we would like to set up a read only service catalogue which doesn't require logging into business space (anonymous user).
Is this possible ?
This topic has been locked.
5 replies Latest Post - 2012-12-17T13:29:39Z by DavidSeager
Pinned topic Public Service Catalogue - anonymous access to BusinessSpace
Answered question This question has been answered.
Unanswered question This question has not been answered yet.
Updated on 2012-12-17T13:29:39Z at 2012-12-17T13:29:39Z by DavidSeager
Re: Public Service Catalogue - anonymous access to BusinessSpace2012-11-30T09:24:05Z in response to NickLaquaYou cannot access Business Space with an anonymous user, if security is enabled on the WSRR & Business Space servers. The best you can do is designate a "view" user who you share the log in details for, and has access to only the Service Catalog space, which is a read-only view onto the services in WSRR.
For details and samples of how to set up a service catalog, see this dW article I co-authored:
Re: Public Service Catalogue - anonymous access to BusinessSpace2012-11-30T09:46:57Z in response to DavidSeagerThx for the response David. I did actually use your article when setting the catalogue up.
Regarding my question, I should have been more precise. Of course, WSRR and business space requires authentication to apply role based security. So the right question would have been for SSO (how to automatically login to WSRR, e.g. LTPA). At the end of the day, business space is "just another" web application :-)
Re: Public Service Catalogue - anonymous access to BusinessSpace2012-12-05T09:48:30Z in response to NickLaquaSo if Business Space runs on the same WebSphere Application Server profile as WSRR, the login to Business Space is used as the login to WSRR. So when the user logs into Business Space they use their WSRR login. The default standalone WSRR profile creation is for Business Space to be installed onto the same WAS profile.
If Business Space runs on a different WAS system, maybe on a different machine, then you need to configure single sign on between the WAS running Business Space and the WAS running WSRR. This page in our infocenter describes how to do this:
However there isn't any evidence that separating Business Space and WSRR produces a performance benefit, so for simplicity I would recommend putting Business Space on the same WAS server as WSRR.
Re: Public Service Catalogue - anonymous access to BusinessSpace2012-12-11T01:17:23Z in response to DavidSeagerDavid,
there is no concern about installing both Business Space and WSRR on the same server, as per the default setup.
My question was more around making BusinessSpace/WSRR part of an internal SSO network, so that based on the existing enterprise logon, users are automatically signed on to Business Space without having to enter username/password again.
so the more appropriate info center link is actually two lines down where it is explained how to use WebSeal (external authentication component) together with Business Space. In this case, I assume, that the user is not being shown the Business Space logon screen.
Re: Public Service Catalogue - anonymous access to BusinessSpace2012-12-17T13:29:39Z in response to NickLaquaYes, if WebSeal is used then the user should not see the Business Space login screen, and will be directed to the space.
There is an APAR open for this function, IV27434, which you can see if you have Passport Advantage access, according to this page http://www-01.ibm.com/support/docview.wss?uid=swg21461170
"The ability to see Open APARs on the Web is restricted to clients with entitled IBM Customer Identification Numbers (ICNs). You should login with your IBM Login ID which is mapped to your ICNs."
We aim to fix this APAR for the next fix packs of 7.5 and 8.0, alternatively once it is closed and published (and therefore visible on the web) you can request an interim fix.