WebFOCUS Online Help > ReportCaster Development and Administration > ReportCaster Security > Configuring ReportCaster With External Authentication

Configuring ReportCaster With External Authentication

In this section:

In some environments, you may want to authenticate Managed Reporting/ReportCaster credentials with an external user directory. For example, user passwords may be stored in LDAP or Active Directory. In this case, ReportCaster must be configured so that it does not authenticate users against its ReportCaster Repository, because the user passwords are not stored there. This is accomplished by configuring the ReportCaster Authentication Plug-in setting. The following two sections show how to:

Top of page
Configuring the Trusted MR Sign-On Setting for ReportCaster

When using a repository driver for Managed Reporting that performs external authentication, such as the Managed Reporting Realm Driver, you must set the Authentication Plug-in parameter in the ReportCaster Server Configuration tool to 'Trusted MR Sign-On'. Setting this value causes ReportCaster to make a trusted Managed Reporting sign-on on behalf of the user, instead of an explicit Managed Reporting sign-on with the user's ID and password.

Top of page
Procedure: How to Configure the Trusted MR Sign-On Setting for ReportCaster
  1. Access the ReportCaster Server Configuration tool in one of the following ways:
    • If you are on a Windows platform, you can access the configuration tool from the Start Programs menu by selecting Information Builders, ReportCaster 76, Distribution Server, Configuration, and then clicking Edit.
    • When logged on to Managed Reporting as an administrator, click the clock icon. The ReportCaster Development and Administration Interface opens. From this interface, select the ReportCaster Server Configuration link.
    • You can also access ReportCaster independent of Managed Reporting by typing the following URL:
      http://hostname[:port]/rcaster/main/reportcaster.jsp

      where:

      hostname[:port]

      Is the host name and optional port number (specified only if you are not using the default port number) of the Application Server where the ReportCaster Web application is deployed.

      rcaster

      Is the site-customized context root for the ReportCaster Web application deployed on your Application Server. rcaster is the default value.

      In this case, since your user credentials have not been validated by Managed Reporting, you must type a valid ReportCaster administrator ID and password to log on to the ReportCaster Development and Administration Interface. From this interface, select the ReportCaster Server Configuration link.

    The ReportCaster - Server Configuration window opens displaying the General tab.

  2. In the General tab, select the Security folder and locate the Authentication Plug-in setting. From the drop-down list, select Trusted MR Sign-On.

  3. Click the MR Info tab.

  4. Verify that the Trusted Key value matches the IBIMR_TRUSTED_KEY setting in the cgivars.wfs file located in the \ibi\WebFOCUS76\client\wfc\etc directory.

    When you perform an InstallShield installation on Windows or UNIX, and you install Managed Reporting and ReportCaster together, the Trusted Key value is populated automatically.

    When ReportCaster and WebFOCUS are installed at different times or on different machines, you must populate the Trusted Key field in the ReportCaster Server Configuration tool with the IBIMR_TRUSTED_KEY parameter value in the cgivars.wfs file. For a procedure to update the trusted key, see How to Update the Trusted MR Sign-On Key.

  5. Click the Save icon, or select Save from the Action menu. A message appears asking for confirmation that you want to save the changes to the configuration file. Click Yes.
  6. Restart the ReportCaster Distribution Server.
  7. Reload the WebFOCUS and ReportCaster Web applications.
  8. After reloading the Web application(s), all users currently logged on must restart their sessions to obtain the current configuration information. Since the user's session does not have information cached pertaining to the ReportCaster configuration, the user interfaces must be restarted to obtain any updated information.
Top of page
Procedure: How to Update the Trusted MR Sign-On Key
  1. Go to the directory that contains the cgivars.wfs file:

    On UNIX and z/OS, the cgivars.wfs file is located in:

    cd /ibi/WebFOCUS76/client/wfc/etc

    On Windows, the cgivars.wfs file is located in:

    cd \ibi\WebFOCUS76\client\wfc\etc
  2. Open the cgivars.wfs file and copy the IBIMR_TRUSTED_KEY variable value.
  3. Open the ReportCaster Server Configuration tool and click the MR Info tab.
  4. Paste the copied IBIMR_TRUSTED_KEY value into the Trusted Key field.
  5. Save the ReportCaster server configuration by selecting Save from the Action menu.
  6. Restart ReportCaster by selecting Restart from the Action menu or clicking the Restart icon in the toolbar.
Top of page
Configuring an Authentication Plug-in for Self-Service ReportCaster Applications

When ReportCaster is not configured with Managed Reporting, you can write a customized plug-in program (in the Java language) that externally authenticates ReportCaster user credentials.

Top of page
Procedure: How to Configure an Authentication Plug-in for Self-Service ReportCaster Applications
  1. Access the ReportCaster Server Configuration tool in one of the following ways:
    • If you are on a Windows platform, you can access the configuration tool from the Start Programs menu by selecting ReportCaster76, Configuration, and then clicking Edit.
    • When logged on to Managed Reporting as an administrator, click the clock icon. The ReportCaster Development and Administration Interface opens. From this interface, select the ReportCaster Server Configuration link.
    • You can also access ReportCaster independent of Managed Reporting by typing the following URL:
      http://hostname[:port]/rcaster/main/reportcaster.jsp

      where:

      hostname[:port]

      is the host name and optional port number (specified only if you are not using the default port number) of the Application Server where the ReportCaster Web application is deployed.

      rcaster

      is the site-customized context root for the ReportCaster Web application deployed on your Application Server. rcaster is the default value.

      In this case, since your user credentials have not been validated by Managed Reporting, you must type a valid ReportCaster administrator ID and password to log on to the ReportCaster Development and Administration Interface. From this interface, select the ReportCaster Server Configuration link.

    The ReportCaster - Server Configuration window opens displaying the General tab.

  2. In the General tab, select the Security folder and locate the Authentication Plug-in setting. Specify the fully qualified class name containing the program (for example, abcd.sample.RCSampleAuthExit) that will be performing the external authentication.

    Important:

    The \ibi\WebFOCUS76\webapps\rcaster76\WEB-INF\lib\DSTRCServlet.jar file must be added to the active classpath when you compile and run your program. The DSTRCServlet.jar file contains the DSTCasterAuthInterface that the authentication plug-in must implement.

    The class or jar file containing the class must be added to the ReportCaster Web application. If the ReportCaster plug-in is a class, it should be placed in the \ibi\WebFOCUS76\webapps\rcaster76\WEB-INF\classes subdirectory. If the ReportCaster plug-in is packaged in a .jar file, it should be placed in the \ibi\WebFOCUS76\webapps\rcaster76\WEB-INF\lib subdirectory.

  3. Click the Save icon, or select Save from the Action menu. A message appears asking for confirmation that you want to save the changes to the configuration file. Click Yes.
  4. Restart the ReportCaster Distribution Server.
  5. Reload the ReportCaster Web application.
  6. After reloading the Web application, all users currently logged on must restart their sessions to obtain the current configuration information. Since the user's session does not have information cached pertaining to the ReportCaster configuration, the user interfaces must be restarted to obtain any updated information.

Users will now be authenticated to ReportCaster using the logic in the external plug-in.
Top of page
Example: Developing an Authentication Plug-in for Self-Service ReportCaster Applications

This sample ReportCaster Authentication Plug-in is comprised of two Java programs. The first program implements the DSTCasterAuthInterface interface. The second program enables you to override the normal authentication process of ReportCaster using this interface.

/*
** Program 1:
** DSTCasterAuthInterface.java class
**
*/
 
package ibi.broker.exit;
 
public interface DSTCasterAuthInterface {
 
    public void setUser(String userName);
    public void setPass(String password);
    public static final int INVALID_USER = -1;
    public static final int INVALID_PASS = -2;
    public static final int AUTH_FAILED  = 0;
    public static final int AUTH_SUCCESS = 1;
    public int authenticate();
}
/*
** Program 2: 
** RCSampleAuthExit.java class
*
*/
import ibi.broker.exit.*;
/**
*
* @author
* @version 7
*/
package abcd.sample;
 
public class RCSampleAuthExit implements DSTCasterAuthInterface{
 
    String user = "";
    String pass = "";
public RCSampleAuthExit() {
    }
    public void setUser(String tempUser) {
        user = tempUser;
    }
    public void setPass(String tempPass) {
        pass = tempPass;
    }
 
    public int authenticate() {
 
       if( user.equalsIgnoreCase("validuser") == true )
            return RCSampleAuthExit.AUTH_SUCCESS;
       else
            return RCSampleAuthExit.AUTH_FAILED;
    }
WebFOCUS