The simplest and easiest way to let your users login to your Mashup Service application is to bring up a standard Cognos logon dialog in a new window. This requires minimal code on the Mashup author's part, but has several caveats. The most important is that this requires the CMS application to be hosted in the same domain as your Cognos 8 BI server, otherwise cross-site scripting rules prevent the credentials from being shared. The other major caveat is that it may not be possible for your application to bring up a child window depending on the context in which it's being run.
The key to correctly handling authentication in a Mashup Service application is to look to see if the 403 HTTP status code is returned to your application when making a request. This indicates that the current credentials do not allow your user to access the desired resource via CMS.
In the code sample above, on the 403 error code, the doLogon() method is called to open up the logon window. Also note the checkLoginClosed() method right below. This method polls every 1 second to see if the user has closed the logon window.
The doLogon() method is not a CMS call. Instead, it's opening a 300x500 window to Cognos 8 BI itself requesting the close.xts page and asking Cognos Authentication Manager to logon. This causes Cognos 8 BI to request authentication before redirecting to close.xts. The close.xts page simply closes the browser window on load.
Finally, every second the checkLoginClosed() method is called. Once the child window is closed, the application tries to run the report again. Since this all occurred within the same browser session and domain, the required credentials are seamlessly and transparently sent to CMS.
In the next part of this series I'll show you how to use the Cognos Mashup Service Authentication API to provide a more seamless integration and avoid proxy issues caused by using the Cognos Logon Window.