Here is my big question, and it may be pretty dumb...but I am stumped. I have a web application that resides on server A (host name eiprod.xxxx.edu). I need to authenticate to my Cognos server on server B (hot name bireporting.xxxx.edu). I am trying to do this using the REST interface. But because I am crossing servers, I am getting the 403 forbidden - which is due to the cross site scripting prevention. So...here is the dumb question, do all my apps that want to use CMS need to reside on the Cognos server???
SystemAdmin 110000D4XK217 Posts
You can look for cookies by poking around privacy settings on Firefox/IE.
Try setting the path in Cognos global settings to "xxxx.edu" or "/" (least restrictive) so Cognos cookies are visible from your caller application.
The work-around is to authenticate using the SDK (even REST) from your client app and then form-post all the cookies Cognos sets to a dummy page on the BI server web-gateway (under webcontent or webapps/p2pd/). So long as the dummy page sets an authentication cookies (there are several in C10, not just cam_passport) where Cognos can find it, the request will not be forbidden.