cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 

OpenDocument and Tokens

Go to solution
Former Member

on ‎08-15-2008 9:55 PM

0 Kudos

I'm trying to build a custom portal that will allow users view reports through OpenDocument. This seems straightforward, but I think I'm misunderstanding how tokens work. Basically, I have a web service that provides login functionality. That services returns a token. Pretty straightforward:


    ISessionMgr        sessionMgr        = CrystalEnterprise.getSessionMgr();
    IEnterpriseSession enterpriseSession = sessionMgr.logon(userName, password, "myserver", "secEnterprise");
    
    ILogonTokenMgr logonTokenMgr = enterpriseSession.getLogonTokenMgr();
    String tokenValue = logonTokenMgr.createWCAToken("", 60, 100);

So a customer comes to the portal. The portal logins into BO under the covers and gets a token. The reports page of the portal gets instance ID's (through another service) and builds urls to opendoc. These urls contain the token parameter and the iDocID parameter. The intent is that when a user clicks these links, the report will be retrieved through openDoc and displayed in a frame, or new window. However, what is actually happening when the URL's are clicked is that openDoc redirects to InfoView and I get an error"


Report Linking Error
There was an error retrieving data from the server:
The object was not found.

If I test manually in a browser (calling my login webservice, then manually building the opendoc link and pasting into the same browser) it works. I haven't tested this thoroughly yet, but it looks like if I add the jsessionID (from the login service) to the end of the URLS my custom app builds, then that works too. I don't understand this. The OpenDocument docs don't say anything about a session ID. It says to use CE_ENTERPRISESESSION, or token. I read some documentation that suggested high concurrency systems are best served using the token method and that's what I'm interesting it doing.

Am I missing something with how openDocument security works?

Thanks in advance.

Show replies
Show replies
Answer

Accepted Solutions (1)

Accepted Solutions (1)

aasavaribhave
Advisor
Advisor
‎08-18-2008 4:47 PM
0 Kudos

Your code for token generation looks ok. So if I understand it correct, it finally builds a URL like:

http://servername:port/businessobjects/enterprise115/desktoplaunch/opendoc/openDocument.jsp?iocID=<S... instance retrieved from a web service>&token=<token generated by a web service>

If you just launch this link in a separate browser, it works. Is that correct?

If you launch it in a frame in your portal application it throws the error below, right?

openDocument should work as long as the right doc ID and a valid token is specified. Viewing report with openDoc is just same as viewing report in Infoview. If you do not pass in the token as query string, you will see Infoview long page. Try creating a frameset outside the portal and try launching the url in a frame and see if that works, it could be a problem only within the portal.

Thanks

Aasavari

Show replies
Show replies
Former Member
‎08-18-2008 5:14 PM
0 Kudos

Thanks for your note Aasavari!

Your code for token generation looks ok. So if I understand it correct, it finally builds a URL like:
http://servername:port/businessobjects/enterprise115/desktoplaunch/opendoc/openDocument.jsp?iocID=<S... instance retrieved from a web service>&token=<token generated by a web service>

Yes, that is correct.

If you just launch this link in a separate browser, it works. Is that correct?

It only seems to work if I use my browser to manually hit my login service, then pull the report. Something like this:


http://myserver.com:8080/business_intelligence/logon.jsp?username=rm_1&password=pwd

My service returns:


<response>
   <token>myserver.COM@32056J25qjWNSv8to3ohM32054JbMfiLIv0X0fYFoPONEOFF</token>
   <errors/>
</response>

I also get the session ID from Tomcat. If at this point, I call open doc (with a URL that looks like what you posted) it works. It doesn't work if I turn cookies off, and it doesn't work if I use my token in a completely different web browser (that doesn't have the sessionID.

If you launch it in a frame in your portal application it throws the error below, right?

I haven't even made it to the point where I'm trying to call opendoc in a frame yet. I have some code that calls the login service. Since its just code, it ignores the session ID from tomcat. That code then builds up a web page it presents to the user with the openDoc links. At this point, the user has no cookies on his machine. When those links are clicked, I get that weird error I listed earlier. If I add the session ID to the link, it appears to work correctly. For example:


http://myserver.com:8080/businessobjects/enterprise115/desktoplaunch/opendoc/openDocument.jsp?token=myserver.COM@32024Jz8X89KzufUZWBCN32022JN4TibivCLuzsh6fONEOFF&iDocID=31362

generates an error. This following does appear to work.


<a href="http://myserver.com:8080/businessobjects/enterprise115/desktoplaunch/opendoc/openDocument.jsp?token=myserver.COM@32024Jz8X89KzufUZWBCN32022JN4TibivCLuzsh6fONEOFF&iDocID=31362;jsessionid=" TARGET="test_blank">http://myserver.com:8080/businessobjects/enterprise115/desktoplaunch/opendoc/openDocument.jsp?token=myserver.COM@32024Jz8X89KzufUZWBCN32022JN4TibivCLuzsh6fONEOFF&iDocID=31362;jsessionid=</a><the tomcat sessonid>

I have to test a little more to make sure I'm deleting cookies correctly. But what you are saying is that all I should need is a valid token, and doc ID, and I should be able to generate the document regardless of what browser, or cookies I have? That is what my understanding was after reading the docs, I just can't seem to get it to work in practice.

ted_ueda
Employee
Employee
‎08-18-2008 5:23 PM
0 Kudos

As a quick test, what happens if you use createLogonToken method rather than the createWCAToken method?

Sincerely,

Ted Ueda

Answers (1)

Answers (1)

Former Member
‎08-21-2008 9:34 PM
0 Kudos

Ted, Aasavari,

I had a decent amount of time to play around and test yesterday and it seems to be working now. I have no idea where I was screwing up. One moment I was getting the weird linking error, and the next it wasn't. Part of the issue was building an incorrect URL (at least, that was part of the issue yesterday). I must of had other issues, too, because my initial testing was done with manual requests typed directly into Firefox. Sorry I can't offer more - I just don't know what I was doing wrong (except maybe lack of sleep).

At any rate, I can successfully make a request manually (different browsers, on different machines) and from my programmatically generated link page. I tested both create token methods and both work. I assumed createWCAToken() would be best since its not tied to a session?

I did see the redirect from openDoc to infoivew does not work with cookies turned off. I assume that is by design and there is nothing I can do to get around it.

Another thing I don't quite understand is after the redirect completes (and Firefox is displaying my report) I noticed that there is a cookie called CE_LogonToken and it contains a value that looks like the token I generated programmatically (and appended to the end of the OpenDoc URL). However, the two values are NOT the same. Will there be some subtle issue with that?

Thanks guys. I really appreciate your time.

Show replies
Show replies
Ask a Question