January 20, 2006, 03:35 PM
Dennis_VPassing Non-WebFOCUS Cookie Values to FEX's
Does anyone know if it's possible to configure WebFOCUS to pass a cookie value to a FEX as an Amper variable?
We're looking into the possibility of using cookies in a self service FEX that were set by another app after authenticating the user through LDAP.
I'm thinking it's something you can do via the cgivars.wfs, but wasn't certain if it's possible.
One of our corporate security policies and regulatory mandates that we get additional information besides the userid from LDAP and use that info when running self service apps for users.
I'm thinking a security exit is an option, but we currently don't have the resources who can develop one for us, so the external app that sets the cookie values is where we're trying to go next.
Thanks for any insight, or ideas anyone can offer.
Dennis
January 22, 2006, 08:26 PM
PiipsterWhat release is this?
January 26, 2006, 05:55 PM
dhagenVersion 5.3 or higher. In Webfocus client admin console, under "Configuration/Custom Settings"
Example:
wfvar=WFPARM
COOKIENAME=USERNAME
<call> CopyHTTPCookieToWFVar(COOKIENAME,wfvar)
<set> WFPARM(pass)
What this does is reads a cookie called "USERNAME", and puts the value into a parameter called WFPARM, then passes it to webfocus as an ampher variable called WFPARM.
January 29, 2006, 09:54 PM
Dennis_VWell, the problem has been solved. The solution was a little different than I thought, but the outcome was exactly what I needed.
The solution goes something like this:
- Self service app user uses a Cold Fusion application (on another server) to authenticate to LDAP.
- Once Cold Fusion performs the authentication, it pulls out the other fields from LDAP that need to be available to the WebFOCUS self service apps as amper variables.
- Cold Fusion dynamically constructs a form to submit to the WebFOCUS Reporting Server that has the same hidden form field values as the wfsignon.htm sample signon page. Hidden form field values are created by Cold Fusion for each of the desired LDAP fields.
- Cold Fusion submits the dynamically constructed form to the WebFOCUS Reporting Server with a generic ID (not the user's ID).
- After the WebFOCUS reporting server processes the dynamically submitted form, it creates the browser-based cookie with variables that are automatically available to any self service WebFOCUS FOCEXEC until the User closes their last open browser window.
- All we had to do was develop a security procedure with a simple application security database, and we now have secure self service reports that meet the company's information security policies.
We were never able to get the wfcookie constructed using Cold Fusion from the other server, so the dhagen's solution wasn't available to us.
I didn't realize that the hidden form field values in the wfsignon.htm example login page are added to the browser cookie and automatically passed as amper variables to WebFOCUS without any configuration changes. That was the key for this solution.
By the way, we are running 5.3.2.
Thanks for the responses.