As of December 1, 2020, Focal Point is retired and repurposed as a reference repository. We value the wealth of knowledge that's been shared here over the years. You'll continue to have access to this treasure trove of knowledge, for search purposes only.
New TIBCO Community Coming Soon
In early summer, TIBCO plans to launch a new community—with a new user experience, enhanced search, and expanded capabilities for member engagement with answers and discussions! In advance of that, the current myibi community will be retired on April 30. We will continue to provide updates here on both the retirement of myibi and the new community launch.
What You Need to Know about Our New Community
We value the wealth of knowledge and engagement shared by community members and hope the new community will continue cultivating networking, knowledge sharing, and discussion.
During the transition period, from April 20th until the new community is launched this summer, myibi users should access the TIBCO WebFOCUS page to engage.
We've used a test server for our project but now I want to get something configued much closer to a prodution type environment. I'm just getting confused with the security settings when I read the manuals. The two things I want to do:
1) I want to run WF as a Windows service with no security checking when a user tries to run a report. Anyone can run any report. I see how to start WF with security=off from the menu but I don't know how to set the service to start that way.
2) I want to secure the console so that limited people have access to it or at least can't do anything but view traces, etc.
We're developing a self service app using WF Report Server 7.1.5 on a Win2003 server. Tomcat is the front end app server.
I'm sure they are but I've read and re-read many parts of it but can't find the answer to these questions. For example, it mentions a setting called EDAEXTSEC but doesn't say where that setting is configured.
I wouldn't have asked the question if I hadn't already spent all morning going through the documentation and trying to figure it out.
That worked. I never saw it referenced as an environment variable, only as a Report Server setting so I kept looking at the .cfg files for a solution. It's kind of an odd place to store that kind of a setting.
Thanks a lot. It's nice to get a problem resolved on a Friday afternoon.
You can also leave Security ON and set a default USER and PASS for the WF Client piece to use to connect to the WF Server piece.
you do this by logging into the WF Client Console as the admin. Click on the Configuration box on the left and then click on the Reporting Server option on the left. You will then need to fill in IBI_REPORT_ variables with USER, PASS and SERVER. SERVER Should already be filled in.
FOCUS/WebFOCUS 1990 - 2011
Posts: 995 | Location: Gaithersburg, MD, USA | Registered: May 07, 2003
Why would the "WebFOCUS Security and Administration Version 5 Release 3" (wf53sec.pdf) document not discuss the EDAEXTSEC variable? This variable is used to turn security off or on, it should be discussed in the security manual.
Instead, we are referred to the "iWay Server documentation". I am assuming this is "iWay Server Installation Version 5.3" (iWayServerInstallation53.pdf). In this document, setting the EDAEXTSEC variable is discussed for OS/390, UNIX, OS/400, OpenVMS - I see nothing about Windows.
Nothing in "WebFOCUS and ReportCaster Installation and Configuration for Windows Version 5 Release 3".
Nothing in "WebFOCUS Developer Studio Installation and Configuration Version 5 Release 3".
I wonder where this is documented:
Here is how you set the variable EDAEXTSEC to OFF on windows.
Go to Control panel Go to System Click on the Advanced Tab Click on Environment variables Add/Change EDAEXTSEC variable Restart your service
Give me code, or give me retirement. In FOCUS since 1991
Production: WF 7.7.05M, Dev Studio, BID, MRE, WebSphere, DB2 / Test: WF 8.1.05M, App Studio, BI Portal, Report Caster, jQuery, HighCharts, Apache Tomcat, MS SQL Server
EJL, we do exactly that. We have webfocus reporting server starting with security not as a service but 'in alternative security mode WCPROTECTED in the start up on boot. then we have to start reportcaster by hand because , we can't have reportcaster starting as a service, because services startup before the start menu runs, on booting a server box, so caster would try to start before the focus engine...and that's not good.
In Focus since 1979///7706m/5 ;wintel 2008/64;OAM security; Oracle db, ///MRE/BID
Posts: 3811 | Location: Manhattan | Registered: October 28, 2003
Jennifer, thank you for the link to the 5.3.3 manual.
I have the 5.3.2 manual and both state the following
Configuring Server Security You can set a server’s security to: • Off. Users do not provide a password when logging on the server. This is the default if the server has not been set to secure mode. • On. The server runs as a Windows service. Requires a user to provide his or her operating system user ID and password when logging on to the server. Each connecting user’s credentials are authenticated using Microsoft Windows Security Services. The iWay Server invokes authentication and impersonation services and enforces RDBMS access control. This is the default if the server has been set to secure mode.
Neither document tells us how to configure Windows. As I had previously mentioned, "in this document, setting the EDAEXTSEC variable is discussed for OS/390, UNIX, OS/400, OpenVMS - I see nothing about Windows".
I'm glad this information is being added to the next Security and Administration manual.