Skip to Content
author's profile photo Former Member
Former Member

BOE 3.0 - Trusted Auth using Siteminder + Apache2-Weblogic Bridge

Hello Folks,

On of my customers is having trouble getting Trusted Authentication to work.

This is a multi-platform BOE 3.0 setup. The CMS and all other BOE servers are on Windows Server 2003 and the Web Application Server is Weblogic 9.2 which is hosted on Solaris 10. This Weblogic server is fronted by an Apache 2.0.59 Web Server which is on another Solaris 10 system and is protected by Siteminder 5.5.

Since Siteminder 6.0 is the only supported version for BOE 3.0 at present they are not integrating it directly with BOE and are using it merely to pass SM_USER to Apache and hence to Weblogic.

We have verified that the variable SM_USER is being passed properly to Apache and Weblogic using a code written by the customer however, we have had no luck in getting Trusted Authentication to work so far.

If we enable the guest account with BOE then, InfoView allows to logon as guest however, if we disable it, we get a message that it has been disabled. So, we assume that InfoView is not picking the SM_USER and is merely trying to logon as null.

I have setup a similar environment in-house on RHEL 4 and my setup works fine. I haven't written the full information here as the post would become quite large. Please feel free to let me know in case you need any information to help troubleshoot.

Thanks

Manish

Add a comment
10|10000 characters needed characters exceeded

Related questions

5 Answers

  • Posted on Aug 29, 2008 at 12:36 AM

    Manish,

    I'm sure this will work if the user is being sent properly. Have you tested any trusted auth scripts to verify the user is being received properly? How about just testing QUERY_STRING? Does this work?

    Regards,

    Tim

    Add a comment
    10|10000 characters needed characters exceeded

    • In 3.0 the path for trustedprincipal.conf has changed from boinstall\boe115\win32_x86\plugins\auth\secenterprise to boinstall\boe12\win32_x86\ or the root directory. we have fixed this in the 3.0 admin guide.

      Also the URL to redirect to should be InfoViewApp/logon/logon.do instead of the expected InfoViewApp/logon.jsp

      Other than that the steps for configuration should be pretty much the same.

      Regards,

      Tim

  • author's profile photo Former Member
    Former Member
    Posted on Sep 09, 2008 at 08:25 PM

    Issue resolved folks. After running the TrustedAuthCheck, the issue came out to be the access permission on the TrustedPrincipal.conf.

    Fixing the permissions resolved the issue.

    Add a comment
    10|10000 characters needed characters exceeded

  • author's profile photo Former Member
    Former Member
    Posted on Sep 09, 2008 at 08:27 PM

    Issue was related to access permissions on the TrustedPrincipal.conf. Giving appropriate permissions resolved the issue.

    Add a comment
    10|10000 characters needed characters exceeded

  • author's profile photo Former Member
    Former Member
    Posted on Aug 10, 2009 at 09:34 PM

    Tim,

    I'm working on SSO integration with Windows AD for BO 3.1

    Since my client BO Enterprise is on Linux, I am looking for some custom solution on a top of Trusted Authentication.

    I configured Trusted Auth based on BO 3.1 admin guide and your suggestions in threads, but it does not work. Unfortunatelly,

    I could not find TrustedAuthCheck.jsp. Can you send me the script to check my configuration?

    Thanks,

    Inna

    Add a comment
    10|10000 characters needed characters exceeded

  • Posted on Oct 01, 2010 at 08:13 AM

    Hi Manish,

    I am running into the similar sort of problem and the deployment of BO infrastructure is exacltly like you had described in your mail.

    WAS Weblogic (Linux) which is fronted by Apache (Linex) and BO itself is on Windows platform.

    Is it possible for you to shed some light on torbleshooting side of it. Trust Authentication is based on WEB_SESSION based for testing but finally I will like to have HTTP_HEADER method for TA to work.

    Regards-

    Neel

    Add a comment
    10|10000 characters needed characters exceeded

Before answering

You should only submit an answer when you are proposing a solution to the poster's problem. If you want the poster to clarify the question or provide more information, please leave a comment instead, requesting additional details. When answering, please include specifics, such as step-by-step instructions, context for the solution, and links to useful resources. Also, please make sure that you answer complies with our Rules of Engagement.
You must be Logged in to submit an answer.

Up to 10 attachments (including images) can be used with a maximum of 1.0 MB each and 10.5 MB total.