Configuring Trusted Connections

You can configure a trusted connection between the WebFOCUS Client and the WebFOCUS Reporting Server and between the ReportCaster Distribution Server and the WebFOCUS Reporting Server.

A trusted connection is the recommended approach and has multiple benefits:

  • For external authentication, a trusted connection efficiently connects to the WebFOCUS Reporting Server, and does not require additional authentication requests against the Authentication provider, which can decrease system performance.
  • For pre-authentication, a trusted connection prevents the WebFOCUS Reporting Server from prompting the user for credentials.

Note: You must enable the WebFOCUS Reporting Server to accept trusted connections. For more information, see Configure the ibi WebFOCUS Reporting Server to Accept Trusted Connections.

Configure the ibi WebFOCUS Client to Make a Trusted Connection to the ibi WebFOCUS Reporting Server

 
    Procedure
  1. Sign in as an administrator, and open the Administration Console.
  2. On the Configuration tab, expand the Reporting Servers folder, and then expand the Server Connections folder.

    The list of existing WebFOCUS Reporting ServerConnections appears in the tree.

  3. Click the node of the WebFOCUS Reporting Server for which you must establish a trusted connection.

    The Client Configuration page opens.

  4. In the Security field, click Trusted. A trusted connection passes the WebFOCUS user ID to the WebFOCUS Reporting Server.
  5. You can choose to include or omit user group information.
    1. To include user group information, click Pass WebFOCUS User ID and their Groups. This is the default. Proceed to step 7.
    2. To omit user group information, click Custom. Continue with step 6.
  6. The User ID and User’s Groups check boxes and associated options appear.
    1. The User ID check box is automatically selected because user IDs must be passed to the WebFOCUS Reporting Server.
      • Do not change the WebFOCUS script variable. It must be IBIMR_user.
      • Click HTTP Header Field if you wish to pass user IDs with this method instead of the script variable. Type the HTTP Header Field file name.
    2. Clear the User’s Groups check box to prevent group information from being passed to the WebFOCUS Reporting Server. Leave the check box selected to pass user group information to the WebFOCUS Reporting Server.
      • Use the default WebFOCUS script variable IBIMR_memberof or type a different variable.
      • Select HTTP Header Field if you wish to pass user group information with this method instead of the script variable. Type the HTTP Header Field file name.
  7. Click Save.
What to do next

If you have ReportCaster, you may also want to configure the ReportCaster Distribution Server to make trusted connections to the WebFOCUS Reporting Server. Otherwise, you can proceed by configuring your specific type of pre-authentication or external authentication.

Configure the ibi WebFOCUS ReportCaster Distribution Server to Make a Trusted Connection to the ibi WebFOCUS Reporting Server

If you use ReportCaster, you can configure the ReportCaster Distribution Server to make trusted connections to the WebFOCUS Reporting Server when running scheduled jobs.

Note: Currently, trusted connections from ReportCaster in WebFOCUS send the user IDs of the schedule owners to the WebFOCUS Reporting Server, but do not send WebFOCUS groups.

    Procedure
  1. Sign in to WebFOCUS as an administrator, and open the ReportCaster Console.
  2. In the Show group, click Configuration.
  3. Expand the Data Servers folder and click the folder for the desired WebFOCUS Reporting Server.
  4. Click Trusted in the Security Type list.
  5. In the Manage Configuration group, click Save, and then click Restart.

Configure the ibi WebFOCUS ReportCaster Distribution Server to Make a Trusted Connection to the ibi WebFOCUS Reporting Server

If you use ReportCaster, you can configure the ReportCaster Distribution Server to make trusted connections to the WebFOCUS Reporting Server when running scheduled jobs.

Note: Currently, trusted connections from ReportCaster in WebFOCUS send the user IDs of the schedule owners to the WebFOCUS Reporting Server, but do not send WebFOCUS groups.

    Procedure
  1. Sign in to WebFOCUS as an administrator, and open the ReportCaster Console.
  2. In the Show group, click Configuration.
  3. Expand the Data Servers folder and click the folder for the desired WebFOCUS Reporting Server.
  4. SelectTrustedfrom the Security Type list.
  5. In the Manage Configuration group, click Save.
  6. When you receive a message asking you to confirm your decision to make changes to the ReportCaster configuration, click OK.
  7. When you receive a message reminding you to restart the Distribution Server and reload the ReportCaster Web Application to effect these changes, click OK.
  8. On the WebFOCUS Reporting Server browser interface ribbon, in the Manage Configuration group, click Restart.

Configure the ibi WebFOCUS Reporting Server to Accept Trusted Connections

You can configure a security provider on the WebFOCUS Reporting Server to accept trusted connections. Each provider is configured separately. You can enable trusted connections for one provider and disable it for others WebFOCUS Reporting Server.

Note: Trusted connections are not supported for the Windows Server OPSYS provider.

    Procedure
  1. Sign in as an Administrator, and open the WebFOCUS Reporting Serverbrowser interface.
  2. Click the Access Control tab.

    The Activate Providers page appears.

  3. In the navigation pane, under the Security Providers folder, double-click a security provider.

    The Security Configuration page for that provider appears.

  4. Expand the Trusted Connections separator bar.

    The Trusted Connections settings appear.

  5. Set trust_ext to y and click Save.
ResultThe Activate Providers page appears. There is now a checkmark in the Accepts Trusted column for the security provider.

Configure the ibi WebFOCUS Reporting Server to Accept Trusted Connections

You can configure a security provider on the WebFOCUS Reporting Server to accept trusted connections. Each provider is configured separately. You can enable trusted connections for one provider and disable it for others.

Note: Trusted connections are not supported for the Windows Server OPSYS provider.

    Procedure
  1. Open the WebFOCUS Reporting Server browser interface. If prompted, sign in with a valid Server Administrator User ID and Password.
  2. In the WebFOCUS Reporting Serverbrowser interface sidebar, click Access Control.

    The Access Control tab opens.

  3. In the Access Control navigation pane, under Security Providers, right-click a security provider and then click Properties.

    The Security Configuration page for that provider appears.

  4. In the navigation pane, under the Security Providers folder, double-click a security provider.
  5. Click y in the trust_ext list, and then click Save and Restart Server.
ResultThe Activate Providers pane appears. There is now a checkmark in the Accepts Trusted column for the security provider.

Configure the ibi WebFOCUS Reporting Server to Accept Trusted Connections

Note: Trusted connections are not supported for the Windows Server OPSYS provider.

    Procedure
  1. Open the WebFOCUS Reporting Server browser interface. If prompted, sign in with a valid Server Administrator User ID and Password.
  2. In the WebFOCUS Reporting Serverbrowser interface sidebar, click Access Control.

    The Access Control tab opens.

  3. In the Access Control navigation pane, under Security Providers, right-click a security provider and then click Properties.

    The Security Configuration page for that provider appears.

  4. In the navigation pane, under the Security Providers folder, double-click a security provider.
  5. Click y in the trust_ext list, and then click Save and Restart Server.

    When you receive a message that the server is restarting, wait.

  6. If the WebFOCUS Reporting Server Sign in page opens, type the WebFOCUS Reporting Server Administrator User ID and Password, and then click Sign In.
  7. When the Applications page opens, click Access Control in the WebFOCUS Reporting Serverbrowser interface sidebar.

    There is now a checkmark in the Accepts Trusted column for the security provider.

Configure the ibiWebFOCUS Reporting Server to Accept Trusted Connections

You can configure a security provider on the WebFOCUS Reporting Server to accept trusted connections. Each provider is configured separately. You can enable trusted connections for one provider and disable it for others.

Note: Trusted connections are not supported for the Windows Server OPSYS provider.

    Procedure
  1. Open the Access Control page of the WebFOCUS Reporting Server browser interface. If prompted, sign in with a valid Server Administrator User ID, Password. and select a Security Provider, if the Security Provider list appears on the Sign in page.
  2. In the Access Control navigation pane, under Security Providers, right-click a security provider and then click Properties.

    The Security Configuration page for that provider appears.

  3. In the navigation pane, under the Security Providers folder, double-click a security provider.
  4. Click y in the trust_ext list, and then click Save.

    When you receive a message that the WebFOCUS Reporting Server is restarting, wait.

  5. If the WebFOCUS Reporting Server Sign in page opens, type the WebFOCUS Reporting Server Administrator User ID and Password and select a Security Provider, if the Security provider list appears, and then click Sign In.
  6. When the WebFOCUS Reporting Server browser interface home page opens, select Tools and Access Control.

    A checkmark now appears in the Accepts Trusted column for the security provider.