I have web application using cognos Impromptu reports. When users are added to this system, I have a COM object written in VB6.0 to add the users information in cognos. It works fine but it always goes to cognos logon screen asking for login information. I want to avoid this login.
Is there a configuration which I need to change. please advise
Here is my code when they click the link for 'Reports':
URLstr ="https://ngb-66c05-mtora.ngb.army.mil/cognos/cgi-bin/login.cgi?cad=EnterpriseCognosAdditionalReports&action=login&signon="+escape(uid)+"&password=ES3v2cuser!&return_url=%2Fcognos%2Fcgi-bin%2Fupfcgi.exe%3Fxmlcmd%3D%3CGetPage%3E%3CTemplate%3Emain.utml%3C%2FTemplate%3E%3C%2FGetPage%3E%26id%3d332b40c5b68711d9b319c1515caae3de
The code for my COM pbject where user's are created:
Public Function UpdateES3CognosUser(Uid As String, Lname As String, Fname As String, uclass As String, actionType As String) As Integer
Dim objAuthApp As Object
Dim objAuthDoc As Object
Dim objRegUser As Object
Dim objRootClass As Object
Dim objUserClass As Object
Dim objRegDB As Object
Dim objDBS As Object
Dim sSignOnName As String
Dim DOMDoc As New MSXML2.DOMDocument40
Dim sNode As IXMLDOMNode
Dim sNodeList As IXMLDOMNodeList
Dim sUserName As String
Dim sFName As String
Dim sLName As String
Dim sEmail As String
Dim sPassword As String
Dim i As Integer
Dim j As Integer
Dim sNodeName As String
Dim classList As Variant
Dim sOldpwd As String
On Error GoTo errhandler:
'Load the xml file into DoM Document
'DOMDoc.async = False
'DOMDoc.Load (oXml)
'Instantiate cognos authentication objects
Set objAuthApp = GetObjectContext.CreateInstance("Authenticator2.Application")
Set objAuthDoc = objAuthApp.Documents.OpenWithBasicSignon("Default", "OpsAdmin", "OPS123!!", 0)
Set objRootClass = objAuthDoc.RootUserClass
Set objRegDB = objAuthDoc.DataSourceFolder.Databases("ES3")
'Get the user attribtues from the DOM Document
sUserName = Uid
sFName = Fname
sLName = Lname
sSignOnName = Uid
'sOldpwd = opwd
sPassword = "ES3v2cuser!"
classList = uclass
If UCase(actionType) = "NEW" Then
'Add user to the cognos users folder
Set objRegUser = objAuthDoc.UserFolder.Users.Add(sUserName)
'Set OSsignOn name
'objRegUser.IdentificationInformation.OSSignons.Add (sSignOnName)
'Set BasicSignOn name
objRegUser.IdentificationInformation.BasicSignons.Add (sSignOnName)
objRegUser.IdentificationInformation.BasicSignons.Item _
(sSignOnName).Password("") = sPassword
'Set Database signon
'Set objDBS = objRegDB.DataBaseSignons.Add(sUserName)
Set objDBS = objRegDB.DatabaseSignons("cognosuser")
objRegUser.AutoAccessInformation.DatabaseSignons.Add objDBS
'Set Database password
'objDBS.Password("") = sPassword
'Set auto access information property and users attributes
'objRegUser.AutoAccessInformation.DataBaseSignons.Add objDBS
objRegUser.AllowPersonalNewsBox = True
objRegUser.FirstName = sFName
objRegUser.LastName = sLName
'objRegUser.EmailAddress = sEmail
''Loop through roles and to cognos user classes
'classList = Split(uclass, ",")
''Set sNodeList = DOMDoc.selectNodes("//ROLE[@cg_class = 1]")
'For i = 0 To UBound(classList)
'Set objUserClass = objRootClass.UserClasses.Item(CStr(classList(i)))
'objUserClass.Users.Add objRegUser
'Next
Set objUserClass = objRootClass.UserClasses.Item(classList)
objUserClass.Users.Add objRegUser
'Prevent user from changing their password in Cognos
objRegUser.UserCanNotChangePassword = True
'set function return value
UpdateES3CognosUser = 0
ElseIf UCase(actionType) = "UPDATE" Then
'Set objRegUser = objAuthDoc.UserFolder.Users(sUserName)
'Set objRootClass = objAuthDoc.RootUserClass
''int1 = objRootClass.UserClasses.Count
'For j = 1 To objRootClass.UserClasses.Count
' Set objUserClass = objRootClass.UserClasses.Item(j)
' objUserClass.Users.Remove objRegUser
'Next
''Loop through roles and to cognos user classes
' classList = Split(uclass, ",")
'For i = 0 To UBound(classList)
' Set objUserClass = objRootClass.UserClasses.Item(CStr(classList(i)))
'objUserClass.Users.Add objRegUser
'Next
'Set objUserClass = objRootClass.UserClasses.Item(classList)
'objUserClass.Users.Add objRegUser
'objRegUser.FirstName = sFName
'objRegUser.LastName = sLName
'objRegUser.IdentificationInformation.BasicSignons.Item _
(sSignOnName).Password(sOldpwd) = sPassword
'Loop through roles and to cognos user classes
'Set sNodeList = DOMDoc.selectNodes("//ROLE[@cg_class = 1]")
'For i = 0 To (sNodeList.length - 1)
' sNodeName = sNodeList.Item(i).Text
' Set objUserClass = objRootClass.UserClasses.Item(sNodeName)
' objUserClass.Users.Add objRegUser
'Next
'set function return value
UpdateES3CognosUser = 0
Else
UpdateES3CognosUser = -1
End If
'no errors then set complete...
If Not objContext Is Nothing Then
objContext.SetComplete
End If
Exit Function
errhandler:
' Problem with the transaction...
If Not objContext Is Nothing Then
objContext.SetAbort
End If
UpdateES3CognosUser = -1
Err.Raise Err.Number, "c_Cognos.UpdateES3CognosUser", Err.Description
End Function
It's scary and highly insecure to use this method of login, as uid and password can be sniffed from the URL. And from the looks of it this is a military server ...
Anyhow, if I'm not mistaken, the parameters for login.cgi are action, uid, pwd and ru (or back).
You should opt for NTCR or SiteMinder driven authentication. You could also leverage TrustedSDK to authenticate using an ARMY passport cookie if you have one available. Ask anyone at MTMC in Washington how it was done. I've wrote the code for them a long time ago.
The COM is probably working properly assuming you get your new users created and they can login using the Upfront FORM authentication.