Java EE 和 Cognos 应用程序之间的 SSO

发布于 2024-10-13 07:24:17 字数 409 浏览 5 评论 0原文

问题描述: 有两个子系统。一个是基于 Web 的 Java EE 应用程序,另一个是 Cognos 报告工具。目前,这两个应用程序都提供单独的登录页面,允许用户根据系统中定义的角色执行其活动。 Java EE 用户可以使用其登录页面直接登录到 Java EE 应用程序。同样,Cognos 用户可以通过提供其 Intranet ID 凭据,使用其登录页面登录到门户。

有一个要求,其中 Java EE 应用程序的用户应该能够通过单击 Java EE Web 应用程序中的 URL 链接来查看 Cognos 报告。目前,单击此 URL 将打开 Cognos 门户,提示输入用户凭据。

我期待一个解决方案能够帮助我们在单击 URL 时绕过 Cognos Portal 登录页面。这将帮助已登录 Java EE 应用程序的用户在新网页上查看 Cognos 报告,而无需再次登录。

Problem description:
Theren are two subsystems. One is a web based Java EE application and the other a Cognos reporting tool. Currently, both these applications provide individual login pages that allow the users to perform their activities, as per the roles defined in the system. Java EE users can directly login to the Java EE application using its login page. Similarly, the Cognos users can login to the Portal using its login page by supplying their intranet ID credentials.

There is a requirement, wherein the users of the Java EE application should be able to view the Cognos reports by clicking on a URL link in the Java EE web application. At present, clicking this URL would open the Cognos portal prompting for user credentials.

I am expecting a solution that would help us bypass the Cognos Portal login page, when clicked on the URL. This will help the users who have logged in the Java EE application to view the Cognos reports on a new web page without having to logging in again.

如果你对这篇内容有疑问,欢迎到本站社区发帖提问 参与讨论,获取更多帮助,或者扫码二维码加入 Web 技术交流群。

扫码二维码加入Web技术交流群

发布评论

需要 登录 才能够评论, 你可以免费 注册 一个本站的账号。

评论(2

路弥 2024-10-20 07:24:17

您可以按照以下步骤在您的应用程序和 cognos 之间实现单点登录:(

我假设您使用 LDAP 和 Java)

  • 在已有 Cognos BI 服务器的开发计算机上安装 Cognos SDK。要尝试与 Cognos SDK 捆绑在一起的示例,您将需要 JDK。如果您已经在没有 JDK 的情况下运行 Cognos,Cognos 可能会使用它捆绑的 JRE,不幸的是它不是来自 Oracle。在这种情况下,您可能需要卸载 Cognos,先安装 Oracle JDK,然后重新安装 Cognos 和 Cognos SDK。否则,您将遇到一些加密不兼容问题。
  • 确保您已正确配置完整的身份验证提供程序命名空间(例如 LDAP)。
  • 转至 Cognos SDK 附带的 TrustedSignonSample。在 Cognos 10 中,可以在 $COGNOS_SDK/java/AuthenticationProvider 下找到 Java 示例。
  • 修改 TrustedSignonSample.java 并在其中设置您的 LDAP 名称空间 ID。受信任的登录提供程序将使用此命名空间来验证用户是否存在。
  • 使用提供的 build.bat 构建示例,您应该获得一个 jar 文件。
  • 阅读示例附带的“readme.txt”并正确配置此提供程序。
  • 现在,如果您转到 Cognos 登录页面,您应该会看到两个命名空间选项。
  • 如果您在与 Cognos 相同的计算机中运行应用程序,只需创建一个具有相应名称(有关 cookie 名称,请参阅 TrustedSignonSample)和值的 cookie。您可以将 cookie 的值设置为应用程序的当前登录用户。
  • 就是这样,设置 cookie 后,如果您转到 Cognos 登录页面并选择自定义可信登录提供程序名称空间,则不会提示您登录。
  • 如果您根本不希望 Cognos 显示登录页面,您可以将自定义可信登录提供程序的名称空间配置为 cognos 配置中的默认名称空间。
  • 如果您在与 Cognos 不同的计算机上运行应用程序,则必须在 Cognos 全局配置中进行更多配置,以确保它接受来自该计算机/域的 cookie。

有关更多信息,请参阅此“线程”:http://businessintelligence.ittoolbox.com/groups/technical-function/cognos-l/the-cookie-trusted_signon_user-is-not-set-4863689,​​真正由您发起。

我通过这种方式实现了 Cognos 和我的应用程序之间的单点登录。我希望它对你有帮助。

You would achieve single sign on between your app and cognos by following these steps:

(I will assume that you are using LDAP and Java)

  • Install Cognos SDK on the dev machine where you already have Cognos BI server. To try the samples bundled with the Cognos SDK, you will need JDK. If you are already running Cognos without a JDK, Cognos might be using it's bundled JRE, which unfortunately is not from Oracle. In that case, you may have to uninstall Cognos, install Oracle JDK first and then re-install Cognos and Cognos SDK. Otherwise, you will run into some cryptography incompatibility issues.
  • Make sure you have configured a full authentication provider namespace like LDAP correctly.
  • Go to the TrustedSignonSample shipped with Cognos SDK. In Cognos 10, the Java sample can be found under $COGNOS_SDK/java/AuthenticationProvider.
  • Modify the TrustedSignonSample.java and set your LDAP namespace id there. The trusted sign on provider will use this namespace to verify whether the user exist or not.
  • Build the sample using the provided build.bat and you should get a jar file.
  • Read the "readme.txt" that's shipped with the sample and configure this provider correctly.
  • Now, if you go to Cognos login page, you should see two namespace choices.
  • If you are running your app in the same machine as Cognos, just create a cookie with the respective name (refer TrustedSignonSample for the cookie name) and value. You would set the cookie's value as the currently-logged-in-user-of-your-app.
  • That's it, after setting the cookie, if you go to Cognos login page and choose the custom trusted signon provider namespace, you will not be prompted for login.
  • If you don't want Cognos to display login page at all, you can configure your custom trusted signon provider's namespace as the default in cognos configuration.
  • If you are running your app in a different machine than Cognos, you have to make a few more configurations in Cognos global configuration to ensure that it accepts cookies from that machine/domain.

For more info, refer this "thread":http://businessintelligence.ittoolbox.com/groups/technical-functional/cognos-l/the-cookie-trusted_signon_user-is-not-set-4863689 initiated by yours truly.

I achieved single sign on between Cognos and my app this way. I hope it helps you.

~没有更多了~
我们使用 Cookies 和其他技术来定制您的体验包括您的登录状态等。通过阅读我们的 隐私政策 了解更多相关信息。 单击 接受 或继续使用网站,即表示您同意使用 Cookies 和您的相关数据。
原文