All,

When WebFOCUS MRE is configured for trusted authentication, is there a way to override the behavior of bypassing the MRE Logon page so that additional credentials (like ACF2) can be entered and passed to WebFOCUS?

Not quite sure what you are asking here. Are you looking to combine ACF2 and Trusted for MRE SSO? Or, are you looking for Trusted MRE SSO and ACF2 to the reporting server? Or, are you looking at bypassing MRE altogether and do direct WFServlet requests with ACF2?

Maybe something else entirely?

Dhagen,

We have the following requirements:
1. use WebFOCUS MRE through the PS Enterprise Portal (using WebFOCUS Open Portal Services)
2. log into WebFOCUS MRE via the web-based applet (ibi_login.jsp/mr_login.jsp). (MRE development via the portal is very limited.)
3. allow the users to optionally enter ACF2 credentials on the web-based applet logon page.

The portal is authenticates to Active Directory but only passes the NT User ID to WebFOCUS MRE. Therefore, MRE accounts cannot not have passwords. This makes the web-based applet login unsecure. However, the web-based applet logon pages are customized to allow ACF2 credentials to be entered and passed to a WebFOCUS reporting server.

We do not have single signon like Net-Tegrity or SiteMinder. And we don't have time to customize the portal to pass both the NT user ID and Password to WebFOCUS. (We are planning on implementing this in the future.)

My thought was to display a link to WebFOCUS MRE in the portal (in place of the WebFOCUS Pagelet) and configure WebFOCUS MRE with trusted authentication. However, since trusted authentication bypasses the logon page. I was looking for a method of allowing either the logon page or some other HTML page to be displayed that allowed the user to optionally enter ACF2 credentials and then click continue to log into MRE.

I'd be happy to discuss this over the phone. Let me know if this is an option.

Hi Jenny,

The issue here seems to be complicated enough that I would strongly recommend you contact Information Builders' Customer Support Services and open a case for further assistance. We may need to look much further and in details on what you are trying to accomplish. You may either call at 1-800-736-6130, or access the online system InfoResponse at http://techsupport.ibi.com. Here is a list of information to be ready when you call: http://techsupport.ibi.com/before_you_call.jsp.

For general guidance on security, please check the following manual which may be of interest:

WebFOCUS Security and Administration 7.1.3

If you are running on releases other than 713, please let me know and I will be more than happy to locate the right version of the security manual for you.

Hope this helps.

Cheers,

Kerry

Kerry,

I will be opening a HT case on this question tomorrow or next week. It just happened that the IBI TechSupport site was down when I began my research so I posted a question here.

Thanks for responding.

Any help ont his ?
I have siteminder protection for my URL.
while login i provide USer details want to pass the same userid to webfocus server.
I updated cgivars.wfs with following

IBI_REPORT_USER =&SM_USER
(Also Tried using IBI_REPORT_USER =&WF_REMOTE_USER )
IBI_REPORT_PASS ="TRUSTED"

where SM_USER is passed in siteminder headerinfo.
But this does not work.Any suggestion

WF 7.1.3 ,Platform Windows,
Databases: Oracle,IE7

Any suggestion on this will be very helpful.

WF 7.1.3 ,Platform Windows,
Databases: Oracle,IE7

TRUSTED authentication works for every platform BUT WINDOWS. I suggest you call CSS for some help. There is at least one document dedicated to implementing Siteminder, so CSS should be helpful.