The session information for an authenticated user in Cognos 8 is maintained in a passport. The passport contains one or more visas. A visa exists for each namespace in which the user is currently authenticated. The passport remains active for the duration of a session and has a configurable idle time-out setting.
Cognos 8 sets a session cookie in the user's browser that refers to the passport. The process of authenticating a user in the Cognos 8 environment includes the following:
• Passport verification or creation
A passport is required to process all requests in the Cognos 8 environment. The passport is created for a user after the first successful authentication.
Named users must log on to one of the configured namespaces. The logon process depends on the authentication methods available for a namespace. For example, an LDAP namespace may be configured to prompt for a user ID and password, or to retrieve identity information for the user from an HTTP header variable.
• Creation of a passport visa
After a successful logon, a visa is created to hold the namespace-specific user information for the duration of a session. Users can have one visa per session for each namespace to which they successfully log on.
After a successful logon, a visa is created to hold the namespace-specific user information for the duration of a session. Users can have one visa per session for each namespace to which they successfully log on.
