Intellicus Enterprise Reporting and Business Insights 18.1

SSO for Host Application on Java Platform

0 views June 28, 2020 0

Configurations Required

Configuring Host Application

In order to invoke methods at Intellicus end, the file intellicaSSO.jar needs to be placed in host application’s library.

The jar will be provided with intellicus setup.

Path for jar file: <Install_Path>\APIs\SingleSignOn\Java

Note: For Intellicus version earlier than 4.1, this jar can be requested to Intellicus Support.

 Host application needs to set Intellicus web application URL.

Configuring Intellicus

Intellicus application contains Integration.xml file for integration and dynamic user creation activities.

  • In Integration.xml, set business parameters required to pass (If any)
  • Set CREATE_USER for Dynamic User creation in Intellicus.

This xml file contains the information regarding integration like user role, dynamic category creation etc.

Path for Integration.xml:

<Intellicus_Install_path>\Jakarta\webapps\intellicus\WEB-INF

Note: Host application needs to give details in xml according to their requirements.

Corresponding to this integration xml file content, createUser() method in ReportControllerDetails.JSP at the Intellicus end should be defined.

Sample Integration xml and Controller jsp are provided with the Intellicus Setup.

Note: For Intellicus version earlier than 4.1, ReportController.jsp,ReportController.Detail.jsp,LaunchPortal.jsp  can be requested to Intellicus Support and should be placed at  <Intellicus_install_path>\Jakarta\webapps\intellicus.

Implementation for Single Sign-On Request

Implementation code can be written inside any JSP or servlet of host application.

  1. Host application needs to add intellicaSSO.jar in their application.

Host application needs to import class Enums.java, SingleSignOn.java, SingleSignOnException.java, UserInfo.java.

import com.intellicus.integration.singlesignon.Enums;

import com.intellicus.integration.singlesignon.SingleSignOn;

import com.intellicus.integration.singlesignon.SingleSignOn Exception;

import com.intellicus.integration.singlesignon.UserInfo;

Make an object of SingleSignOn class for invoking the methods of this class.

Make an object of UserInfo class and set the user credentials using the setter methods provided by UserInfo class.

Constructor

public UserInfo()

Constructor

public UserInfo(String userId, String orgId)

Parameters:

userId : User Id of the logged in user

orgId : Organization id of the logged in user

Pass this userInfo object to SingleSignOn class using the setUserInfo (userInfo) method.

public void setUserInfo(UserInfo userInfo)

Parameters:

UserInfo:  Object reference of UserInfo class.

Set the IntellicusUrl.  Intellicus URL can be read from property file.

If host application wants to set some hidden parameters, then invoke the setHiddenParameter (String paramName, String paramValue) for each hidden parameter.

These parameters can be read from property/xml file.

Method:

This method puts the hidden parameter into the hashmap for hidden parameters.

public void setHiddenParameter(String paramName,String paramValue)

Parameters:

paramName:  Name of the business parameter.

paramValue: Value of the business parameter.

Note: This method would be called before calling, the getIntellicusToken method. User can not change/update the parameters set through this method. If these parameters need to be changed,then host application need to request intellicusToken again in order to consider new value for these parameters.

Check for the Intellicus Token availability in session. If its not available in session then got to step 11 else go to step 12.

Call the getIntellicusToken() method of SingleSignOn class to get the token from Intellicus.

Method:

This method calls Intellicus API and passes the user credentials and other hidden/business/request parameters to Intellicus.

public String getIntellicusToken() throws SingleSignOnException

Returns:

TokenString:  Received token from Intellicus

If host application gets the token from Intellicus, then it redirects the request to Intellicus redirectionAPI with token.

Host Application can set the name of redirectionAPI. Its default value is “LaunchPortal.jsp”.

Method:

This method sets the name of Intellicus jsp to which request is redirected.

public void setRedirectionAPI(String redirectionAPI)

Parameters:

redirectionAPI: Name of the jsp at Intellicus end to which host application wants to redirect the request after user authentication

If host application wants to set some other business parameters, then invoke the setBusinessParameter (String paramName, String paramValue) for each such parameter.

These parameters can be read from property. xml file.

Method:

This method puts the business parameter into the hashmap for request parameters.

public void setBusinessParameter(String paramName,String paramValue)

Parameters:

paramName:  Name of the request parameter

paramValue: value of the request parameter.

Note: This method would be called before calling, the redirectToIntellicus method. Parameters set in this method can be updated without requesting new token.

After setting the name of the redirectionAPI, invoke the method for redirecting the request to Intellicus.

Method:

This method sets the name of Intellicus jsp to which request is redirected.

public void redirectToIntellicus(String onSuccess,String intellicusToken,HttpServletResponse response) throws IOException

Parameters:

onSuccess:  Name of the requested Intellicus API.

intellicusToken: Token received from Intellicus after user authentication.

response: It is the HttpServletResponse object. It is used for redirecting a request.

If host application does not get the token from intellicus i.e. if user authentication fails at Intellicus end, then host application can show their error page or error message based on the status message returned by the Intellicus.

Method:

This method sets the secure param to encrypt password string passed in request.

public void setIdenV(String idenV)

Parameters:

idenV: Values of param should be same as mentioned in ReportClient.properties file for IDEN_V property.

Note: This method would be called only in case if IDEN_V property value changed in ReportClient.properties file.

Method:

This method sets the secure param to encrypt password string passed in request.

public void setIdenK(String idenK)

Parameters:

idenK: Values of param should be same as mentioned in ReportClient.properties file for IDEN_K property.

Note: This method would be called only in case if IDEN_K property value changed in ReportClient.properties file.

Setter method for each UserInfo attributes

  1. Method to set the User id

public void setUserId (String userId)

Parameters:

userId:  User id.

  1. Method to set the User Password

public void setPassword (String password)

Parameters:

password:  password for the user.

  1. Method to set the User’s Organization id

public void setOrgID (String orgID)

Parameters:

orgID: organization id for the user.

  1. Method to set the User’s status(ACTIVE / SUSPENDED)

public void setStatus (String status)

Parameters:

status:  status of the user i.e. user is active or suspended.

  1. Method to set the user to Super Admin(“true”/”false”)

public void setIsSuperAdmin (boolean isSuperAdmin)

Parameters:

isSuperAdmin:  Whether user is Super admin or not.

  1. Method to set the user to Admin(“true”/”false”)

public void setIsAdmin (boolean isAdmin)

Parameters:

isAdmin:  Whether user is admin or not.

  1. Method to set role Id’s belonging to that user

public void setRoleIds (String roleIds)

Parameters:

roleIds:  Role that should be assigned to this user.

  1. Method to set role User’s Description

public void setDescription (String description)

Parameters:

description:  Any description or detail about that user.

  1. Method to set session id

public void setSessionId (String sessionId)

Parameters:

sessionId:  session id for the user.

  1. Method to set Security Descriptor

public void setSecurityDescriptor (String securityDescriptor)

Parameters:

securityDescriptor:  any specific information about the user.

  1. Method to set customer Id

public void setCustomerId (String customerId)

Parameters:

customerId:  customer id for the user.

  1. Method to set location

public void setLocation (String location)

Parameters:

location:  location for the user.

  1. Method to set locale

public void setLocale (String locale)

Parameters:

locale:  locale for the user.

  1. Method to set database name

public void setDBName (String dbName)

Parameters:

dbName:  Database name for the user.

  1. Method to set TimeStamp

public void setTimeStamp(long longTimeStamp)

Parameters:

longTimeStamp:  timestamp for the user.

  1. Method to set System Privileges

public void setSystemPrivileges(String systemPrivileges)

Parameters:

systemPrivileges:  system privileges for a user.

  1. Method to set blank password

public void setBlankPassword(boolean blankPassword)

Parameters:

blankPassword: it is true or false.

Note: Please refer IntellicusSSOEnduserRequest.java for end user request sample code.
Path: <Install_Path>\SampleCodes\SingleSignOn\Java

Note: Please refer IntellicusSSOLogout.java for logout sample code.
Path: <Install_Path>\SampleCodes\SingleSignOn\Java

Optional Settings

Controller API

This is the main controller for the integration of Intellicus with a host application.  It reads information from Integration.xml and sets hidden parameters (like domain ID and workspace ID) at Intellicus end.

Default name of this API is: ReportController.jsp and ReportControllerDetail.jsp.

If required, name of this API can be changed.

To call this API using different name than default names, you need to use method given below.

Method:

This method sets the name of Intellicus JSP to which request is redirected.

public void setIntellicusControllerAPI (String intellicusControllerAPI)

Parameters:

intellicusControllerAPI:  Name of the jsp at Intellicus which performs controlling activities for Intellicus.

This controller API is placed at:

<Intellicus_Install_path>\Jakarta\webapps\intellicus

Redirection API

It is the API available at Intellicus end to which request is redirected to from host application to Intellicus.

Its default name is: LaunchPortal.jsp

If required, name of this API can be changed.

To call this API using different name than default names, you need to use method given below.

Method:

This method sets the name of Intellicus JSP to which request is redirected.

public void setRedirectionAPI(String redirectionAPI)

Parameters:

redirectionAPI:  Name of the jsp at Intellicus end to which host application wants to redirect the request after user authentication.

This redirection API is placed at:

<Intellicus_Install_path>\Jakarta\webapps\intellicus

lbMode

Intellicus web application can be running on multiple web servers, so in such scenario a load balancer feature is used to decide which web server should serve the reporting request from Host application.

Host application need to specify whether reporting request is sent to load balancer or to a particular web server (in case if there is single web server for Intellicus application).

lbMode: This variable specifies whether to take reporting request to Load balancer or to particular Intellicus web server.

Its default value is: false.

It means no load balancer is in picture.

Method:

This method sets the lbMode as true or false.

public void setLbMode(boolean lbMode)

Parameters:

lbMode:  boolean value.

lbRelativePath

This variable specifies the relative path for Load balancer. It is accessed only when lbMode is true.

Its default value is: /LoadBlancerServlet

Method:

This method sets the lbMode as true or false.

public void setLbRelativePath(String lbRelativePath)

Parameters:

lbRelativePath:  String for relative path.

intellicusExternalURL

Intellicus application would be accessed by Host web server (Internal IP) to get the IntellicusToken.

But an end-user can access the host application from some outer network.  As host application need to redirect the request for Intellicus HTTP APIs from browser, an External IP for Intellicus web application needs to be specified.

intellicusExternalURL:This variable specifies the external URL for Intellicus web application.

Method:This method is to set the External URL for Intellicus.

public void setIntellicusExternalURL(String intellicusExternalURL)

Parameters:

intellicusExternalURL:  String for external URL.

Implementation for Logout

On logout from Host application, session for the user is invalidated and is redirected to home page of Host application. Now new user can login through same window.

Because host application and Intellicus web application are running on different web servers, so if host application user logs out from that application, it does not destroy the session in Intellicus for that user.

In order to destroy a session in Intellicus corresponding to a Host application end user, host application need to invoke logout method of Intellicus as well.

So logout needs implementation for both host application as well as Intellicus.

Note: If on logout, host appliaction is closing the current window, then there is no need of invoking the logout action at Intellicus. A new user will login through new window, so new session will be created for that user.

Implementation code can be written inside any JSP or servlet of Host application.

  1. Host application need to add intellicaSSO.jar in their application.
  2. Host application need to import class Enums.java , SingleSignOn.java, SingleSignOnjava ,UserInfo.java.

import com.intellicus.integration.singlesignon.Enums;

import com.intellicus.integration.singlesignon.SingleSignOn;

  1. Make an object of SingleSignOn class for invoking the methods of this class.
  2. Set the IntellicusUrl. Intellicus URL can be read from property file.
  3. Call the method logoutFromIntellicus of SingleSignOn.

Method:

This method calls Intellicus API and passes the user credentials to Intellicus.

public void logoutFromIntellicus (HttpServletResponse response)

Parameters:

response: It is the HttpServletResponse object. It is used for redirecting a request.

Sample logout code for Host application:

SingleSignOnLogout.jsp: It contains the steps mentioned above.

index.jsp: Home page of Host application.

frm1: Iframe on Host application screen in which Intellicus reporting feature are called.

function fnLogOut()

{

var logout=confirm(‘Do you wan to logout?’);

if(logout == false)

return;

document.getElementById(“frm1″).src=”SingleSignOnLogout.jsp“;

Form1.action=”index.jsp”;

Form1.target=”_self”;

Form1.submit();

}

Sample Code for Single Sign-On request:

try
{
HttpSession session=request.getSession(true);
  String intellicusToken=null;
	SingleSignOn singleSignOn=new SingleSignOn();
	  			
	//Set user credentials for user to be activated/deleted/suspended by Admin user.
	// OR set the credentials for logged-in user for End -user requests.
	//user password is not required, if the authentication mode for organization is "Host Application."
	//These credentials can be fetched from the cre
	 String hostAppUserid=(String)session.getAttribute("userId");
	 String hostAppOrgId=(String)session.getAttribute("orgId");
	  			
	 UserInfo userInfo=new UserInfo();
	 //set the credentials for logged-in user.
	userInfo.setUserId(hostAppUserid);
	userInfo.setOrgID(hostAppOrgId);
	singleSignOn.setUserInfo(userInfo);
					
	// Set user credentials for admin user.
	// Admin user credentials are required if some request for admin activity is raised.
	// Admin activities are like User Management, Database connection creation/modification etc.
	// These can be read from any property file or from repository/database.
	// Set user credentials for admin user.
	// Admin user credentials are required if some request for admin activity is raised.
	// Admin activities are like User Management, Database connection creation/modification etc.
	// These can be read from any property file or from repository/database.
	String intellicusAdminUserId="Admin";	//This value can be read from any property file or database.
	String intellicusAdminOrgId="Intellica";//This value can be read from any property file or database.
	String intellicusAdminPassword="Admin";	//This value can be read from any property file or database.
	  			
 UserInfo adminUserInfo=new UserInfo();
	adminUserInfo.setUserId(intellicusAdminUserId);
	adminUserInfo.setOrgID(intellicusAdminOrgId);
	adminUserInfo.setPassword(intellicusAdminPassword);
				
	SingleSignOn.setAdminUserInfo(adminUserInfo);
	  			
	// Set the path for Intellicus Web application
	// This can be read from any property file or from repository/database.
	  			singleSignOn.setIntellicusURL("http://localhost/intellicus");
	  			
	//	Set the business parameters/hidden parameters that need to be passed to Intellicus
	//This can be read from any property file or from repository/database.
	// for spaces give %20 or +
	  			singleSignOn.setHiddenParameter("p_CompanyOID","Ultra+Sports+2");
								
	// get the url for requested Intellicus API like 
	// Report listing /Dashboards/User preferences/Query Object list etc.
	String onSuccess=request.getParameter("onSuccess");
			
	// Check for the availability of Intellicus token in session.
	// If it is not found in session, it means user is first time  giving request to intellicus.
	// So Call the Intellicus methods to get the Token from Intellicus.
	// This token is sent by Host Application for the further interaction with intellicus.
	  			
	// If token is found in session, then it means, user has already taken token from intellicus.
	// So,no need to get the token again from Intellicus. User can use the same token which he has.
	 singleSignOn.setIntellicusExternalURL("http://localhost/intellicus"); 			if(session.getAttribute("intellicusToken")==null)//if token not found in session
	{
		//if user is not available at Intellicus end,
	  	// it will create the user dynamically and assign the role to that user.
	  				singleSignOn.setHiddenParameter("USER_ROLES","Admin");
	  				
	  	//call getIntellicusToken().
	  	// this method returns a intellicus token string, if user authentication is done successfully.
	  				intellicusToken=singleSignOn.getIntellicusToken();
	  				
		//if user is authenticated by Intellicus, then only call the Intellicus redirectionAPI
	  	//else show the error status message 
	  	if(singleSignOn.isUserAuthenticated())
		{
	  		session.setAttribute("intellicusToken", intellicusToken);
			singleSignOn.setBusinessParameter("ABC","1");
			singleSignOn.redirectToIntellicus(onSuccess, intellicusToken, response);

	}
		else // if user authentication fails at Intellicus end
		{
			PrintWriter out=response.getWriter();
					if(Enums.ResponseMessages.AUTHENTICATION_FAILED.equalsIgnoreCase(
		  						singleSignOn.getUserAuthenticatedMessage()))
	{
		out.println("Invalid Login name or Password");
	}
	else if(Enums.ResponseMessagse.COULD_NOT_CONNECT_TO_REPORT_SERVER.equalsIgnoreCase(
		  						singleSignOn.getUserAuthenticatedMessage()))
		  					
	{
	out.println("Report Server is Down");
	}
	else if(Enums.ResponseMessages.REPOSITORY_DB_IS_DOWN.equalsIgnoreCase(
		  						singleSignOn.getUserAuthenticatedMessage()))
	{
		out.println("Repository Database Connection is Down");
	}
	else
	{
		out.println(singleSignOn.getUserAuthenticatedMessage());
	}
}
}
else// if token found in session
{
singleSignOn.setBusinessParameter("ABC","2");
singleSignOn.redirectToIntellicus(onSuccess, intellicusToken, response);
	}
	  			
}
	catch(SingleSignOnException e)// if connection for the intellicusURL can not be opened.Reason can be 
//Intellicus url is wrong or Report Server is down.
{
	PrintWriter out=response.getWriter();
	out.println("Intellicus Web Application Not Available ");
}
	catch(Exception e)
	{
	PrintWriter out=response.getWriter();
	out.println("Intellicus Web Application Not Available ");
	}