How to pass Doc ID to custom.jsp and bypass logon screen with OpenDocument on BI 4.1

I just want to share a little successfull test on BI 4.1, in order to bypass logon screen when using OpenDocument and also enabling custom.jsp to get the query string from the invoking URL and to pass it to the openDocument.jsp.

This technique will allow us to access specific WEBI reports while bypassing the BI Launchpad logon screen. Access permission to specific reports can be configured at BO user account level.

I have read another technique to bypass BI Launchpad for everybody and for every existing WEBI report, but we will do something different here.

Please forgive my English, It’s not my native language.

This test was done on BI Platform 4.1 on Windows Server 2008, with default Tomcat web server installation.

I will assume that you have basic knowledge of BI 4.1 on WEBI reports and BI server administration but you don´t need to be Java expert even though we will need to copy and paste some java code lines.

Let’s say I want to open a specific report by typing this URL in a browser:

http://serverBI41:8080/BOE/OpenDocument/opendoc/custom.jsp?sIDType=CUID&

iDocID=AaxesH7BM9dHogfEKfFI1rE

And I won’t even see the BI Lauchpad logon screen, but the requested WEBI report will open directly… now, how can this be done?

(You could request such a report with a regular OpenDocument link like this:

http://serverBI41:8080/BOE/OpenDocument/opendoc/openDocument.jsp?sIDType=CUID&iDocID=AaxesH7BM9dHogfEKfFI1rE

but you will be redirected to BI Launchpad logon screen before you can get to the requested report).

OK, let’s see how we can achieve this purpose.

We will basically add java code to custom.jsp file in order to create a token BI session and redirect the link to regular openDocument.jsp passing the iDocID from the invoking URL query string.

1.- we will need a BO user account wich preferably will have restricted permission to open specific WEBI reports and won´t be able to modify any report. This user’s ID and password will be hardcoded in the custom.jsp file (yes, it’s java language) as I’ll explain in more detail later on. If you can´t afford to create a new user account for this specific purpose, then choose an existing one that you can dedicate to this purpose. Next, restrict permissions accordingly (you don´t want to let this user account to modify report design nor to open other than intended reports).

2.- we will need Windows Administrator credentials and access to the BI server to be able to stop/start Tomcat, to delete Tomcat’s work directory and also to edit custom.jsp file.

The steps will be:

• Open a Windows session on BI server with administrator rights.
• Open file browser and go to this path:

C:\Program Files (x86)\SAP BusinessObjects\tomcat\webapps\BOE\WEB-INF\eclipse\plugins\webpath.OpenDocument\web\opendoc

• Make a backup copy of custom.jsp file inside that folder.
• Edit custom.jsp file with Notepad or similar. You can replace its contents with this code:

<%@ page import="com.crystaldecisions.sdk.exception.SDKException" %>
 <%@ page import="com.crystaldecisions.sdk.framework.*" %>
 <%@ page import="com.crystaldecisions.sdk.occa.infostore.*" %>
 <%@ page import="com.crystaldecisions.sdk.occa.security.*"%>
 <%@ page import="java.net.*"%>
 <%@ page import="com.crystaldecisions.enterprise.*"%>
 <%@ page import="com.crystaldecisions.sdk.plugin.admin.*"%>
 <%@ page import="java.sql.*"%>
 <%@ page import="com.businessobjects.webutil.Encoder" %>

<%@ page language="java" contentType="text/html; charset=ISO-8859-1"
 pageEncoding="ISO-8859-1"%>
 <%

//BO Session and redirect to OpenDocument
 IEnterpriseSession enterpriseSession;

/* * Set Enterprise Logon credentials. */
 final String BO_CMS_NAME = "MLABSBI2:6400";
 final String BO_AUTH_TYPE = "secEnterprise";
 final String BO_USERNAME = "rmenchi";
 final String BO_PASSWORD = "mypasswd";
 ILogonTokenMgr logonTokenMgr;
 String defaultToken = "";

// Log onto Enterprise
 boolean loggedIn = true;
 try {
 // Create session token
 enterpriseSession = CrystalEnterprise.getSessionMgr().logon(BO_USERNAME,BO_PASSWORD, BO_CMS_NAME,BO_AUTH_TYPE);
 logonTokenMgr = enterpriseSession.getLogonTokenMgr();
 defaultToken = logonTokenMgr.createWCAToken("", 120, 100);

// Redirect with query parameters and token attached to the ivsLogonToken parameter
 String queryString = request.getQueryString();
 response.sendRedirect
 ("http://mlabsbi2:8080/BOE/OpenDocument/opendoc/openDocument.jsp?"+queryString+"&token="+java.net.URLEncoder.encode(defaultToken));
 }
 catch (Exception error)
 {
 loggedIn = false;
 out.println(error);
 }
 %>

<html>
 <head>
 <meta http-equiv="Content-Type" content="text/html; charset=ISO-8859-1">
 <title>Insert title here</title>
 </head>
 <body>
 </body>
 </html>

• Replace the authentication parameters according to your case (under the line “/* * Set Enterprise Logon credentials. */“. Save the changes and close Notepad.
• Open Central Configuration Manager and stop Apache Tomcat.
• Open file browser and go to this path:

C:\Program Files (x86)\SAP BusinessObjects\tomcat\work

• Into this folder, delete catalina folder (if Windows displays an error about file name path too long for wastebasket, accept to delete it permanently).
• Open Central Configuration Manager if not already open and start Apache Tomcat (it will automatically re-create catalina folder and all its content).
• Wait a couple of minutes until BI becomes responsive (from 3 to 5 minutes).
• Test your report link in your preferred browser, for example:

http://serverBI41:8080/BOE/OpenDocument/opendoc/custom.jsp?sIDType=CUID&iDocID=AaxesH7BM9dHogfEKfFI1rE

• Of course you need to know beforehand the actual iDocID and be aware the user account that you put on custom.jsp file must have access permission to that specific report.

well, that’s it. I hope someone can find this helpfull. Best regards.