 | Registered: June 18, 2009Report This Post
Amber
Gold member
posted Hide Post
Got an answer from IB:

Log onto Web Administrator Console
Under Custom Settings add:
IBIC_user (pass)
IBIC_pass (pass)

In the fex:
-SET &USER=&IBIC_user;
-SET &PASS=&IBIC_pass;


WebFOCUS 768
OS/400
HTML, also quite a few active reports and excel.
 
Posts: 59 | Registered: June 18, 2009Report This Post
  Powered by Social Strata  

Read-Only Read-Only Topic

Focal Point    Focal Point Forums  Hop To Forum Categories  WebFOCUS/FOCUS Forum on Focal Point     [SOLVED] How to pass user's password

Copyright © 1996-2020 Information Builders