Cognos第三方认证

Cognos 第三方认证Custom java provider这种认证是通过java 接口实现的通过java 类校验数据库中的用户来通过验证这种验证方式可以节省项目成本提高服务效率在Cognos 安装目录下的sdk 文件夹下有具体的java 代码如:////Copyright c 2007 Cognos Incorporated. All Rights Reserved.//Cognos and the Cognos logo are trademarks of Cognos Incorporated.//package authenticationimport java.io.Fileimport java.io.FileInputStreamimport java.util.Localeimport java.util.Propertiesimport authentication.//import mons.logging.import
org.logicalcobwebs.proxool.configuration.PropertyConfiguratorimport
com.cognos.CAM_AAA.authentication.IBiBusHeaderimport
com.cognos.CAM_AAA.authentication.IBiBusHeader2import
com.cognos.CAM_AAA.authentication.INamespaceAuthenticationProvider2import com.cognos.CAM_AAA.authentication.INamespaceConfigurationimport
com.cognos.CAM_AAA.authentication.IQueryimport
com.cognos.CAM_AAA.authentication.IQueryResultimport
com.cognos.CAM_AAA.authentication.ISearchExpressionimport
com.cognos.CAM_AAA.authentication.ISearchFilterimport
com.cognos.CAM_AAA.authentication.ISearchStepimport
com.cognos.CAM_AAA.authentication.IVisaimport
com.cognos.CAM_AAA.authentication.QueryResultimport
com.cognos.CAM_AAA.authentication.SystemRecoverableExceptionimport
com.cognos.CAM_AAA.authentication.TextDisplayObjectimport
com.cognos.CAM_AAA.authentication.TextNoEchoDisplayObjectimport
com.cognos.CAM_AAA.authentication.UnrecoverableExceptionimport
com.cognos.CAM_erRecoverableExceptionimport
com.cognos.CAM_AAA.authentication.ISearchStep.SearchAxispublic class JDBCSample extends Namespace implements INamespaceAuthenticationProvider2 private String connectionString// private static LogWriter lw LogWriter.newInstant// public static Log myLogger LogFactory.getLogJDBCSample.class /
seecom.cognos.CAM_AAA.provider.INamespaceinitcom.cognos.CAM_AAA.provider.I NamespaceConfiguration / public void initINamespaceConfiguration theNamespaceConfiguration throws UnrecoverableException
super.inittheNamespaceConfiguration this.addName Locale.getDefault theNamespaceConfiguration.getDisplayName //
myLogger.debugquotxxxxxxxxxxxxx:quot try // // Read our configuration from this Cognos 8 installs // configuration directory. // String configPath theNamespaceConfiguration.getInstallLocation quot/configurationquot// File nsConfig new FileconfigPath quotJDBC_Config_quot// theNamespaceConfiguration.getID quot.propertiesquot// Properties nsProperties new Properties// FileInputStream input new FileInputStreamnsConfig// nsProperties.loadinput// String server nsProperties.getPropertyquotserverquot// String databaseName
nsProperties.getPropertyquotdatabaseNamequot// connectionString
MS_JDBCDriver.driver.getConnectionStringserver// databaseName//
MS_JDBCDriver.driver.checkDbConnectionconnectionString PropertyConfigurator.configureconfigPath quot/ConnectPool.propertiesquot// PropertyConfigurator.configureconfigPath quot/log4j.propertiesquot catch Exception e throw new UnrecoverableExceptionquotConfiguration Errorquot quotProvider
initialization failure. Reason: quot e.toString /
seecom.cognos.CAM_AAA.provider.INamespaceAuthenticationProvider2logoncom.cog nos.CAM_AAA.provider.IBiBusHeader2 / public IVisa logonIBiBusHeader2 theAuthRequest throws UserRecoverableException SystemRecoverableException UnrecoverableException // myLogger.debugquotstep1quot//
lw.writeLogquot1111111111quot JDBCVisa visa null String username null String password null username
theAuthRequest.getTrustedEnvVarValuequotREMOTE_USERquot if username null try visa new JDBCVisa visa.initthis username0 catch UnrecoverableException ex UserRecoverableException e new UserRecoverableException quot锟斤拷锟斤拷锟斤拷锟斤拷锟斤拷没锟斤拷锟斤拷锟斤拷锟斤拷.quot quotquot
e .addDisplayObjectnewTextDisplayObjectquot锟矫伙拷锟斤
拷:quotquotCAMUsernamequot e.addDisplayObjectnew TextNoEchoDisplayObjectquot 锟斤拷锟斤拷:quot quotCAMPasswordquot throw e return visa // 1 - Look for trusted credentials username
theAuthRequest.getTrustedCredentialValuequotusernamequot password theAuthRequest.getTrustedCredentialValuequotpasswordquot if username null ampamp password null // 2 - Look for credentials coming from SDK request username theAuthRequest.getCredentialValuequotusernamequot password theAuthRequest.getCredentialValuequotpasswordquot if username null ampamp password null // 3 - Look for credentials in formfield username theAuthRequest.getFormFieldValuequotCAMUsernamequot password theAuthRequest.getFormFieldValuequotCAMPasswordquot if username null password null UserRecoverableException e new UserRecoverableException quotPlease type your credentials for authentication.quot quotThe provided credentials are invalid.quot e .addDisplayObjectnew TextDisplayObjectquotUser ID:quot quotCAMUsernamequot e.addDisplayObjectnew TextNoEchoDisplayObjectquotPassword:quot quotCAMPasswordquot throw e try // // Create a Visa for the new user. // visa new JDBCVisa// lw.writeLogusername0// lw.writeLog password0 visa.initthis username0 password0// lw.writeLogquotendquot catch UnrecoverableException ex // Something went wrong probably because the users credentials // are invalid. UserRecoverableException e new UserRecoverableException quotThe provided credentials are invalid. Please type your credentials forauthentication.quot ex .toString e .addDisplayObjectnew TextDisplayObjectquotUser ID:quot quotCAMUsernamequot e.addDisplayObjectnew TextNoEchoDisplayObjectquotPassword:quot quotCAMPasswordquot throw e return visa /
seecom.cognos.CAM_AAA.provider.INamespaceAuthenticationProviderlogoffcom.cogn os.CAM_AAA.provider.IVisa com.cognos.CAM_AAA.provider.IBiBusHeader / public void logoffIVisa theVisa IBiBusHeader theAuthRequest try // We can safely assume that well get back the same Visa that we // issued. JDBCVisa visa JDBCVisa theVisa visa.destroy catch Throwable t /
seecom.cognos.CAM_AAA.provider.INamespaceAuthenticationProvidersearchcom.cogn os.CAM_AAA.provider.IVisa com.cognos.CAM_AAA.provider.IQuery / public IQueryResult searchIVisa theVisa IQuery theQuery throws UnrecoverableException // We can safely assume that well get back the same Visa that we // issued.//
lw.writeLogquotsearchquot JDBCVisa visa JDBCVisa theVisa QueryResult result new QueryResult try ISearchExpression expression theQuery.getSearchExpression String objectID expression.getObjectID ISearchStep steps expression.getSteps // It doesnt make sense to have multiple steps for this provider // since the objects are not hierarchical. if steps.length 1 throw new UnrecoverableException quotInternal Errorquot quotInvalid search expression. Multiple steps is not supported for thisnamespace.quot StringBuffer sqlCondition new StringBuffer int searchType steps0.getAxis ISearchFilter filter steps0.getPredicate switch searchType case SearchAxis.Self : case SearchAxis.DescendentOrSelf : case SearchAxis.Descendent : if objectID null if filter null this.matchesFilter filter result.addObjectthis // Add current namespace if searchType SearchAxis.Self return result else sqlCondition.appendQueryUtil .getSqlConditionfilter else if
objectID.startsWithquotu:quot ampamp objectID.equalsvisa.getAccount .getObjectID if filter null this.matchesFilterfilter // lw.writeLogquotaaaaaaaaaaaaaaquot
result.addObjectvisa.getAccount// lw.writeLogquotbbbbbbbbbbbbbbquot // Add current user return result else if objectID.startsWithquotr:quot String sqlID
objectID.substring2 sqlCondition.appendQueryUtil .getSqlConditionfilter if sqlCondition.length gt 0 sqlCondition.appendquot AND quot
//sqlCondition.appendquotobjectID quot sqlID //by boc
sqlCondition.appendquotobjectID rquot sqlID quotquot else if
objectID.startsWithquotu:quot String sqlID objectID.substring2
sqlCondition.appendQueryUtil .getSqlConditionfilter if sqlCondition.length gt 0 sqlCondition.appendquot AND quot //sqlCondition.appendquotobjectID quot sqlID //by bocsqlCondition.appendquotobjectID uquot sqlID quotquot break default : if objectID null //sqlCondition.appendquotparentid is nullquot
sqlCondition.appendquotparentid 0quot else String sqlID objectID.substring2 sqlCondition.appendQueryUtil.getSqlConditionfilter if sqlCondition.length gt 0 sqlCondition.appendquot AND quot // sqlCondition.appendquotparentid quot sqlID //by boc sqlCondition.appendquotparentid quot sqlID quotquot break QueryUtil.query sqlCondition.toString theQuery.getQueryOption theQuery.getProperties theQuery.getSortProperties result this catch Throwable t t.printStackTrace return result 一、在SecurityAuthentication 下建立一个第三方认证的名字空间名字随意本文以QGYY_PORTAL 命名类型为Custom java providerNamespace ID：dbAuthJava class name：authentication.JDBCSample注意：这里的authentication.JDBCSample 是JDBCSample.jar 包下的authentication 下的JDBCSample.class最后效果如下:修改SecurityAuthenticationCognos 下的allow anonymous access 的值为false二、ConnectPool.properties 改一下连接信息放到cognos/c8/configuration 下将CAM_AAA_CustomIF.jar classes12.jar JdbcSample.jar proxool-0.9.0RC3.jar这几个jar 包放到Cognos/c8/webapps/p2pd/WEB-INF/lib 下三、在数据库中建立用户表的视图视图备份了数据库中的用户信息通过视图中的用户来登录Cognos 创建视图代码如下:用户试图CREATE OR REPLACE VIEW
KPI_USERUSER_ID USER_NAME USER_PASS USER_SIGNON_ID
USER_OSSIGNON_ID USER_ROLE_ID USER_DICRIPTIONASselect er_id user_er_er_password user_passu.login_id
user_signon_iduser_ossignon_id user_role_id user_dicription from er_ u order
by user_order组视图：CREATE OR REPLACE VIEW
KPI_USER_CLASSUSER_CLASS_ID USER_CLASS_NAME
USER_CLASS_DISCRIPTIONPARENT_USER_CLASS_ID USER_CLASS_LEVEL USER_CLASS_ORG_IDASselect cognos_class_id user_class_idcognos_class_name user_class_namecognos_class_descuser_class_discriptioncognos_class_parentid parent_user_class_id user_class_leveluser_class_org_id from portal.cognos_class关系视图CREATE OR REPLACE VIEW USER_ROLE_RELATIONUSER_CLASS_ID USER_SIGNON_IDASselect uo.cognos_class_id user_class_id u.LOGIN_ID
user_signon_id er_cog.。