This week we are going to talk about a session token that an Xcelsius dashboard (SWF) consumes when it is loaded inside of Infoview or Dashboard Builder (Business Objects XIR2). The CELOGONTOKEN is the variable name that is assigned to a session token that BOE creates when you successfully login.
How does Xcelsius consume this token?
As you notice, inside of the <OBJECT> tag, there is a Flash Variable called CELOGONTOKEN. When BOE renders the HTML page, it dynamically inserts the current logon token as the CELOGONTOKEN. Any SWF that uses a Query as a Web Service or Live Office connection will automatically consume the CELOGONTOKEN Flash Variable.
How is the CELogonToken used during SWF runtime?
SWF files that contain a QaaWS or Live Office connectors will automatically search for the presence of a logon token when the connector is executed. With each transaction from the dashboard to BOE, this token is passed back to BOE. If the SWF does not detect a CELOGON token, (when it is loaded outside of Infoview or Dashboard Builder) it will display a login dialogue box.
So now that we have de-mystified the magic that is Xcelsius, let’s think about how we can leverage this knowledge. First, we use Flash Variables and the login token to solve the single sign on issue for multi-layer or nested SWF files within a dashboard. The second use is an Xcelsius dashboard using single sign with BOE outside of Infoview. While I have seen several implementations of this, unfortunately I do not have anything that I can share at this point. Hopefully those of you who are BOE SDK gurus run with this new understanding of how Xcelsius consumes the logon token. If anyone is interested in working together to put something together, I am more than interested to provide the Xcelsius knowledge…
Later this week, I will finish up this 3 part analysis of the Xcelsius <OBJECT> with the CEWebServiceURL and how it helps to improve life cycle management.