Would it be possible to bypass the Kerberos in Spotfire

[Jeisakthiganesh Harihara subramanian]

Hi All,

We have implemented Kerberos authentication in SPotfire and it works fiallyne by fetching the windows credentials automatically for all users. Could you please let me know whether there is any way to bypass this kerberos and login through LDAP within the same Spotfire environment

Thanks!

[Sean Riley]

The Spotfire Server pretty muchonly supports a single authentication method at a time, so you can't really use Kerberos and then separately have basic LDAP as well.But in addition to Kerberos, you could alsouse 'External Authentication' which would rely on some external application for the authentication, and then that external site would pass the successfully authenticated user to the TSS (with a custom header/cookie/etc value as per the configuration) who would then not need to authenticate again with Kerberos (since the custom external authentication mechanism already did that). That external authentication method could then use basic LDAP.

 

Reference:https://docs.tibco.com/pub/spotfire_server/7.6.0/doc/html/TIB_sfire_serv...

[Jose Leviaguirre]

Hello Sean, 

 

We are using kerberos but want to make a dashboard public on the intranet (LAN). Is there a special configuration for that

 

We have a CISCO kiosk that runs some kind of web browser. This device is connected to the intranet, but no login information is associated to the device so we can't give it access to the folder as done regularly with users. All this device provides is a computer name, ip and mac adddress.

 

Any ideas

[Jens Borgland]

If this is all on your local network so that you're sure that you can trust the remote IP etc and you always want to use a certain dedicated account when connecting from that machine then you could implement a CustomAuthenticator that checks the IP and returns that user if it matches (and returns null in all other cases - which means that Kerberos will be used instead).