If you are unable to create a new account, please email support@bspsoftware.com

 

News:

MetaManager - Administrative Tools for IBM Cognos
Pricing starting at $2,100
Download Now    Learn More

Main Menu

Cognos portlet in Websphere - HELP!!

Started by Dev1975, 03 Feb 2016 11:10:44 AM

Previous topic - Next topic

Dev1975

Hi all,

Has anyone ever come across an "insufficient permissions" message when viewing a report via Cognos Portlets deployed to Websphere Portal?? Having this exact problem with a Customer environment and have not made any headway, which is doubly frustrating as IBM have been engaged via the PMR route but have been incredibly slow to respond.

When logging in via the portal, it throws the above message about permissions, however logging directly into the Cognos portal with the same user, I'm able to navigate to the report in question and run it. Websphere trace logging shows that Cognos is being contacted and the user account is passed to it, it validates and returns a bunch of capabilities and a little further down it returns the message about permissions.

The document to enable SSO was followed, so it has the shared secret and CPSTrusted namespace setup and we have reviewed this config setup a number of times as well.

Fast running out of ideas and, understandably, Customer is quite upset at the moment. Anyone have any idea what to try next, or ideally know what the problem is and what to do to fix it?!?!

Cheers,
Dev

bdbits

Have you tried a AAA trace? This is the facility that handles authentication. Here are some really old instructions, but I could not find a more current link and it actually says they are good up into 10.2.x versions so I think it is probably still the same. Obviously, you will need access or work with someone who has access to the server.

http://www-01.ibm.com/support/docview.wss?uid=swg21343375

Basically you rename a file (optionally editing it if you want custom logging), and this turns on the tracing. Rename it back and the tracing stops. It will capture a lot of details, so you will want to disable it as soon as you have reproduced the error. It will leave behind a log file with detailed tracing information.

Dev1975

Hi bdbits,

That's one of the first things IBM Support suggested, which we had implemented and sent them the resulting logs but nothing's come of it. I've had a look through the logs as well and it seems like the user is being authenticated as a valid user and Websphere Portal tracing also shows the same thing.

It's really frustrating that the login works when you bypass Websphere Portal and allows the user to run the report when queried directly through Cognos Connection. Been prodding IBM to get on the case and setup a remote session with the end user but they're really taking their time.

Ugh!