 |
|||||
|
As of December 1, 2020, Focal Point is retired and repurposed as a reference repository. We value the wealth of knowledge that's been shared here over the years. You'll continue to have access to this treasure trove of knowledge, for search purposes only. Join the TIBCO Community
Former myibi community members should have received an email on 8/3/22 to activate their user accounts to join the community. Check your Spam folder for the email. Please get in touch with us at community@tibco.com for further assistance. Reference the community FAQ to learn more about the community. | |||||
Focal Point 
Focal Point Forums WebFOCUS/FOCUS Forum on Focal Point [CLOSED] Unable to access WebFOCUS portal using pre-authentication
Focal Point Forums WebFOCUS/FOCUS Forum on Focal Point [CLOSED] Unable to access WebFOCUS portal using pre-authentication Read-Only TopicGo | Search | Notify | Tools |
| [CLOSED] Unable to access WebFOCUS portal using pre-authentication | Login/Join |
| Member |
WebFocus security and admin 8201 (page 166-168) provides details on how to configure WebFocus client to enable pre-authentication with Web Access Management System. but after performing all the configuration steps, we manage to test WebFocus portal login using Javascript and adding custom http headers. From the report server logs, we can see that login request is able to reach the backend Report Server with error message like this: rejected cmrpip000068 u=srvadmin (password failure) The security document doesn't specify what kind of security provider should be used for SSO integration. In this case, we enable the default PTH (internal) which accepts trusted WebFocus client. The user srvadmin is registered under this security provider. Kindly advise.This message has been edited. Last edited by: FP Mod Chuck, WebFOCUS 8.2 Windows Server 2016 PDF, Excel | ||
|
| Virtuoso |
I have SSO and On RS : - Primary Security Providers is LDAP - Secondary Security Providers is PTH On Client : - Authentication_Type and External_Group_type as WFRS - User_Group_Membership_ExtAuthN and User_Group_Membership_PreAuthN as EXTERNAL - WFRS_Group_Provider as blank - WFRS_Service_User is PTH\srvadmin Maybe this can help WF versions : Prod 8.2.04M gen 33, Dev 8.2.04M gen 33, OS : Windows, DB : MSSQL, Outputs : HTML, Excel, PDF In Focus since 2007 | |||
|
| Expert |
FYI, 8201's security setup/layout has changed. Looks very different now. Waz...
| |||||||||||||||||||||||||||
| ||||||||||||||||||||||||||||
| Guru |
The Security model and concepts in WF 8.2 are the same as in WF 8.1. It’s only the Security GUI interface (and parameter names) in WebFOCUS Administration Console that has changed in WF 8201. For WF 8201 the description of pre-authentication with Web Access Management System (used by member ‘yehf’) is provided in the WF Security document starting on p. 175: WebFOCUS Administration and Security The process of configuring pre-authentication is described starting from p. 156 in the same document. The process of pre-authentication is done before WebFOCUS is accessed, so they should not be using WF Internal Security Provider PTH for pre-authentication. They should be using an External Security Provider, such as LDAP. The settings provided by ‘MartinY’ above are for External Authentication against LDAP. Hope this helps. Thank you for participating in the Focal Point Forum! Tamra Colangelo Focal Point Moderator Information Builders WebFOCUS 8x - BI Portal, Developer Studio, App Studio, Excel, PDF, Active Formats and HTML5 | |||
|
| Virtuoso |
It doesn't matter, you just have to make the connection to the server trusted, and set the server to allow trusted.
When you use pre-auth and are expecting a HTTP Header, that header must exist for every interaction to the WFC and not just the login. I'm a little confused how you can manage this by using JS. Can you explain in more detail? "There is no limit to what you can achieve ... if you don’t care who gets the credit." Roger Abbott | |||
|
| Member |
There is no SSO server setup in dev environment. So we have to find way to test out pre-auth approach. In the end, we use the chrome plugin Modify Header Value (HTTP Headers) to set the HTTP header value and then send requests to WebFocus. WebFOCUS 8.2 Windows Server 2016 PDF, Excel | |||
|
| Powered by Social Strata |
 | Please Wait. Your request is being processed... |
Read-Only TopicFocal Point Focal Point Forums WebFOCUS/FOCUS Forum on Focal Point [CLOSED] Unable to access WebFOCUS portal using pre-authentication
Focal Point Forums WebFOCUS/FOCUS Forum on Focal Point [CLOSED] Unable to access WebFOCUS portal using pre-authenticationCopyright © 1996-2020 Information Builders
| View $GS_USERNAME's Public Profile |
| Add $GS_USERNAME to my Ignore List |
| View Recent Posts by $GS_USERNAME |
| Notify me of New Posts by $GS_USERNAME |