Issue:
Customer cannot get SSO to work within Jasper Server.
SSO is enabled on CA Spectrum as well.
Customer using LDAP in CA Spectrum.
Environment:
CA - Spectrum = 10.2.2.0.71 / 10.X
Jasper server = 6.3.0
Operating System = Linux
Cause:
When Single Sign On is enabled in Jasper Server and at the same time if you enable the Single Sign On feature in CA Spectrum, you may face access issue for Jasper SSO. And, customer using LDAP in spectrum
Jasper SSO - Enabled + Saved
CA Spectrum SSO - Enabled
CA Spectrum - LDAP
Resolution:
1) In the CA Spectrum machine, go to $Specroot\tomcat\webapps\spectrum\repmgr\admin folder.
2) Copy the 'spectrum.jks' and 'spectrum.properties' files.
3) In the Jasper machine, go to <<CABusinessIntelligenceINstalledDIR>>\apache-tomcat\webapps\jasperserver-pro\WEB-INF\config folder.
4) Replace the existing 'spectrum.jks' and 'spectrum.properties' files with the copied files from CA Spectrum machine.
And after this,
1.Stop Tomcat and Copy applicationContext-externalAuth-template-mt.xml file from cabi-media (cabi-media\samples) folder to Tomcat/webapps/jasperser-pro/WEB-INF/ folder.
2.Make sure no backup file in entire webapps/jasperserver-pro folder(ex: like application-context.xml_bak),no duplicate file for any file in WEB-INF folder.
3.From the following bean remove the "highlited/ commented" portion in applicationContext-externalAuth-template-mt.xml after copying the file to Tomcat/webapps/jasperser-pro/WEB-INF/ folder.
<bean id="cabiTenantUserValidationProcessor" class="com.ca.bicoe.cajasperserver.preauth.sso.authentication.processors.TenantUserValidationProcessor" parent="abstractExternalProcessor1">
<property name="multiTenancyService">
<ref bean="internalMultiTenancyService" />
</property>
<property name="caJasperUtils">
<ref bean="cajasperutils" />
</property>
<!-- property name="ldapUserAttributesUtillist">
<list>
<ref bean="ldapUserAttributesUtil" />
</list>
</property>
<property name="ldapreq" value="1" /> -->
</bean>
4.Restart Tomcat .
5.Check Jasper login from Spectrum UI.
Also - Special characters in usernames is not supported in SSO.