Sap boe businessobjects enterprise Single Sign-On, open Bi reports in heterogeneous systems

Source: Internet
Author: User
Background

The company developed its own webbi and asked for a bi report ID to open the corresponding report in SAP Bi without Secondary Logon.

 

Implementation

1. BOE is a token-based authentication method.
2. BOE provides the interface address for directly opening a report: http: // 192.168.0.61: 8080/OpenDocument/opendoc/OpenDocument. jsp

According to official information, the OpenDocument. jsp page requires two required parameters to open the report. One is the idocid (Report ID) and the other is the token (token)
The problem is that you only need to generate a token to implementOpening a report in an external systemAnd can be implementedSingle Sign-on for BOE.

According to some information, an SSO is created separately. the JSP page is placed under D: \ BOE \ Business Objects \ tomcat55 \ webapps \ cmcapp of 61. Note that the cmcapp is the Administrator Logon interface and should not be placed under the user's logon page (infoviewapp ).

SSO. jsp introduction:
Parameter: uid username, PWD password, and rid report ID
Purpose: obtain parameters, authenticate users, generate tokens, pass them to OpenDocument. jsp, and open the report.

SSO. JSP code: <! Doctype HTML public "-// W3C // dtd html 4.01 // en" "http://www.w3.org/TR/html4/strict.dtd"> <% @ page Language = "Java" contenttype = "text/html; charset = UTF-8 "%> <% @ page import =" com. crystaldecisions. SDK. framework. isessionmgr "%> <% @ page import =" com. crystaldecisions. SDK. framework. crystalenterprise "%> <% @ page import =" com. crystaldecisions. SDK. framework. ienterprisesession "%> <% @ page import =" com. crystaldecisi ONS. SDK. occa. security. ilogontokenmgr "%> <% @ page import =" com. crystaldecisions. SDK. occa. infostore. * "%> <% @ page import =" com. crystaldecisions. SDK. properties. * "%> <% @ page import =" com. crystaldecisions. SDK. exception. sdkexception "%> <% @ page import =" javax. servlet. JSP. jspwriter "%> <% Try {string CMS =" boeprod01: 6400 "; string username = request. getparameter ("uid"); string Password = request. getparameter ("pwd "); String reportid = request. getparameter ("RID"); If (username = NULL | Password = NULL | reportid = NULL) {out. println ("parameter error, please check"); return;} string auth = "secenterprise"; string token = ""; isessionmgr sessionmgr = crystalenterprise. getsessionmgr (); ienterprisesession incluisesession = sessionmgr. logon (username, password, CMS, auth); ilogontokenmgr logontokenmgr = isesession. getlogontokenmgr (); token = Logontokenmgr. getdefaulttoken (); // string URLRequest = "http: // 192.168.0.61: 8080/OpenDocument/opendoc/OpenDocument. jsp? Token = "+ token +" & idocid = "+ reportid +" & lssprodnameparam = "+ strparameter +" & swindow = new "; string URLRequest =" http: // 192.168.0.61: 8080/OpenDocument/opendoc/OpenDocument. JSP? Swindow = same & isapplication = true & token = "+ token +" & idocid = "+ reportid; response. sendredirect (URLRequest);} catch (Exception error) {out. println ("identity authentication error, please check! ") ;}%>

To open a report, enter the following in the browser address:
Http: // 192.168.0.61: 8080/cmcapp/SSO. jsp? Uid = testadmin & Pwd = ***** & rid = 6729
You can.

Enter the address directly in the address bar to support all browsers.

However, because the actual report page address is viewdocument. jsp, JavaScript code must be executed on the page. If the external system opens the report throughIFRAMEIf it is enabled, ie will automatically intercept it because the permission settings of IE areJS Code of embedded pages cannot be executed across domains in IFRAME.
Chrome, Firefox, and other browsers do not have this restriction and can be opened in IFRAME normally.

Temporary solution: Add 192.168.0.61 to the trusted site of IE to solve the problem.
To enable it in IFRAME, the most reliable solution is to rewrite OpenDocument. jsp and viewdocument. jsp to bypass Js.
In addition, the simple method is to put webbi and BOE under the same domain name, because IE prohibits IFRAME cross-origin access.

 

Contact Us

The content source of this page is from Internet, which doesn't represent Alibaba Cloud's opinion; products and services mentioned on that page don't have any relationship with Alibaba Cloud. If the content of the page makes you feel confusing, please write us an email, we will handle the problem within 5 days after receiving your email.

If you find any instances of plagiarism from the community, please send an email to: info-contact@alibabacloud.com and provide relevant evidence. A staff member will contact you within 5 working days.

A Free Trial That Lets You Build Big!

Start building with 50+ products and up to 12 months usage for Elastic Compute Service

  • Sales Support

    1 on 1 presale consultation

  • After-Sales Support

    24/7 Technical Support 6 Free Tickets per Quarter Faster Response

  • Alibaba Cloud offers highly flexible support services tailored to meet your exact needs.