Google Groups no longer supports new Usenet posts or subscriptions. Historical content remains viewable.
Dismiss

SSO with iFrame portlet

101 views
Skip to first unread message

emfr...@br.ibm.com

unread,
Nov 21, 2008, 8:02:00 AM11/21/08
to
Hello,

I want to use an iframe portlet to display an ASP web app inside WebSphere Portal v6. This ASP application requires authentication against a different user registry from the LDAP I use in my portal. My question is, does Iframe support SSO and allows me to send authentication tokens so that once users login to Portal, they will not need to login to the ASP application.

Thank you.

Jim Barnes

unread,
Nov 21, 2008, 9:02:44 AM11/21/08
to
it supports basic auth and form based auth

IBM Certified System Administrator -- WebSphere Portal V6.0, V5.1, V5.0

IBM Certified Solution Developer -- WebSphere Portal V5.1, v6.0

The postings on this site are my own and do not necessarily represent the positions, strategies, or opinions of IBM

soeren....@ahlers-group.com

unread,
Nov 24, 2008, 8:09:31 AM11/24/08
to
Is there any possibility to get SSO working with Quickr?
We want to integrate the Quickr in an i-frame, but we've got a problem with passing credentials. We just get the login mask of Quickr.
Portal and Quickr are in the same domain and realm and use both domino ldap user registry. SSO is working when you click on a link to Quickr in Portal, but not if Quickr is integrated in an i-frame.

Thanks in advance

Jim Barnes

unread,
Nov 24, 2008, 8:25:27 AM11/24/08
to
it could, what url are you pointing to in quickr? the authenticated url or the unauth url?

soeren....@ahlers-group.com

unread,
Nov 24, 2008, 9:08:48 AM11/24/08
to
I'm not sure what you mean by that.
It's a link to a specific teamspace.
e.g. http:// . : /lotus/myquickr/ /

Should we point to the url like meant above or the whole url like "http:// . : /lotus/myquickr//!ut/p/c1/fY1LDoIwFEXX4gre.....!!/" ?
I tried to enter some credentials in the *web clipping portlet*, but ended without success.

Jim Barnes

unread,
Nov 24, 2008, 9:13:04 AM11/24/08
to
are you using the web page portlet or the web clipping portlet?

I think in this case you would be better off with the web page portlet

soeren....@ahlers-group.com

unread,
Nov 24, 2008, 9:37:32 AM11/24/08
to
Thank you.
I've just installed the web page portlet and it's working.
I hope IBM will develop better alternatives of integrating the Quickr, but for now it's good enough.

david....@usherbrooke.ca

unread,
Nov 24, 2008, 4:49:08 PM11/24/08
to
Hi Jim,

I am new to WPS. Is the iframe portlet the same thing as the web page portlet? I am using WPS 6.1 and trying to authenticate to an asp.net application. I choose "form-based" authentication and filled the user & password field names. I also added a new entry in the credential vault. When accessing the page via:
https://server_name/app_name/login.aspx?txtUsager=user&txtPassword=pass
It does works and redirects to :
https://server_name/app_name/default.aspx
But inside the portlet, the credentials are not passed and the login screen is called without any parameter in the URL. What am I doing wrong?

Also, where can I find the iframe portlet? the link doesn't seems to work on the ibm catalog

Any help would be greatly appreciated.

Jim Barnes

unread,
Nov 25, 2008, 7:02:46 AM11/25/08
to
well the web page portlet is an iframe portlet. but the clipper also has an iframe option.

Which one are you using? are you pointing the url to the inside authenticated part of the server or the first url you visit to get authenticated?

david....@usherbrooke.ca

unread,
Nov 25, 2008, 8:33:26 AM11/25/08
to
Thanks for your reply Jim.

I have tried both (wbe page portlet and web clipping portlet) but without success.

Here's what I did for the web page portlet:
URL : https://server/app/default.aspx
this is the URL I get redirected to after a login. If I try to access this page without be logged in than I get redirected to "login.aspx". Also, I have added the certificate to the server (http://publib.boulder.ibm.com/infocenter/wpdoc/v6r0/index.jsp?topic=/com.ibm.wp.zos.doc/collab/i_cpp_t_domino_ssl.html) so I don't think it's a SSL thing. The asp.net application is on the same domain than the WPS, and I access them both with the server name (not the IP address).

Form-based authentication:
connection URL : https://server/app/login.aspx
user name parameter : txtUsager
password parameter : txtPassword
No other parameter is needed in the asp.net form, and the form action is "login.aspx". Both GET and POST methods are supposed to work on this form.

I created a new credential slot "test" with my own credentials in the default credential vault.

When I access the page I still need to login to the asp.net application (the page "login.aspx" is called without any parameter, as seen with the live http headers in firefox). Same results with IE7 and Firefox 3. WPS version is 6.1. I tried to reintall the web page portlet but it didn't solve the problem.

Any hints?

Thanks

Jim Barnes

unread,
Nov 25, 2008, 8:52:08 AM11/25/08
to
Well with the web clipper, the request is going to come from the back end so you will not see the request in live http headers.

For iframe though, is the site in the same domain as your portal server?

david....@usherbrooke.ca

unread,
Nov 25, 2008, 10:12:30 AM11/25/08
to
yes they're both on the same domain. Does it matter if the portal is http and the application is https?

david....@usherbrooke.ca

unread,
Nov 25, 2008, 10:46:24 AM11/25/08
to
As I said, I am new to WPS, so could you please specify how can I access the portal trace and what do you need to see exactly?

Whichever option I choose (iframe or not iframe, accessing the resources directly or not) in the clipper, I get the same results.

Is there any special configuration to do in the credential vault before being able to use the portlet? Or is there any other portlet I could use to achieve this goal? We really need the SSO to work because we have a lot of applications where a login is required.

thanks

Jim Barnes

unread,
Nov 25, 2008, 10:22:38 AM11/25/08
to
no, I would really need to see tracing as to why portal is doing this, we have seen similar issues, but if you are using iframe option in the clipper and choosing to access resources directly you will still get prompted for access as the browser then makes a request to the server for the images

Jim Barnes

unread,
Nov 25, 2008, 1:58:59 PM11/25/08
to
This is the trace we need to see
http://www.ibm.com/support/docview.wss?rs=688&ca=portall2&uid=swg21244268

no special config for the cred vault, it should just work. No other portlet that I know of. and Clipping and SSO aer not always the same thing. If you want the app to be within portal then we need to use clipping if you just want sso there are seperate avenues to explore

Maggi

unread,
Jan 5, 2009, 6:44:43 AM1/5/09
to
Hi Jim and David
This is Hitesh a WAS Admin
I'm also trying to implement form based SSO to my external
applications
but I dont know how to do it
We have webseal IHS and Websphere Portal Server 6.0 in our environment
can you please help me in this

Thanks & Regards
Hitesh

hitesh...@hcl.in

unread,
Jan 7, 2009, 2:53:53 AM1/7/09
to
Hi All
I want to integrate OWA (Outlook Web Access )in my portal Application
LDAP is ADS and is same for Portal and OWA
I've TAM/Webseal on the same ADS
Can I achieve this using Form Based SSO .

Maggi

unread,
Jan 9, 2009, 8:05:47 AM1/9/09
to

Hi ALL
waiting for ur replies

0 new messages