We are facing an issue with Business Objects - Single Sign On (SSO). Details regarding the same are given below.
Requirement:
We have an application which authenticates users against LDAP directory.
After logging into the application, we have infoview links which open webi report as pdf.
As the application authenticates the user in first page, the infoview link when clicked should not ask for logon credentials again.
Issue:
After logging into the application, if ‘opendocument’ function is used to open report as pdf, then the report opens without asking for login credentials again.
But the page which is opened, has ‘Refresh’ option. Client does not want ‘Refresh’ option after the pdf is opened.
So, we have developed our own jsp which opens report as pdf. But, we are now facing issues with single sign on.
Analysis Done:
CE_ENTERPRISESESSION variable could be used to check for already existing sessions and then the same session could be used.
But, this variable checks only for valid infoview sessions. The application which authenticates users does not create any infoview session.
So, CE_ENTERPRISESESSION did not help.
Itseems, open document checks for CE_ENTERPRISESESSION, if it does not exist, then it uses siteminder SSO concept. But not sure, how it is done…
I just read that siteminder creates some session token which can be used for single sign on, but could not find out how it is done exactly.
If anyone of you have come across any implementation/documentation/information regarding Siteminder - LDAP - Infoview SSO, please let me know.
Any little help is greatly appreciated.
Please let me know if the above issue description is not clear or any more information is required.
Thank you so much for your time !! 
- Shirisha
shirisha (BOB member since 2009-04-21)
(BOB member since 2007-01-26)