Configuring Single Sign On

In this section:

WebFOCUS security can be configured to integrate with software service vendors, such as IBM Tivoli® Access Manager and Computer Associates (CA) SiteMinder®. In addition, authentication methodologies, such as Basic Authentication and Integrated Windows Authentication (IWA), can also be configured with WebFOCUS security. When WebFOCUS security is configured in this manner, the RESTful web service request to authenticate WebFOCUS is not required. For more information, see Authenticating WebFOCUS Sign-On Requests.

Depending on the type of authentication methodology being used, the appropriate authentication requirement must be sent in the HTTP header within the RESTful web service request.

After receiving a response for the first RESTful web service request, the client application must parse the response header to retrieve the cookies and send them to subsequent RESTful web service requests. The reason for this is to reuse the session in the application server.


Top of page

x
Example 1: SiteMinder (Initial Request)

The SMSESSION cookie must be passed in the RESTful web service request header.

Request:

GET http://host:port/ibi_apps/rs?IBIRS_action=TEST HTTP/1.1
Host: host:port
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; rv:20.0) Gecko/20100101 Firefox/20.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Cookie: SMSESSION=9XYcYZnboGIIfMhEeeZJ8qSQY8Q86jN/WYZ/tco/xYuXM0hNVSi4VI0kDKLq/C0
RHARUYd/J6og1b5w1M+I2alSoUJz8m28cUj13Pt221ubduHvaAmEAWHh86lQhUmLc/yae552m
YoURSzhZ2LexeE+7KgeK8fFVtBjX12DXHPBvv8vpkas8ONeYnaqJbS4Td4jbT0A0Lf92k2K5H
87CDNgr+lT6iWAVEWo972+eSd7t+/iD3MDaadal7CnT1nUk1BYBTQxHNK8tg3eHUxy61Lqc7M
K/xmcf+f27S4acueluk2UAeGLG9b+qkmQ8qZ9fZ/equ5tpUL3LZlRWsq9Zf/XXgYM/zUq6f29
mJ01lsi9XU/KIO3TyPMiBT+gj3bGsK3H5Zw8KuqCJafSuqG9IzohJFtNuOokCp6Qrm2DtGXhn
fiuYKmwMdO06acFh6kVNHMsNEeiTZ6Uo2spccoHJ8I1MA9F7WkF1/yvdghftdYcD6dKIGYFO7
biKfPhAy/rjtjD23HP138V5jmMTz3A0LeLvjnlsGbxNoTKg/PVf3NPM1o5lsltTwvKYLZbx87
WOtlpOVhiAslwre/2UW7kHHIpeX1N3VP4E3ZmYDCXuxX+aJDwGEUzzAbi9uxu/aVDRMRSJY5R
LgqW8dyugcfBagJ94+n8WvC8tsG7nnlVDEewQNbay7w3lrWp0SYVd227KjfdSt1N9eTs08vKD
sneKjseScHZV0hCL62lzh1JwAaJg3FJNMpnIGG6MmrJ66RC4AhMaKWJgY1pOLi4l4V3nelJ29
YfnKE7PAvyY9jfn7iZO8vWT5EunMYPrNgsMH+dZ6atK5xx5lSCO76uYtEis1wScoCQvgV6kZi
RLyLwPv03kWeINwAkyM3QdmqAWEutR4L7NyTL4bThU5nXuScRCrQ1+EiqOxPKCBh
Connection: keep-alive

Response:

HTTP/1.1 200 OK
Date: Mon, 06 May 2013 13:38:07 GMT
Server: Apache/2.0.58 (Unix) mod_ssl/2.0.58 OpenSSL/0.9.8e-fips-rhel5
Set-Cookie: SMSESSION=jNJi3BSlZavfl0YRdpNd50mdUsBGBaoaD8DCoIqG/EnvCE2/VqlM3wAcPFr25I0
JZHmLoewUFMrz60pSwkycBklMQLDWv2LkQVa/lESzr9PqzONyiSwXDPHWa5MXdgpmsH58b2aA
f3x11pKZ/EX3D6VDPaIrRmnZE4LY7GK5YD5+wr/hVDBVWKmVlphbefCjDvlanfUCZmau8gdlN
6Csxv52ULat8QBoRmXYh+iDxDpCPqDM4Nc8z3TiVeHhsRyE+7xsAoY+22+E2VkjJ8EDv/hCdL
ar9VS+nBtPALuN/Otze1C/ZRDi9X90yL3++ecsrpLW+ioqRznh7cO43URUNqoPz9M3Ea8uDJO
RSdeQ9QeoAZ8x+4y9jPEMDVdBSJqE7EZlm6d6BMaDPDAUPPP+BYMwx/EHSzM6rbpH+NJT6GOG
M9gkvLhH31BjiBJZf2VvDPsgzHzIONT1xDJgGcyLTiXAt8m17ufvphnJZbpFtMi0WKfHMl6Rz
TwZ+9KvPW2ToeM35zhFXU2gFXE/31gj9sq7MKmihdXe1D022Rd0j7ti99PZg8Q08wsVaHh4P8
8/ITTy/DrTFqMhdu97YUEW7bAHLKK6OPZtpDWCqix3T9/+ZA6MICdSuWRzX1bD2sXQs/zIsga
e/K2RHkNTSMA0bKzR+cFUsDzooM5yWApAXvYe/WsB59jOQYrEIdG4//f1Q7MT7F8DnTnVDjWs
j9JlgLvewdiJWVgP+knPnaiR9oZ1GseqCjAuCbbxFcpVhKprrx/urqNzwkm9Yz0xKCd8jvXA8
1rT0yiN+jarm/nHfyjJLYt1fBOuhXploQn7TR7ZixA4n57R897LzbmZK6CsyreFJ11UbiyqSb
X40M0qx+HHJ3eV7D8t+Rbdn/5UdHzGFCi1S2ZHPkbe+gO9H1OwxNSmnwIDEUGjQUra7vmvZaU
5cUeAXFHvCUTKVC8l1vtdSd+eAaLau5THQllPylRSTQ0f/DwxU1Mon6EZTkRLLxR+2mvnpN6P
wj; path=/; domain=.ibi.com
X-XSS-protection: 0
Expires: Mon, 06 May 2013 13:43:07 GMT
Cache-Control: private
Set-Cookie: JSESSIONID=0000v6lbcwkcbjsF-XoA1s3IAHe:-1; Path=/
Set-Cookie: WF_SESSIONID=359691336102577500; Path=/
Keep-Alive: timeout=15, max=100
Connection: Keep-Alive
Transfer-Encoding: chunked
Content-Type: text/html; charset=utf-8
Content-Language: en-US

Top of page

x
Example 2: SiteMinder (Subsequent Requests)

The SMSESSION cookie, as well as the session cookies retrieved in the initial RESTful web service request, must be passed in the RESTful web service request header.

GET http://host:port/ibi_apps/rs/ibfs/WFC/Repository?IBIRS_path=%2FWFC%2FRepository&IBIRS_action=get&IBIRS_args=__null HTTP/1.1
Host: host:port
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; rv:20.0) Gecko/20100101 Firefox/20.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://host:port/ibi_apps/rs/ibfs?IBIRS_action=TEST
Cookie: SMSESSION=jNJi3BSlZavfl0YRdpNd50mdUsBGBaoaD8DCoIqG/EnvCE2/VqlM3wAcPFr25I0
JZHmLoewUFMrz60pSwkycBklMQLDWv2LkQVa/lESzr9PqzONyiSwXDPHWa5MXdgpmsH58b2aA
f3x11pKZ/EX3D6VDPaIrRmnZE4LY7GK5YD5+wr/hVDBVWKmVlphbefCjDvlanfUCZmau8gdlN
6Csxv52ULat8QBoRmXYh+iDxDpCPqDM4Nc8z3TiVeHhsRyE+7xsAoY+22+E2VkjJ8EDv/hCdL
ar9VS+nBtPALuN/Otze1C/ZRDi9X90yL3++ecsrpLW+ioqRznh7cO43URUNqoPz9M3Ea8uDJO
RSdeQ9QeoAZ8x+4y9jPEMDVdBSJqE7EZlm6d6BMaDPDAUPPP+BYMwx/EHSzM6rbpH+NJT6GOG
M9gkvLhH31BjiBJZf2VvDPsgzHzIONT1xDJgGcyLTiXAt8m17ufvphnJZbpFtMi0WKfHMl6Rz
TwZ+9KvPW2ToeM35zhFXU2gFXE/31gj9sq7MKmihdXe1D022Rd0j7ti99PZg8Q08wsVaHh4P8
8/ITTy/DrTFqMhdu97YUEW7bAHLKK6OPZtpDWCqix3T9/+ZA6MICdSuWRzX1bD2sXQs/zIsga
e/K2RHkNTSMA0bKzR+cFUsDzooM5yWApAXvYe/WsB59jOQYrEIdG4//f1Q7MT7F8DnTnVDjWs
j9JlgLvewdiJWVgP+knPnaiR9oZ1GseqCjAuCbbxFcpVhKprrx/urqNzwkm9Yz0xKCd8jvXA8
1rT0yiN+jarm/nHfyjJLYt1fBOuhXploQn7TR7ZixA4n57R897LzbmZK6CsyreFJ11UbiyqSb
X40M0qx+HHJ3eV7D8t+Rbdn/5UdHzGFCi1S2ZHPkbe+gO9H1OwxNSmnwIDEUGjQUra7vmvZaU
5cUeAXFHvCUTKVC8l1vtdSd+eAaLau5THQllPylRSTQ0f/DwxU1Mon6EZTkRLLxR+2mvnpN6P
wj; JSESSIONID=0000v6lbcwkcbjsF-XoA1s3IAHe:-1; WF_SESSIONID=359691336102577500
Connection: keep-alive

Information Builders