Excel Drilldown Prompts User to Re-Authenticate

[Doug Monson]

Good Day,

We have a WebFOCUS 9.2.1 environment hosted by ibi in the Cloud. The security for user authentication is provided by SAML (Azure AD). The application uses Excel output in a large number of reports and these reports often contain drilldowns within the Excel spreadsheet. When a user clicks on one of the Excel drilldown links they are prompted to re-authenticate to the SAML provider.

I have searched through WebFOCUS configuration settings but have been unable to find anything that changes the behavior. Has anyone seen this behavior and found a solution? Thanks

-Doug

[Patrick Huebgen]

@Doug Monson 3 this is rather related to Excel -  via SAML you have an active session in your Webbrowser for example Chrome. Whenever you are switching to Excel output Excel takes over as a Webbrowser but has no active session. In this case WebFOCUS is not ending the session but Excel is opening a new session. Is you link full qualified? Means looks lie http:/xxx.xxx.xxx./ibi_apps/…. ?

[Doug Monson]

Hi Patrick,

Thanks for the reply. Yes, the URL link in the Excel spreadsheet has the fully qualified address - https://wfdev.customer.com/ibi_apps/WFServlet?IBIF_webapp=/ibi_apps&IBIC_server=WFNT&IBIAPP_app=gold&IBIMR_drill=IBFS,RUNFEX,IBIF_ex,true&IBIF_ex=IBFS:/WFC/jwxu52ru.fex........ So that does make sense that it would attempt to establish a new session from Excel.

I also just noticed that the location of the drilldown FEX is incorrect in the drilldown link. The drilldown link is pointing to &IBIF_ex=IBFS:/WFC/jwxu52ru.fex when the actual location for that FEX is IBFS:/WFC/Repository/frsnrc0w/Position_Control/jwxu52ru.fex. 

-Doug

[Doug Monson]

I did a little more testing and came to realize what I think is my issue. I logged into the WebFOCUS application using Chrome but when I clicked on the Excel drilldown link, I never paid attention to the fact it opened up in Edge (which is set as my 'default' browser). Edge doesn't have a session so naturally I was prompted to re-authenticate. From Excel I copied the drilldown link and pasted it into my current Chrome session and the drilldown worked. I then changed my default browser in Windows to use Chrome and the drilldown link from Excel opened successfully in Chrome.

I also corrected the drilldown link syntax, but it is important to note that even with the FOCEXEC=app/jwxu52ru.fex syntax, the drilldown works from Excel.

This was the original code in the FEX stylesheet -
     TYPE=DATA,
          ACROSSCOLUMN=N1,
          FOCEXEC=app/jwxu52ru.fex(PROGCODE1=N1 ORGNCODE3=N3 ACCTCODE2=A3 ATYPCODE1=A1 COASCODEKEY='1' FSYRCODEKEY='&FSYR_CODE_KEY'),
     $

I changed the code to -
     TYPE=DATA,
          ACROSSCOLUMN=N1,
          FOCEXEC=IBFS:/WFC/Repository/frsnrc0w/Position_Control/jwxu52ru.fex(PROGCODE1=N1 ORGNCODE3=N3 ACCTCODE2=A3 ATYPCODE1=A1 COASCODEKEY='1' FSYRCODEKEY='&FSYR_CODE_KEY'),
     $

Thanks for pointing me in the right direction. I'll do some more testing to confirm this is working.

-Doug

[Patrick Huebgen]

@Doug Monson 3 - yes that matches with what I thought could be the root cause - yes - you cannot switch to another browser without loosing your session