We've been experimenting with embedding individual objects from reports (eg. an individual chart or table) into webpages using REST URLs, but it hasn't been working well. We've also got SSO enabled, so users don't have to specifically log in when viewing the content this way.
I've been trying to do this by embedding the URL into an iframe in a webpage, which is apparently what causes the trouble. I've been told that using iframes can cause problems when authentication is required, and using iframes is the reason we get our auth errors.
I'm wondering if anyone has had any luck with embedding REST URLs into web pages (using SSO), and how they did this? Seeing iframes don't work reliably, does anyone know what does?
Pinned topic Embedding Cognos objects into web pages using REST...
Answered question This question has been answered.
Unanswered question This question has not been answered yet.
Updated on 2013-02-11T15:42:37Z at 2013-02-11T15:42:37Z by SystemAdmin
SystemAdmin 110000D4XK1959 Posts
Re: Embedding Cognos objects into web pages using REST...2013-02-11T15:42:37ZThis is the accepted answer. This is the accepted answer.It appears that our issue is similar to this one. Just to give a quick background. I am new to Cognos. We are trying to get our application to render Cognos 10 reports in an iFrame. We have just recently upgraded from Cognos 8 to Cognos 10.
Our application uses an identity management service called eAuthentication (eAuth). The idea is to have one login for every application. Users can sign up online or see a local registration officer depending on the eAuth level they need.
eAuth uses a Computer Associates (CA) product called Siteminder to protect applications. You install siteminder on your public facing webserver and when someone goes to the URL they are redirected to a eAuth login page. Once the user logs in they are allowed to proceed to the site.
We had problems getting eAuth to work with Cognos. The way siteminder was configured at the OCIO wouldn’t allow Cognos to communicate with the server. We ended up having to take the “Siteminder light” approach.
Basically, we store the users eAuth internal ID number in Oracle Directory Services(ODS). The user will go to our URL, sign in to eAuth, and Cognos will check to see if they are in the ODS. If they in the directory they are let in. If they are not in the directory Cognos will prompt them for a UserID and Password.
The problem we are having is that eAuth is blocking the application from rendering the reports in iFrame. Here is the description of the error:
"The system has encountered an error.
The URL you were trying to access contains embedded HTML tags. The eAuthentication system does not allow authentication from URL's that contain characters known to be used in cross site scripting attacks. These characters were most likely generated by the application you were trying to access. Please open a new browser window and log into the application you were trying to access again."
Any suggestions/comments/recommendations would be greatly appreciated.