We are using Tibco Spotfire Version 7.5 with External Authentication. We have LDAP Authentication. When user get authenticated through Active Directory (from a custom built login page) then we pass the username in query string and through Spotfire External Authentication, User who also exist at Spotfire get redirected to a custon page where the spotfire analytics/visualization are loaded in an i-frame.
If the user exists in LDAP but does not exist at Spot Fire Server, based on community feedback and documentation, we found three ways to handle it :
1)Use Spotfire Public Web API to check the user availability at Spot Fire Server (This works by redirecting user to custom login page & posting error message for non-Spotfire users)
2)Use Post Authentication that create user at Spot Fire if not exist (This also works, but not sure if this is a great idea as it automatically adds the user which in some ways is as good as no authorization)
3)Use Anonymous Authentication to share the Analytics file with Anonymous User (We have had some issues with this approach)
Firstly, can anyone please tell me the difference between Post Authentication and Anonymous Authentication in Tibco Spotfire 7.5 in terms (in terms of functionality & security) - as we feel both let you access the analysis file/web page if located in the right folder without authorization, once the user is authenticated by LDAP?
Also, we tried with Anonymous Authentication as perhttps://d2wh20haedxe3f.cloudfront.net/sites/default/files/wiki_files/spo...
We have followed the steps as mentioned in this PDF, and get the link like below : (Anonymous-Link.png in attachment). But when we copy this link and directly paste in browser then I am getting redirected to Spot Fire’s Login Page rather than seeing the Analytics File for which the link is created. One more thing we noticed is that after enabling Anonymous Authentication from Spot Fire Server Configuration Tool, even when user exist in Spot Fire – he/she get redirected to Spot Fire Login Page.
FYI: We have also mentioned as Initialize Parameter in Authentication Filter at Spot Fire Server Configuration Tool to redirect the User to our web-site when they try to directly access the Spot Fire URL.
Can anyone better guide us in the implementation of anonymous authentication?