Cloud Pak for Business Automation

 View Only
Expand all | Collapse all

Launching external App in BPM dashboard with URL passing to IFrame and SMSESSION cookie

  • 1.  Launching external App in BPM dashboard with URL passing to IFrame and SMSESSION cookie

    Posted Fri February 25, 2022 08:31 AM
    Greetings,
    we have requirement where we wanted to launch the external application page in IBM BPM dashboard with Iframe implementation. Here I am able to launch the application with IFrame by passing the RUL in it, however it asks the credential again for external application when it opens up the the external application page.

    Now there are two approaches to resolve it. 
    1. use SSO and configure it with siteminder - this is very long path and not going with it.
    2. Retrieve the SMsession cookie after login to BPM environment and pass the cookie information as parameter to external application URL.(reason both the application BPM and external application are from same domain and has same users)

    Here I am looking for solution
    1. how to retrieve the SMSession cookie from BPM and pass it to external URL as parameter.
    2.  how to maintain the session after external application authenticate the user for subsequent call or before session timeout.

    Thanks,
    Ashish

    ------------------------------
    ashish gawande
    ------------------------------


  • 2.  RE: Launching external App in BPM dashboard with URL passing to IFrame and SMSESSION cookie

    IBM TechXchange Speaker
    Posted Thu March 31, 2022 12:40 PM
    Hi Asish, 
    Sorry we missed this question last month. Are you using CP4BA here? Since you are mentioning BPM, I wanted to verify you were using a Cloud Pak. 

    Thanks!

    ------------------------------
    Stephanie Wilkerson
    IBM
    ------------------------------

    Original Message


  • 3.  RE: Launching external App in BPM dashboard with URL passing to IFrame and SMSESSION cookie

    Posted Fri July 15, 2022 10:19 AM
    Hi Ashish,
    I have integrated other way round. The user login to the external application launches ICN and user will be automatically logged into ICN using SiteMinder SSO configured in ICN.

    In your scenario, I believe you have already configured BPM application with SiteMinder and so BPM is having the SMSESSION. In this scenario, you also need to configure/enable SiteMinder SSO to your external application. Once after that, you have two options.
    1.  You can use the same load balancer URL for your BPM (per say, https://mycompany.ecm.com/bpm) as well as External application (per say, https://mycompany.ecm.com/extapp) so that SMSESSION cookie obtained in BPM will be shared by the web browser to EXT App since it is the same browser domain (i.e mycompany.ecm.com)  (meaning no cross-site domain issue in browser, cookies won't be shared between apps if both are on different HTTP domains)
    2. Other option is that, configure SiteMinder SSO with external application and implement Windows Integrated Authentication using Kerberos Auth Scheme with External App's SiteMinder Policy. Doing this, user logged in to BPM loads the external app's iframe, at this point, the user's Kerberos token will be shared with external apps SiteMinder policy to authenticate the user once again and generates  another SMSESSION cookie local to the external app. Offcourse there is no use of this SMSESSION cookie for you but the user will get authenticated automatically upon loading iframe. The caveat here is that user has to undergo authentication checks twice - initially when log in to BPM and 2nd time when loading ext. app's iframe within BPM.  


    ------------------------------
    Anup Reddy Mereddy
    ------------------------------

    Original Message