Single Sign-On Using HTTP Session Attributes
Single sign-on can be implemented by setting an attribute in the HTTP session. This session attribute must be set in the same web application as the reporting server. Therefore, this method is usually implemented when the Style Intelligence webapp is integrated with an existing J2EE application. If not, you need to create an intermediary application (JSP, Servlet) that runs in the same context as the reporting server. A simpler alternative in this case is the form-based implementation. (See Single Sign-On Using Forms With Hidden Fields.)
Add the following code in the primary sign-on application or in an intermediary application that is called before a request to the report servlet is made.
Note: This code is not complete. Custom logic must be added.
// Write logic to obtain the userName for the user
inetsoft.sree.security.SRPrincipal principal =
// Specify the locale of the user (optional),
// defined as string with ISO language and country code,
// separated by an Underscore. e.g., de_DE=german/Germany
// Add the principal object to the session
This approach circumvents the authenticate() method of the Authentication Provider, and the software will obtain the roles and groups for the user by calling AuthenticationProvider.getUser(userName).
When the user leaves the application, it is your responsibility to remove their session by calling logout. This is especially important if the server is using a session-based or user-based license.
inetsoft.sree.AnalyticRepository engine =