Skip to Main Content

Analytics Software

Implementing Secure SSO and OBIEE

717256Sep 2 2009 — edited Sep 3 2009
Hi,

So I set up SSO for OBIEE.
I have an application on server A, which creates a cookies with the username of the user AND inserts a TicketID into a database when a user logs in.

I have OBIEE on server B, configure to retrieve a username and ticketID in the user's cookies.

<Auth>
<SSO enabled="true">
<ParamList>
<Param name="IMPERSONATE" source="cookie" nameInSource="SSOUSERNAME"/>
<Param name="NQ_SESSION.TICKETID" source="cookie" nameInSource="TICKETID"/>
</ParamList>
</SSO>
</Auth>

I want OBIEE to check that both username and ticketID are valid to let the user in.

I got the whole concept but I'm not sure on how to implement it precisely.

I would like to know exactly:

1. How to retrieve the username and ticketid that OBIEE read in the cookie. (SELECT ':USER', ':NQ_SESSION.TICKET_ID' FROM DUAL ??)
2. How to check that username/ticket id are valid and NOT let the user in if it not the case. (Here I'm lost. I guess I have to SELECT USERNAME, TICKET against the database but what to do exactly?)
3. Erase the ticket from the database once it is used. (do I have to create another block? With what in it?)

thanks

Edited by: user8724283 on Sep 2, 2009 11:47 AM
This post has been answered by Turribeach on Sep 3 2009
Jump to Answer
Comments
Locked Post
New comments cannot be posted to this locked post.