Enable Single Signon Using Shared Secret

You can use shared secret for single signon between IBM® Cognos® portlets and IBM Cognos components. The Cognos portlets send a message that contains an encrypted version of the portal user ID. The encryption key is determined by the value of a secret character string shared between the portlets and the custom Java™ security provider on the IBM Cognos server.

You can use shared secret for the other portal only if portal user IDs can be looked up in an authentication namespace that is shared by IBM Cognos components.

IBM Cognos components must have access to a directory server that contains user IDs for all your portal users. Using IBM Cognos Configuration, you must configure an authentication namespace so that the portal and IBM Cognos components share the same authentication source.

You must also create a Custom Java Provider namespace to register the shared secret Java provider that is provided with IBM Cognos components. Within the portlets or iViews, you must link the portlets or iViews to the Custom Java Provider namespace within your respective portal:

Cognos iViews (SAP EP)
Cognos Portlet Application (WebSphere® Portal)
remote server (Oracle WebCenter Interaction Portal)
Cognos Web Part (SharePoint Portal)

You are not required to configure access to the Portal Services Web content. However, if you deploy the portlets to another portal, you can configure access to an alternate URI for Portal Services images and Web content.