Jazz Forum Welcome to the Jazz Community Forum Connect and collaborate with IBM Engineering experts and users

Rational Insight Configure Reporting User Authentication with non-password systems

Questions
Tags
Users
Badges
June Boston
(1943038) Mar 31 '15, 11:15 a.m.
We have a Jazz installation that does not use usernames and passwords for authentication, instead using a smart card system to log in.  There are not even service accounts with passwords; the ccm_user type accounts are internally configured by CLM using oauth keys, but they aren't users on our network.  It is not possible to create a user on our network that has a username and password.

Given this: on the fifth step on the Rational Insight 1.1.1.3 setup, a username and password is required to set up the Jazz namespace in Cognos for authentication.  This cannot be done as-is.  If we skip this and enable anonymous access to the server, is there a way we can retroactively set up Jazz authentication so we can control access to the reporting server with a finer grain than allowing/denying all access based on license status?

Thank you,
June

0 votes

1 answer
4,891 views
0 votes

One answer

Permanent link
Francesco Chiossi
(5.7k11119) edited
Mar 31 '15, 11:23 a.m.
Hello June,

you can manually setup the Jazz namespace as described here:

Modifying the JTS authentication properties on the report server
http://www-01.ibm.com/support/knowledgecenter/SSYMRC_5.0.2/com.ibm.rational.rrdi.admin.doc/topics/t_configure_oauth_properties_for_jazz_server.html?lang=en-us#manual

see the Modifying the authentication properties manually section.

Best Regards,

Francesco Chiossi

1 vote

Comments
June Boston
Apr 02 '15, 7:51 p.m.

Thank you, when we get the server functioning I will respond on how effective this was.

June Boston
Jun 30 '15, 7:49 p.m.

As it stands, and possibly due to some issue with smartcard authentication, this technique has not worked.  The jazzns_config.xml file was configured correctly but has not been picked up or modified by Insight during resets.  Additionally, it does not configure the Jazz namespace in Websphere's LDAP configuration or in the Cognos configuration.  We manually created the Cognos configuration namespace to match one of our other environments (albeit on a non-smartcard network) and gave WAS the same LDAP configuration as JTS.  Still, it does not function; a login button has appeared in Rational Insight, but clicking it takes one to a Rational Insight 1.1.1.3 login prompt that is a clear clone of the Jazz login prompt and it doesn't ask for a smartcard so there is no way to push it credentials.  Being logged into Jazz (which brings up a smartcard pin prompt before the page loads to force authentication) does not make you logged into Cognos.  We haven't disabled anonymous access as not to be locked out.

We are trying to get a service account with a password since the document above is missing steps, but we might not be able to.

Your answer

Register or log in to post your answer.

Dashboards and work items are no longer publicly available, so some links may be invalid. We now provide similar information through other means. Learn more here.

Ask a question
Guidelines
FAQ
Search context
Follow this question

By Email: 

Once you sign in you will be able to subscribe for any updates here.

By RSS:

Answers
Answers and Comments
Question details

Question asked: Mar 31 '15, 11:15 a.m.

Question was seen: 4,891 times

Last updated: Jun 30 '15, 7:49 p.m.

Confirmation Cancel Confirm