Challenge and Response Authentication


The Challenge and Response web part enables authentication to Cognos by prompting / “challenging”  users for their credentials (userid, password and Cognos Namespace).

Application Configuration Settings

As with general installation and configuration, you must configure the Cognos instance that you would like to connect to within your “QVTConfig.xml” file. You should refer to the full installation and configuration manual for details. For clarity the main configuration options that affect the user interface are listed here:

  1. Display Name & Logical Name When logging in a user will be given a choice of Cognos Server(s) to choose from. The Display Name is the name displayed on screen. The Logical Name is an alternate name used within the product but is never displayed
  2. Namespace DisplayName The DisplayName is displayed on screen to users when logging in. This name can be any name, however the Namespace Name and ID need to match with Cognos Configuration values.
  3. Authentication This value of this setting is normally set to “Account”. The Challenge/Response web part will continue to function with other advanced SSO settings. If you are only using the standard SSO and/or the challenge and response web part then “Account” will suffice.

Adding Authentication Web Part to a SharePoint Page

Add the web part to a page. We generally recommend adding authentication web parts to an independent page from QueryVision web parts that are used to display Cognos content. The simplifies the end-user experience as well as managing the authentication experience. All other web parts can then redirected back to a central location for authentication using the Login Page Address URL property.

Step 1: Edit a Web Part Page

You can create a new web part page in SharePoint or create a new one. Once you do this using edit the web part page and add the Again just click create and we are done. You have now created a document library and in it you have created a blank Web Part Page.

Step 2: Add QueryVision Authentication Web Parts to a Web Part Login Page

Your QueryVision Web Part install has already placed your web parts into your SharePoint “gallery”. All that this means is that when you click on “Add a Web Part” on the page you will get a list of web parts that you can add. The list is the gallery, and in that gallery you should see a Category (which looks like a folder on the left called “QueryVision Web Parts”. Once you select the web part, you can choose which zone to add to and then click the Add button.
Add QueryVision Cognos Authentication Web Part to Page

The following is how the web part will appear on the page – ready to login
QueryVision Cognos Authentication Web Part

You now have a login page to log in to Cognos. Once a user is logged in all other QueryVision web parts will stay logged in for the duration of their session while they continue to browse through SharePoint content. After users fill in their credentials and log in the web part will hide itself and be “minimized”.

Step 3: Configure our Web Parts to Redirect back to the Login Page

This step is optional, but we generally recommend it. On all other web parts that display Cognos content (such as our Report Viewer) configure the web part to automatically detect and redirect users to the Login page we just created.  When you do this users will be redirected to get logged on and then back to their original requested page (e.g. a dashboard or report viewer page). TFirst, let’s go get the URL of the previous page we created which is our Login Page URL. You can get this simply by copying it from the address bar in your browser. Now edit the properties of your QueryVision Web Part (e.g. Report Viewer). We do this by clicking in the top right corner of the web part (which brings up the following menu).
Edit Web Part Menu

Click on the “Edit Web Part” menu option. This will open a tool pane on the right hand side of your screen.
QueryVision Login Page Address Properties
All QueryVision web parts have these shared Login Page Address properties. Paste the URL you just copied above into the Login Page Address. You can also check the “Redirect to Login Page” checkbox. Set the redirect delay to any desired amount. Click OK and you are done. Now when a user is not logged in and they come to a page which has this Content Manager Browser on it, they will automatically be redirected to the login page. The redirect delay is the amount of time to wait until the redirect.
Authentication Web Part With Login Options turned on
After the user is redirected they can login and they will be automatically redirected back to the original page. If you follow this procedure with all of your QueryVision web part then you will never have to worry about users getting lost. They can go directly to a dashboard with Report Viewer web parts be redirected to login and then redirected back again.