Implementing Secure SSO and OBIEE
717256Sep 2 2009 — edited Sep 3 2009Hi,
So I set up SSO for OBIEE.
I have an application on server A, which creates a cookies with the username of the user AND inserts a TicketID into a database when a user logs in.
I have OBIEE on server B, configure to retrieve a username and ticketID in the user's cookies.
<Auth>
<SSO enabled="true">
<ParamList>
<Param name="IMPERSONATE" source="cookie" nameInSource="SSOUSERNAME"/>
<Param name="NQ_SESSION.TICKETID" source="cookie" nameInSource="TICKETID"/>
</ParamList>
</SSO>
</Auth>
I want OBIEE to check that both username and ticketID are valid to let the user in.
I got the whole concept but I'm not sure on how to implement it precisely.
I would like to know exactly:
1. How to retrieve the username and ticketid that OBIEE read in the cookie. (SELECT ':USER', ':NQ_SESSION.TICKET_ID' FROM DUAL ??)
2. How to check that username/ticket id are valid and NOT let the user in if it not the case. (Here I'm lost. I guess I have to SELECT USERNAME, TICKET against the database but what to do exactly?)
3. Erase the ticket from the database once it is used. (do I have to create another block? With what in it?)
thanks
Edited by: user8724283 on Sep 2, 2009 11:47 AM