Hi,
We have a J2EE application where we are connecting to BOXI 3.1 CMS server using Enterprise Java SDK. We are able to generate the session token by passing the user credential like user name, password, CMS server and authentication type using the below code:
IEnterpriseSession enterpriseSession = CrystalEnterprise.getSessionMgr().logon( username,
password, cmsname, authType);
String logonToken = enterpriseSession.getLogonTokenMgr().createLogonToken();
But now we wants to implement the SSO to generate the session token without passing the user password.
We have Siteminder implementation for authentication of user in our J2EE application which is mapped with LDAP. I read that I can use LDAP - Siteminder token to connect BO CMS by using the following code:
IEnterpriseSession enterpriseSession =
CrystalEnterprise.getSessionMgr().logon(sms_session, “”, “”, secLDAP");
Here sms_session should be SMS session token from a cookie or request and Pass a blank password
Could you please guide me for the following question:
-
If the above code for Siteminder is correct then what all other changes we have to do in CMS server or our J2EE application?
-
I have also came to know that Trusted Authentication is also good option for SSO. But since we are in shared environment so BO admin team has informed that they will not provide the shared secret which is configured on the server side. Does it possible to configure the trusted authentication and create shared secret password more than one on the CMS side?
3.) Does it possible to fetch the Enterprise session of a user by passing user as a parameter in BO Webservice?
Please let me know if any other SSO features are available which we can try in our J2EE? We are not able to use Windows AD as Kerberos and Vintela is not getting used in our organization.
Thank You,
Ashok
Ashok_US (BOB member since 2012-01-25)
(BOB member since 2002-08-29)