Creating a Template File

How to:

The template file is an xml file named dssso.xml in drive:\ibi\DevStudio77\bin.

All of the custom logon templates are placed in this file:

The following describes all of the tags needed for a template file. All of the mandatory tags are required even if they have no attribute value specified (in which case the attribute assumes a default value). For the sake of clarity, you should specify all attributes, even those in which you do not change the default value.
Top of page
x
Syntax: How to Start a Logon Template File

These tags are mandatory. 

<?xml version="1.0" ?> 
<authentications>
Top of page
x
Syntax: How to Start an Individual Template Definition

This tag is mandatory. 

<authentication name="form1" [desc="Description of Form 1"]>

where:

form1

Is a name for the template.

Description of Form 1

Is the name that displays on the Web component authentication list. If this attribute is omitted, the value for the name attribute displays.
Top of page
x
Syntax: How to Specify Attributes for Accessing the Logon Resource

These tags are mandatory. 

<sso_logon_resource desc="Logon Resource" [read_only="{true|false}"] 
[visible="{true|false}"]>
  <protocol [default="{protocol|https|%%environment%%}"] /> 
  <host [default="{hostname|%%environment%%}"] /> 
  <port [default="{port_number|%%environment%%}"] /> 
  <path default="resource_uri" /> 
</sso_logon_resource>

where:

sso_logon_resource

Is the URL of the program that will log users onto the SSO product. For example, this program may be a jsp, servlet, active server page, or CGI.

Logon Resource

Is the description that displays on the Web component authentication list.

protocol

Is the protocol to use to get to the logon resource, either http or https.

hostname

Is the host name of the logon resource.

port_number

Is the port number of the logon resource. When the default attribute is not specified, no explicit port value will be used in the connection. The effective port in this case depends on the protocol value. If the protocol is http then the port will be 80. If the protocol is https then the port is 443. A forward slash is pre-pended to the value of the default keyword if the value does not begin with one.

%%environment%%

Is a template variable that is replaced at run time by the corresponding value found in the Web Component environment dialog box. For example, wftest.ibi.com is the default for host in the following environment:

Web Component dialog box

resource_uri

Is the part of the URL that follows the port and specifies the path to the logon resource.

read_only="{true|false}"

True specifies that the value can be changed in the Developer Studio Environments window, false that it cannot. The default value is true.

visible="{true|false}"

True specifies that the value can be viewed in the Developer Studio Environments window, false that it cannot. The default value is true.
Top of page
x
Syntax: How to Specify the Logon Result

These tags are mandatory.

The logon result will be a cookie if the logon was successful. If the logon was not successful, no cookie should be returned by the security system, which indicates to Developer Studio that the login failed. In this case, Developer Studio opens a logon dialog that allows the user to re-enter the ID and password.

If a cookie is returned, Developer Studio assumes that the logon was successful and forwards the cookie to WebFOCUS on every request. To describe the cookie required for authentication, add the following tags to the template:

<logon_result name="cookie_name" [type="cookie"]  [visible="false"] />

where:

cookie_name

Is the name of the cookie returned by the logon resource. This name is case sensitive.

type=cookie

Indicates what Developer Studio should expect as the result of a successful logon. If omitted, it defaults to cookie.

visible="false"

True specifies that the value can be viewed in the Developer Studio Environments window, false that it cannot. The default value is false.
Top of page
x
Syntax: How to Specify Required Logon Parameters

These tags are mandatory. 

<user name="user" [desc="User Id"] [default="%%environment%%"] 
[read_only="true"] [visible="true|false"] /> 
<password name="password" [desc="Password"] [default="%%environment%%"] 
[read_only="true"] [visible="{true|false}"] />

where:

user

Is the authenticated user ID. Note that this value is established as read only and, by default, is taken from the Web Component environment dialog box.

userID

Is the name that displays on the Web component authentication list. If this attribute is omitted, the value for the user name attribute displays.

password

Is the authenticated password. Note that this value is established as read only and, by default, is taken from the Web Component environment dialog box. The value does not display even if the visible property is specified.

Password

Is the name that displays on the Web component authentication list. If this attribute is omitted, the value for the password name attribute displays.

%%environment%%

Is a template variable that is replaced at run time by the corresponding value found in the Web Component environment dialog box.

visible="{true|false}"

True specifies that the value can be viewed in the Developer Studio Environments window, false that it cannot. The default value is true.

read_only="true"

True specifies that the value can be changed in the Developer Studio Environments window, false that it cannot. The default value is true.
Top of page
x
Syntax: How to Specify Optional Logon Parameters

The need for additional variables is determined by what you need to process a logon (in addition to a user ID and password). 

<variable name="var1" [desc="Label 1"] [default="initial_value"] 
[read_only="{true|false}"] [visible="{true|false}"] 
[optional="{true|false}"] > 
[<protocol [default="{protocol|http|%%environment%%}"] [visible="false"] 
/> ]
[ <host [default="{hostname|%%environment%%}"] [visible="false"] /> ]
[ <port [default="{port_number|80|%%environment%%}"] [visible="false"] /> 
]
[ <path default="resource_uri" [visible="false"] /> ]
</variable>

where:

var1

Is a name for the additional variable required by the security system.

Label 1

Is the name that displays on the Web component authentication list. If this attribute is omitted, the value for the variable name attribute displays.

initial_value

Is a default value for the variable.

protocol

Is used to specify the protocol if the SSO product needs environment information for the additional variable. For more context, see the description of the sso_logon_resource tag.

hostname

Is used to specify the host name if the SSO product needs environment information for the additional variable. For more context, see the description of the sso_logon_resource tag.

port_number

Is used to specify the port number if the SSO product needs environment information for the additional variable. For more context, see the description of the sso_logon_resource tag.

%%environment%%

Is a template variable that is replaced at run time by the corresponding value found in the Web Component environment dialog box.

resource_uri

Is used to specify the resource URL if the SSO product needs environment information for the additional variable. For more context, see the description of the sso_logon_resource tag.

read_only="{true|false}"

True specifies that the value can be changed in the Developer Studio Environments window, false that it cannot. The default value is false.

visible="{true|false}"

True specifies that the value can be viewed in the Developer Studio Environments window, false that it cannot. The default value is true for the variable name tag and false for the protocol, host, port, and path tags.

optional="{true|false}"

True specifies that the attribute is optional, false that it is not. The default value is false.
Top of page
x
Syntax: How to Add User-Specified Cookies

By default, Developer Studio deletes cookie information when it is shut down. To preserve user-specified cookies, the cookie names must be specified using a cookie exception list in the template file. This list can be added to an existing template or a new template can be created to store just the cookie list. There is no limit on the number of cookies that can be specified.

<cookie_exclude_list>
<variable name="var1" default="cookie_name" visible="true"/>
</cookie_exclude_list>
var1

Is a parameter name for the cookie.

cookie_name

Is the name of the cookie. If this value is blank or contains a sample name for display purposes, the developer must specify the required cookie name in the Authentication Settings dialog box.

visible="{true|false}”

True specifies that the value can be viewed in the Developer Studio Environments window, false that it cannot. The default value is true.
Top of page
x
Syntax: How to End an Individual Template Definition

This tag is mandatory. 

</authentication>
Top of page
x
Syntax: How to End the Template Definitions File

This tag is mandatory. 

</authentications>
Example: Sample Template File

Developer Studio comes with several sample templates in its template file. The following example shows the SiteMinder sample logon template. Note that:

 <authentication name="ibi_sm" desc="SiteMinder">
  <sso_logon_resource desc="Logon Resource" read_only="false" 
visible="false">
   <protocol default="%%environment%%" /> 
   <host default="%%environment%%" /> 
   <port default="%%environment%%" /> 
   <path desc="" default="/siteminderagent/forms/login.fcc" /> 
  </sso_logon_resource>
  <user name="user" desc="User Id" default="%%environment%%" 
read_only="true" visible="true" /> 
  <password name="password" desc="Password" default="%%environment%%" 
read_only="true" visible="true" /> 
  <logon_result name="SMSESSION" type="cookie" /> 
  <variable name="SMAUTHREASON" default="0" read_only="true" 
visible="true" /> 
  <variable name="TARGET" read_only="false" visible="true">
   <protocol default="%%environment%%" /> 
   <host default="%%environment%%" /> 
   <port default="%%environment%%" /> 
   <path default="/ibi_html/index.html" /> 
  </variable>
 </authentication>

Authentication Settings dialog box
Example: Sample Template With a Cookie Exclude List

The following example illustrates a SiteMinder template with a cookie exception list. 

<authentication name="ibi_sm" desc="SiteMinder">
   <sso_logon_resource desc="Logon Resource" read_only="false"
     visible="false">
     <protocol default="%%environment%%"/>
     <host default="%%environment%%"/>
     <port default="%%environment%%"/>
     <path desc=""default="/siteminderagent/forms/login.fcc"/>
   </sso_logon_resource>
   <user name="user" desc="User Id" default="%%environment%%" 
    read_only="true" visible="true"/>
   <password name="password" desc="Password"default="%%environment%%"
    read_only="true" visible="true"/>
   <logon_result name="SMSESSION" type="cookie"/>
   <variable name="SMAUTHREASON" default="0"read_only="true"
    visible="true"/>
   <variable name="TARGET" read_only="false"visible="true">
     <protocol default="%%environment%%"/>
     <host default="%%environment%%"/>
     <port default="%%environment%%"/>
     <path default="/ibi_html/index.html"/>
   </variable>
   <cookie_exclude_list>
     <variable name="ExcludeCookie1" visible="true">CookieName1</variable>
     <variable name="ExcludeCookie2" visible="true">CookieName2</variable>
     <variable name="ExcludeCookie3" visible="true">CookieName3</variable>
   </cookie_exclude_list>
</authentication>

The following displays in the Authentication Settings dialog box when SiteMinder is selected as the Web Authentication component in the WebFOCUS Environment Properties dialog box:

Authentication Settings dialog box
Example: Sample Template With a Cookie Exclude List and No Signon Request

The following example illustrates a template called Cookie_save_list and disables the signon request by setting the sso_logon_resource parameter to NONE. 

<authentication name="ibi_Preserve_Cookies_Template"
      desc="Cookie_save_list">
  <sso_logon_resource desc="Logon Resource" read_only="false"
      visible="false">NONE  </sso_logon_resource>
  <user name="user" desc="User's Name" default="%%environment%%"
      read_only="true" visible="true"/>
  <password name="password" desc="User's Password"
      default="%%environment%%" read_only="true" visible="true" />
<cookie_exclude_list>
   <variable name="ExcludeCookie1" default="CookieName1"
       visible="true"/>
   <variable name="ExcludeCookie2" default="CookieName2"
       visible="true"/>
   <variable name="ExcludeCookie3" default="CookieName3"
       visible="true"/>
   <variable name="ExcludeCookie4" default="CookieName4"
       visible="true"/>
  </cookie_exclude_list>
</authentication>

The following displays in the Authentication Settings dialog box:

Authentication Settings dialog box

WebFOCUS