Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

SSO with Allow Anonymous False #971

Open
RobbyMeyers opened this issue Sep 21, 2023 · 3 comments
Open

SSO with Allow Anonymous False #971

RobbyMeyers opened this issue Sep 21, 2023 · 3 comments
Labels

Comments

@RobbyMeyers
Copy link

I just wanted to check back in on the possibility of using SSO when having "Allow Anonymous" set to false. I confirmed that changing this to true would allow TM1py to authenticate however it allows users to end up logged into the system as anonymous which is not what we want.

Issue #509 was the original but it was closed.

@RobbyMeyers RobbyMeyers changed the title SSO with Allow Anonymous False in Gateway SSO with Allow Anonymous False Sep 21, 2023
@MariusWirtz
Copy link
Collaborator

MariusWirtz commented Oct 11, 2023

I can confirm that "Allow Anonymous" is not a desirable solution.
Unsuccessful CAM SSO has been raised a few times in the past. Let's keep this issue open until we find a reliable solution to this edge case.

@MariusWirtz
Copy link
Collaborator

It's interesting that when you open ClientCamUri in the browser, it authenticates fine, and you get the browser cookie that you need to authenticate with TM1.

I wonder if you could use a package like browsercookie to open the gateway uri in the browser from Python and grab the cam_passport.
Once you have the cam_passport, you can iniate TM1Service like this:

with TM1Service(address=address, port=port, ssl=ssl, cam_passport=passport) as tm1:
    print(tm1.server.get_server_name())

@NinjaKullan
Copy link

Any update on this issue, or know of a workaround? I am experiencing the same problem.

The check.py throws 'HTTP response does not contain 'cam_passport' cookie' error, but If I set the
Anonymous login is set to 'True' in CA, then I am able to connect.

Unfortunately, setting the Anonymous login property to 'True' will not for us.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
Projects
None yet
Development

No branches or pull requests

3 participants