Hi Thomas, If you navigate to the RSSO admin console, then to the "Realm > Authentication" and then ensure that you have the checkbox "Enable AR authentication for bypass" checked and then click on the tab "AR" - this will show you the bypass URL:
e.g. "Here is the bypass url format: http://{server.domain.com}:8090/rsso/start?bypass-auth=true&tenant=*&goto=<application_url>" The bypass URL is a combination of the RSSO URL/Port plus then the URL/Port of the Mid Tier (all FQDN). Example: ------------ http://{domain.com}:8090/rsso/start?bypass-auth=true&tenant=*&goto=http://{domain.com}:8080/arsys Obliviously if you have RSSO on a separate server and you have changed the default port from "8090", then you need to adjust accordingly. There is a "hidden trick" with RSSO where if you navigate to the normal MT URL login page then you can do the following: * Navigate to the default MT login page (e.g. http://{domain.com}:8080/arsys/shared/login.jsp) * Enter your login details * The browser throws an error * Navigate again to the default MT login page (e.g. http://{domain.com}:8080/arsys/shared/login.jsp) * Enter your login details * Login is successful HTH's Cheers ---------------------------------------------- Kind Regards, Carl Wilson From: ARSList [mailto:arslist-boun...@arslist.org] On Behalf Of Thomas Miskiewicz Sent: 08 March 2018 22:43 To: ARSList <arslist@arslist.org> Subject: Re: [RSSO] Problem with some bypass URLs Hi Carl, cannyou give me a clue regarsing a córeczka bypass? RSSO on port 8090? Where do you have that from? Why does it matter? I would appreciate if you could elaborate is that BMC documentation is still on open source level. Thank you Thomas On 8. Mar 2018, at 22:59, Carl Wilson <carlbwil...@gmail.com <mailto:carlbwil...@gmail.com> > wrote: Hi, Seems like the first part of your RSSO bypass is not correct. Usually RSSO is on port 8090, your URL shows 8080 for both RSSO and MT. Cheers Carl On Thu, 8 Mar 2018, 21:56 Misi Mladoniczky, <m...@rrr.se <mailto:m...@rrr.se> > wrote: Hi Thomas, You should URL Encode the data part of your urls. For example http://our_domain:8080/arsys/forms/ourars/AR System Midtier Object List http%3A%2F%2Four_domain%3A8080%2Farsys%2Fforms%2Fourars%2FAR%20System%20Midtier%20Object%20List So the complete string would read: http:// <http://our_domain:8080/rsso/start?bypass-auth=true&tenant=*&goto=http://our_domain:8080/arsys/forms/ourars/AR+System+Midtier+Object+List/Default+Admin+View/> our_domain <http://s999espmt001d.in.bundesbank.de:8080/rsso/start?bypass-auth=true&tenant=*&goto=http://s999espmt001d.in.bundesbank.de:8080/arsys/forms/arse7/> :8080/rsso/start?bypass-auth=true&tenant=*&goto=http%3A%2F%2Four_domain%3A8080%2Farsys%2Fforms%2Fourars%2FAR%20System%20Midtier%20Object%20List I used this site to do it now: https://meyerweb.com/eric/tools/dencoder/ Best Regards - Misi, RRR AB, http://www.rrr.se (ARSList MVP 2011) Ask the Remedy Licensing Experts (Best R.O.I. Award at WWRUG10/11/12/13) * RRR|License - Not enough Remedy licenses? Save money by optimizing. * RRR|Log - Performance issues or elusive bugs? Analyze your Remedy logs Find these products, and many free tools and utilities, at http://rrr.se March 8, 2018 8:25 PM, "Thomas Miskiewicz" <tmisk...@gmail.com <mailto:%22thomas%20miskiewicz%22%20%3ctmisk...@gmail.com%3E> > wrote: Hi Listers, URLs like: http://our_domain:8080/rsso/start?bypass-auth=true <http://our_domain:8080/rsso/start?bypass-auth=true&tenant=*&goto=http://our_domain:8080/arsys/forms/ourars/> &tenant=*&goto=http://our_domain <http://s999espmt001d.in.bundesbank.de:8080/rsso/start?bypass-auth=true&tenant=*&goto=http://s999espmt001d.in.bundesbank.de:8080/arsys/forms/arse7/> :8080/arsys/forms/ourars/ http://our_domain:8080/rsso/start?bypass-auth=true <http://our_domain:8080/rsso/start?bypass-auth=true&tenant=*&goto=http:/our_domain:8080/arsys/forms/ourars/User> &tenant=*&goto=http:/our_domain:8080/arsys/forms/ourars/User http:// <http://our_domain:8080/rsso/start?bypass-auth=true&tenant=*&goto=http://our_domain:8080/arsys/forms/ourars/AR+System+Midtier+Object+List/Default+Admin+View/> our_domain <http://s999espmt001d.in.bundesbank.de:8080/rsso/start?bypass-auth=true&tenant=*&goto=http://s999espmt001d.in.bundesbank.de:8080/arsys/forms/arse7/> :8080/rsso/start?bypass-auth=true&tenant=*&goto=http://our_domain <http://s999espmt001d.in.bundesbank.de:8080/rsso/start?bypass-auth=true&tenant=*&goto=http://s999espmt001d.in.bundesbank.de:8080/arsys/forms/arse7/> :8080/arsys/forms/ourars/AR+System+Midtier+Object+List/Default+Admin+View/ http://our_domain:8080/rsso/start?bypass-auth=true <http://our_domain:8080/rsso/start?bypass-auth=true&tenant=*&goto=http://our_domain:8080/arsys/forms/ourars/ABC:ControlCenter/Default+Administrator+View/> &tenant=*&goto=http://our_domain:8080/arsys/forms/ourars/ABC%3AControlCenter/Default+Administrator+View/ give us HTTP 404. It seems that the Tomcat / RSSO doesn’t like the blanks or colons in the goto part. Any idea how to fix this? Thanks Thomas -- ARSList mailing list ARSList@arslist.org <mailto:ARSList@arslist.org> https://mailman.rrr.se/cgi/listinfo/arslist -- ARSList mailing list ARSList@arslist.org <mailto:ARSList@arslist.org> https://mailman.rrr.se/cgi/listinfo/arslist --- This email has been checked for viruses by Avast antivirus software. https://www.avast.com/antivirus
-- ARSList mailing list ARSList@arslist.org https://mailman.rrr.se/cgi/listinfo/arslist
