To use IBM Cognos product documentation, you must enable JavaScript in your browser.

Configuring IBM Cognos 8 to Use a Custom Authentication Provider

If you implemented a custom Java authentication provider with your existing security infrastructure, you can configure IBM Cognos 8 components to use it.

You can use a custom authentication provider to access and authenticate users to an alternate authentication source. You can also use it as a single signon mechanism to integrate IBM Cognos 8 components with your security infrastructure. You can hide the namespace from users during logon.

For more information, see the Custom Authentication Provider Developer Guide.

Configure a Custom Authentication Namespace

You can configure IBM Cognos 8 components to use a custom authentication namespace. Any additional configuration for authentication source access, single signon, or custom attributes are dependent on the custom authentication provider implementation.

Ensure that the versions of Java Runtime Environment and Java SDK that you use are compatible with each other. If you use supported versions of the JRE and Java SDK that are not compatible with each other, then the custom Java authentication provider that you configure will not appear in the list of namespaces in IBM Cognos Configuration.

Steps

  1. On every computer where installed Content Manager, open IBM Cognos Configuration.

  2. In the Explorer window, under Security, right-click Authentication, and click New resource, Namespace.

  3. In the Name box, type a name for your authentication namespace.

  4. In the Type list, click Custom Java Provider and then click OK.

    The new authentication provider resource appears in the Explorer window, under the Authentication component.

  5. In the Properties window, for the NamespaceID property, specify a unique identifier for the namespace.

    Tip: Do not use colons (:) in the Namespace ID property.

  6. Specify the values for all other required properties to ensure that IBM Cognos 8 can locate and use your existing authentication provider.

  7. From the File menu, click Save.

  8. Test the connection to a new namespace. In the Explorer window, under Authentication, right-click the new authentication resource and click Test.

IBM Cognos 8 loads, initializes, and configures the provider libraries for the namespace.

Hide the Namespace from Users During Login

You can hide namespaces from users during login. You can have trusted signon namespaces without showing them on the namespace selection list that is presented when users log in.

For example, you may want to integrate single signon across systems but maintain the ability for customers to authenticate directly to IBM Cognos 8 without being prompted to choose a namespace.

Steps

  1. On each computer where you configured a custom Java authentication provider, open IBM Cognos Configuration.

  2. In the Explorer window, under Security, Authentication, click the custom Java authentication provider.

  3. In the Properties window, click the box next to Selectable for authentication and then click False.

  4. From the File menu, click Save.

The namespace is not shown on the selection list that is presented at login.