Focal Point Banner


As of December 1, 2020, Focal Point is retired and repurposed as a reference repository. We value the wealth of knowledge that's been shared here over the years. You'll continue to have access to this treasure trove of knowledge, for search purposes only.

Join the TIBCO Community
TIBCO Community is a collaborative space for users to share knowledge and support one another in making the best use of TIBCO products and services. There are several TIBCO WebFOCUS resources in the community.

  • From the Home page, select Predict: WebFOCUS to view articles, questions, and trending articles.
  • Select Products from the top navigation bar, scroll, and then select the TIBCO WebFOCUS product page to view product overview, articles, and discussions.
  • Request access to the private WebFOCUS User Group (login required) to network with fellow members.

Former myibi community members should have received an email on 8/3/22 to activate their user accounts to join the community. Check your Spam folder for the email. Please get in touch with us at community@tibco.com for further assistance. Reference the community FAQ to learn more about the community.



Read-Only Read-Only Topic
Go
Search
Notify
Tools
Security confusion
 Login/Join
 
EJL
Silver Member
posted
We've used a test server for our project but now I want to get something configued much closer to a prodution type environment. I'm just getting confused with the security settings when I read the manuals. The two things I want to do:

1) I want to run WF as a Windows service with no security checking when a user tries to run a report. Anyone can run any report. I see how to start WF with security=off from the menu but I don't know how to set the service to start that way.

2) I want to secure the console so that limited people have access to it or at least can't do anything but view traces, etc.

We're developing a self service app using WF Report Server 7.1.5 on a Win2003 server. Tomcat is the front end app server.
 
Posts: 41 | Registered: January 06, 2006Report This Post
kerberos
Member
posted Hide Post
Read WebFOCUS Security and Administration 7.1.X. The answers to your questions are all there.
 
Posts: 24 | Location: NY | Registered: May 30, 2003Report This Post
EJL
Silver Member
posted Hide Post
I'm sure they are but I've read and re-read many parts of it but can't find the answer to these questions. For example, it mentions a setting called EDAEXTSEC but doesn't say where that setting is configured.

I wouldn't have asked the question if I hadn't already spent all morning going through the documentation and trying to figure it out.
 
Posts: 41 | Registered: January 06, 2006Report This Post
newtofocus
Platinum Member
posted Hide Post
Here is how you set the variable EDAEXTSEC to OFF on windows.

Go to Control panel
Go to System
Click on the Advanced Tab
Click on Environment variables
Add/Change EDAEXTSEC variable
Restart your service


WF7.1.4 Prod/Test, MRE, self serve, DM
 
Posts: 176 | Location: Desplaines | Registered: August 05, 2004Report This Post
EJL
Silver Member
posted Hide Post
That worked. I never saw it referenced as an environment variable, only as a Report Server setting so I kept looking at the .cfg files for a solution. It's kind of an odd place to store that kind of a setting.

Thanks a lot. It's nice to get a problem resolved on a Friday afternoon.
 
Posts: 41 | Registered: January 06, 2006Report This Post
mgrackin
Virtuoso
posted Hide Post
EJL,

You can also leave Security ON and set a default USER and PASS for the WF Client piece to use to connect to the WF Server piece.

you do this by logging into the WF Client Console as the admin. Click on the Configuration box on the left and then click on the Reporting Server option on the left. You will then need to fill in IBI_REPORT_ variables with USER, PASS and SERVER. SERVER Should already be filled in.


Thanks!

Mickey

FOCUS/WebFOCUS 1990 - 2011
 
Posts: 995 | Location: Gaithersburg, MD, USA | Registered: May 07, 2003Report This Post
Francis Mariani
Expert
posted Hide Post
Why would the "WebFOCUS Security and Administration Version 5 Release 3" (wf53sec.pdf) document not discuss the EDAEXTSEC variable? This variable is used to turn security off or on, it should be discussed in the security manual.

Instead, we are referred to the "iWay Server documentation". I am assuming this is "iWay Server Installation
Version 5.3" (iWayServerInstallation53.pdf). In this document, setting the EDAEXTSEC variable is discussed for OS/390, UNIX, OS/400, OpenVMS - I see nothing about Windows.

Nothing in "WebFOCUS and ReportCaster Installation and Configuration for Windows Version 5 Release 3".

Nothing in "WebFOCUS Developer Studio Installation and Configuration Version 5 Release 3".

I wonder where this is documented:
quote:
Here is how you set the variable EDAEXTSEC to OFF on windows.

Go to Control panel
Go to System
Click on the Advanced Tab
Click on Environment variables
Add/Change EDAEXTSEC variable
Restart your service


Thanks.


Francis


Give me code, or give me retirement. In FOCUS since 1991

Production: WF 7.7.05M, Dev Studio, BID, MRE, WebSphere, DB2 / Test: WF 8.1.05M, App Studio, BI Portal, Report Caster, jQuery, HighCharts, Apache Tomcat, MS SQL Server
 
Posts: 10577 | Location: Toronto, Ontario, Canada | Registered: April 27, 2005Report This Post
Francis Mariani
Expert
posted Hide Post
I had to reboot my Windows XP workstation after creating the EDAEXTSEC system variable.


Francis


Give me code, or give me retirement. In FOCUS since 1991

Production: WF 7.7.05M, Dev Studio, BID, MRE, WebSphere, DB2 / Test: WF 8.1.05M, App Studio, BI Portal, Report Caster, jQuery, HighCharts, Apache Tomcat, MS SQL Server
 
Posts: 10577 | Location: Toronto, Ontario, Canada | Registered: April 27, 2005Report This Post
susannah
Expert
posted Hide Post
EJL, we do exactly that.
We have webfocus reporting server starting with security not as a service but 'in alternative security mode WCPROTECTED in the start up on boot.
then we have to start reportcaster by hand
because , we can't have reportcaster starting as a service, because services startup before the start menu runs, on booting a server box, so caster would try to start before the focus engine...and that's not good.



In Focus since 1979///7706m/5 ;wintel 2008/64;OAM security; Oracle db, ///MRE/BID
 
Posts: 3811 | Location: Manhattan | Registered: October 28, 2003Report This Post
Francis Mariani
Expert
posted Hide Post
I would still love to know where this is documented:
quote:

Here is how you set the variable EDAEXTSEC to OFF on windows.

Go to Control panel
Go to System
Click on the Advanced Tab
Click on Environment variables
Add/Change EDAEXTSEC variable
Restart your service


Francis


Give me code, or give me retirement. In FOCUS since 1991

Production: WF 7.7.05M, Dev Studio, BID, MRE, WebSphere, DB2 / Test: WF 8.1.05M, App Studio, BI Portal, Report Caster, jQuery, HighCharts, Apache Tomcat, MS SQL Server
 
Posts: 10577 | Location: Toronto, Ontario, Canada | Registered: April 27, 2005Report This Post
Francis Mariani
Expert
posted Hide Post
Still can't find this in the documentation. Frowner


Francis


Give me code, or give me retirement. In FOCUS since 1991

Production: WF 7.7.05M, Dev Studio, BID, MRE, WebSphere, DB2 / Test: WF 8.1.05M, App Studio, BI Portal, Report Caster, jQuery, HighCharts, Apache Tomcat, MS SQL Server
 
Posts: 10577 | Location: Toronto, Ontario, Canada | Registered: April 27, 2005Report This Post
<DocServices>
posted
Hi Francis,

Try the iWay Server Installation Version 5.3.3 manual. See Chapter 2, Server Installation for Windows.

This information will be added to the next release of the WebFOCUS Security and Administration manual.

Hope this helps.

Regards,
Jenn
 
Report This Post
Francis Mariani
Expert
posted Hide Post
Jennifer, thank you for the link to the 5.3.3 manual.

I have the 5.3.2 manual and both state the following
quote:
Configuring Server Security
You can set a server’s security to:
• Off. Users do not provide a password when logging on the server.
This is the default if the server has not been set to secure mode.
• On. The server runs as a Windows service. Requires a user to provide his or her
operating system user ID and password when logging on to the server.
Each connecting user’s credentials are authenticated using Microsoft Windows Security
Services. The iWay Server invokes authentication and impersonation services and
enforces RDBMS access control.
This is the default if the server has been set to secure mode.

Neither document tells us how to configure Windows. As I had previously mentioned, "in this document, setting the EDAEXTSEC variable is discussed for OS/390, UNIX, OS/400, OpenVMS - I see nothing about Windows".

I'm glad this information is being added to the next Security and Administration manual.

I'm sorry I'm harping on about this.

Thanks.

This message has been edited. Last edited by: Francis Mariani,


Francis


Give me code, or give me retirement. In FOCUS since 1991

Production: WF 7.7.05M, Dev Studio, BID, MRE, WebSphere, DB2 / Test: WF 8.1.05M, App Studio, BI Portal, Report Caster, jQuery, HighCharts, Apache Tomcat, MS SQL Server
 
Posts: 10577 | Location: Toronto, Ontario, Canada | Registered: April 27, 2005Report This Post
  Powered by Social Strata  

Read-Only Read-Only Topic


Copyright © 1996-2020 Information Builders