Focal Point Banner


As of December 1, 2020, Focal Point is retired and repurposed as a reference repository. We value the wealth of knowledge that's been shared here over the years. You'll continue to have access to this treasure trove of knowledge, for search purposes only.

Join the TIBCO Community
TIBCO Community is a collaborative space for users to share knowledge and support one another in making the best use of TIBCO products and services. There are several TIBCO WebFOCUS resources in the community.

  • From the Home page, select Predict: WebFOCUS to view articles, questions, and trending articles.
  • Select Products from the top navigation bar, scroll, and then select the TIBCO WebFOCUS product page to view product overview, articles, and discussions.
  • Request access to the private WebFOCUS User Group (login required) to network with fellow members.

Former myibi community members should have received an email on 8/3/22 to activate their user accounts to join the community. Check your Spam folder for the email. Please get in touch with us at community@tibco.com for further assistance. Reference the community FAQ to learn more about the community.


Focal Point    Focal Point Forums  Hop To Forum Categories  WebFOCUS/FOCUS Forum on Focal Point     Security in Web Focus

Read-Only Read-Only Topic
Go
Search
Notify
Tools
Security in Web Focus
 Login/Join
 
Karanth
Platinum Member
posted
Hi,
I need to create an application in Web Focus with security i,e., user authentication.
For example i will create a login page in the WF server using the HTML layout painter or anything and then i need to have a set of valid users who can access this page. Is this possible ni Web Focus?

Also I want to set security level as PTH. Where do i store the user ids and passwwords? It says in admin.cfg file but how do i do it?
 
Posts: 109 | Registered: January 31, 2006Report This Post
TexasStingray
Master
posted Hide Post
karanth,

Not Sure what you are trying to do. Could you be a little more specific. What flow are are trying to implement on security.




Scott

 
Posts: 865 | Registered: May 24, 2004Report This Post
Karanth
Platinum Member
posted Hide Post
Hi,
I want to create something like a self service application and also have a user authentication process. How do i do this?
 
Posts: 109 | Registered: January 31, 2006Report This Post
Kamesh
Master
posted Hide Post
You can do it by storing the user details and password(encrypted) in database. Then write your front-end using asp or jsp based on ur requirement and retrieve the windows authentication userid and verify it with your table OR ask them to enter the userid in login screen and verify it with your table.

Hope this helps,


WFConsultant

WF 8105M on Win7/Tomcat
 
Posts: 780 | Location: Florida | Registered: January 09, 2005Report This Post
TexasStingray
Master
posted Hide Post
Karanth,

While Kamesh idea will work it: adds another layer to security and concerns having id's and passwords somewhere else that needs to be maintained and secured. Do you have a systems that stores the ID, Passowrds that you want to authenticate against.




Scott

 
Posts: 865 | Registered: May 24, 2004Report This Post
Karanth
Platinum Member
posted Hide Post
I tried turning Security ON in the console and added a few NT login IDS. But all NT logins still have access. How do i resolve this?
 
Posts: 109 | Registered: January 31, 2006Report This Post
dhagen
Virtuoso
posted Hide Post
So many ways to do this:

- If you are using IIS with Jakarta plug-in or New Atlanta, restrict access to the web server based on the AD accounts. And shut off the tomcat http listener - only allow AJP. Consult Microsoft for full documentation.
- If you are using Tomcat standalone, use Tomcat internal security settings to stop access by either: a) JNDI to AD, or hardcoded userid's via the tomcat-user.xml (Note: you will have to alter WFs web.xml for this to work). Consult apache.org for full documentation.
- Or, write a focexec that uses the GETUSER() subroutine to identify the user, then exit the routine if they are not one of the users that should be there, and make this focexec the site profile for your web focus app.

3rd option is the easiest to do.


"There is no limit to what you can achieve ... if you don’t care who gets the credit." Roger Abbott
 
Posts: 1102 | Location: Toronto, Ontario | Registered: May 26, 2004Report This Post
Karanth
Platinum Member
posted Hide Post
Thanks dhagen,
we have done wat u said in option 3. We have a list of valid user ids and changed the site.wfs to point to a security.fex which does the user validation and then call the requested fex from security.fex. This works just fine..

But I have another doubt. The documentation in WF says that if u set security = PTH in WF 7.1 the user ids and passwords are validated. I set security = PTH and added one admin id and password. But WF doesn't seem to be checking the password at all. I dont want people to be able to log onto my server console from LAN. How do i restrict this?
 
Posts: 109 | Registered: January 31, 2006Report This Post
kerberos
Member
posted Hide Post
...when set to PTH, it lets you login with any user id/password combination you can think of but it doesnt really give any privileges at all or BASIC level for that matter. Otherwise, you can restrict your webfocus admin console thru web server level (e.g. restrict ip addresses etc) - that is if you still want to use PTH. There are many options for this, try engaging IBI.
 
Posts: 24 | Location: NY | Registered: May 30, 2003Report This Post
  Powered by Social Strata  

Read-Only Read-Only Topic

Focal Point    Focal Point Forums  Hop To Forum Categories  WebFOCUS/FOCUS Forum on Focal Point     Security in Web Focus

Copyright © 1996-2020 Information Builders