Tuesday, March 24, 2009

Integrate Single-Sign-On Web Service with Business Objects InfoView (JAVA)

Step 1: Query SSO Web Service
queryWebService
public boolean queryWebService(java.lang.String sUserID,
java.lang.String sPassword,
java.lang.String sPortalPassword)Use application request info and user credential to authenticate the user
With Webservice is already initialized, query the webservice, using application request info and user credential to get user response object back. Return true if succeeded.


Returns:
boolean Status of user authentication.


Step 2 Get SSO Session ID
getAWSSessionID
public static java.lang.String getAWSSessionID(HttpServletRequest oRequest)Get AWS session ID. The AWS session ID is stored by SSO login page.
This method retrieves AWS session ID cookie by using specific cookie name. It also uses UTF-8 to decode the session id.


Returns:
String UTF-8 decoded session id
Since:
0.1

Step 3 Get User ID by session
getUserIDBySession
public java.lang.String getUserIDBySession(java.lang.String sAWSSessionID)
throws java.io.IOExceptionReturn user id if existing AWS session of application request info is authenticated.
If AWS session is found, the session id will be used to check against application request info. If the session is still alive on AWS server the user id will be returned for further application authentication.


Returns:
String User id in the session with application request info.


Step 4 Forward to Internal BusinessObjects Logon Page
request.getRequestDispatcher("/" + oPropertyLoader.getPropertyValue("BOLogonPage").trim()).forward(request, response);

Step 5 Initialize Business Object Session Manager
init
public boolean init()Initialize BOUserInfo. Not related to specific user.
This method initializes Property Loader and gets session manager


Returns:
boolean Indicates the status of initialization
Since:
0.1


Step 6 Get Business Object Server Logon Token
getLogonToken
public java.lang.String getLogonToken()Get user logon taken.
This method uses userid, password, cms and authenticatio type to get logon token. If the userid and password is in specified cms database, it returns the token, otherwise it returns blank string. It also save the infoStore object for future usage.


Returns:
String Logon Taken
Since:
0.1

Step 7 Logon to Business Object InfoView
sHomeURL = oPropertyLoader.getPropertyValue("ServerURL") + oPropertyLoader.getPropertyValue("BoInfoviewString") + logonToken;
/*
* It is useful to store some frequently used objects in the session for
* easy access later on.
*/
// Store the IEnterpriseSession object in the session.
session.setAttribute("EnterpriseSession", oBOUserInfo.getEnterpriseSession());

// Create an IInfoStore object and store it in the session.
IInfoStore iStore = (IInfoStore)oBOUserInfo.getEnterpriseSession().getService("InfoStore");
session.setAttribute("InfoStore", iStore);
response.sendRedirect(sHomeURL

1 comment:

  1. Hello
    I have been looking for this solution for a while now. I would like to know if you have implemented something like JOSSO with business objects. It would be interesting to know your feedback.

    Regards

    Murtuza Morbiwala
    murtuzahm@gmail.com

    ReplyDelete