Let me explain better the scenario I’m referring to:
I’ve a QVserver in production with the following :
- QVS 8.5 + IIS 6
- DMS mode authentication on QVS - QV document has anonymous access
- SSO using ticket authentication : users log on to a different web application, and then they can access (clicking on a link) the QV document directly - no Access Point
- QV document has section access : is quite complex, but USERID (taken from the ticket) is the key to access the document and for data reduction
Everything is working as expected.
As we are considering un upgrade of the QVS release, I’m testing the same scenario on QVS10 SR2 (no IIS), but the results aren’t as expected.
Ticket generation works correctly, but user is denied access to the QV document (both using IE plugin and Ajax Client) - again we access the document directly, no Access Point. (es: http://localhost/QvAJAXZfc/opendoc.htm?document=prova.qvw&ticket=8D0F6D889B6AC1921B8CF26624EECB33B134BFD3 – the ticket of course is generated for a user that can open the document)
I also tested the server using a different, very simple document that only shows the QVuser and the OSuser : of course I’m able to access the document (no section access here …) via SSO and ticket authentication, but the user I generated the ticket for, appears on the QV document as the OSuser and not as the QVuser, as I expected.