Configure the Required Namespaces
Procedure
- In IBM Cognos Configuration, configure a namespace
to authenticate portal users.
For instructions, see the topic about configuring authentication providers in the Installation and Configuration Guide.
- For an LDAP namespace, configure the following properties:
- For the Use external identity property, change the setting to True.
- For the External identity mapping property,
set it to
(uid=${environment("REMOTE_USER")})
For SharePoint Portal, if SharePoint is on a different machine from the LDAP server, set External identity mapping to
(uid=${replace(${environment("REMOTE_USER")},"SharePoint_Server\\","")})
Other properties may be required. For more information, see the topic about configuring IBM Cognos components to use LDAP in the Installation and Configuration Guide.
- For an IBM Cognos Series 7 namespace, map
the portal user IDs to IBM Cognos Series 7 user IDs using
OS signons.
For more information, see the IBM Cognos Series 7 documentation.
- In IBM Cognos Configuration, create and configure
a Custom Java™ Provider namespace.
For instructions, see the topic about configuring a custom authentication namespace in the Installation and Configuration Guide.
- For the Namespace ID property, specify
any new ID.
For example, cpstrusted
This new ID must be used in the portlet configuration settings.
- For the Java class name property, type
com.cognos.cps.auth.CPSTrustedSignon
Java class names are case-sensitive.
- For the Namespace ID property, specify
any new ID.
- In IBM Cognos Configuration, under Environment > Portal
Services, configure the following properties:
- For Trusted Signon Namespace ID, type the
ID of the namespace that you configured in step 1. Tip: The trusted signon namespace acts as an intermediary and must be attached to a real directory-based namespace.
- For Shared Secret, type the key to be used
for single signon.
This parameter represents the authorization secret that must be shared between the Cognos portlets and the IBM Cognos server. Consider this as a secret password. You must use the same character string when you configure the portlet application. You must use a single word as the key.
For security reasons, specify a non-null value.
- For Trusted Signon Namespace ID, type the
ID of the namespace that you configured in step 1.
- Under Environment, for Gateway Settings, set the Allow Namespace Override property to true.
- From the File menu, click Save.
- Restart the IBM Cognos service.