Here is my big question, and it may be pretty dumb...but I am stumped. I have a web application that resides on server A (host name eiprod.xxxx.edu). I need to authenticate to my Cognos server on server B (hot name bireporting.xxxx.edu). I am trying to do this using the REST interface. But because I am crossing servers, I am getting the 403 forbidden - which is due to the cross site scripting prevention. So...here is the dumb question, do all my apps that want to use CMS need to reside on the Cognos server???
This topic has been locked.
1 reply Latest Post - 2011-10-31T16:23:53Z by SystemAdmin
Pinned topic authenticating using REST
Answered question This question has been answered.
Unanswered question This question has not been answered yet.
Updated on 2011-10-31T16:23:53Z at 2011-10-31T16:23:53Z by SystemAdmin
SystemAdmin 110000D4XK217 PostsACCEPTED ANSWER
You can look for cookies by poking around privacy settings on Firefox/IE.
Try setting the path in Cognos global settings to "xxxx.edu" or "/" (least restrictive) so Cognos cookies are visible from your caller application.
The work-around is to authenticate using the SDK (even REST) from your client app and then form-post all the cookies Cognos sets to a dummy page on the BI server web-gateway (under webcontent or webapps/p2pd/). So long as the dummy page sets an authentication cookies (there are several in C10, not just cam_passport) where Cognos can find it, the request will not be forbidden.