Status: Open
Status: Answered
Status: Closed
Status: Duplicate

SSO in Tempo Box

Posted Feb 22 by Vasyl Mukhar.

Hi all, I'm wondering how to configure tempo box webaccess not to ask credentials, when accessing it from Content Server's personal menu.
My Environment is:

  • Content Server 10 Update 2015-12 (version
  • OTDS 10.2.1
  • Appworks Gateway v1.2.1
  • TempoBox 10.5.20

Content Server is Configured to use OTDS authentication. <br>
Appworks Gateway is installed with it's own OTDS<br>
Appworks Gateway is configured (via server.xml) to use CS authentication

When I'm accessing Tempo Box web interface from CS Personal menu - it asks for credentials. <br>

The questions are: <br>
1) Is it possible to configure Tempo Box webaccess not to ask credentials, when accessing it from CS? <br>
2) Does OTAG 1.2.1 support OTDS 10.2.1?

6 Answers

BEST ANSWER: As chosen by the author.

Hi Vasyl,

SSO is one of the new features in AppWorks Gateway 1.2.1. I suspect it isn't working for you given how you have the AppWorks Gateway configured. When deploying the AppWorks Gateway, you needed to connect to your existing OTDS installation instead of using CS auth. To fix this, you'll need to do the following:

  1. In OTDS, look to see if you have a user named "otag". If so, delete this user. Do the same in Content Server.
  2. Create a new table in your database. For example, "awg121".
  3. Stop your Tomcat service.
  4. Navigate to the TOMCAT_HOME\conf folder and revert the changes you made to the server.xml for Content Server auth.
  5. In the same folder, delete the file.
  6. Extract the content of the file to the TOMCAT_HOME folder.
  7. Start the Tomcat service.
  8. In a browser, enter the gateway URL. https://IP_Address:port/gateway.
  9. Enter your database information and make sure to reference the database you created in step 1.
  10. Click the Advanced Configuration for Directory Services icon and select Connect to existing OTDS server.
  11. Complete the information for your OTDS installation and click Save Changes.
    For more information on steps 8 - 11, see

BEST ANSWER: As chosen by the author.

Hello Karen, thanks for your detailed reply.

But there is one "problem" that I've mentioned in my previous post.
My environment is CS 10 and OTDS 10.2.1.
When I'm trying to implement step 11 - I'm getting a lot of errors and the installation process breaks. That's why I want to bypass OTDS authentication.
From the release notes of OTAG 1.2.1 I understood that the OTDS v. 10.2.1 is not supported.

Can you confirm, that my environment is not supported for SSO implementation? … and the only way to make it work is to upgrade both CS and OTDS to v. 10.5?

BEST ANSWER: As chosen by the author.

Hi Vasyl,

You are correct. Unfortunately, SSO requires OTDS and CS 10.5.

However, I believe that the errors you're receiving are due to problems with your environment and not the lack of support with SSO in CS 10. Please refer to the Tempo Box Installation Guide that's available in the Knowledge Center at


BEST ANSWER: As chosen by the author.

Hello Karen,

Thanks for you reply.
I'll try to make "fresh" installation. If I will get errors once again - I will post them to this topic.


BEST ANSWER: As chosen by the author.

Hello Karen,
I made the clean Installation of OTDS 10.2.1.
Also I made the clean Installation of Appworks Gateway following OpenText Tempo Box, Content Server Edition 10.5.20 – Installation and Administration Guide

When I'm trying to connect to the existing OTDS 10.2.1 server, I'am still getting the same errors:

Last lines from logs:

Gateway Log:

2016-02-24 15:23:41.416 WARN   com.opentext.otds.client.OtdsClientBase  - initializeConnectionWithRetry(): Connection failed to initialize. HTTP transport error: Connection timed out: connect
2016-02-24 15:23:41.416 ERROR  com.opentext.otag.auth.OtdsInstaller  - com.opentext.otds.OtdsException: HTTP transport error: Connection timed out: connect
2016-02-24 15:25:31.831 INFO  - A warning about POST requests is expected due to jsonp filtering, and can be safely ignored.
2016-02-24 15:25:31.831 INFO   com.opentext.otag.api.PersistenceContext  - Closing persistence context for OTAG so it can be safely redeployed.
2016-02-24 15:25:31.846 INFO   com.opentext.otag.api.PersistenceContext  - Making an EntityManagerFactory for db persistence context &quot;OTAG&quot;
2016-02-24 15:25:40.885 INFO   com.opentext.otds.client.OtdsRichClient  - OtdsRichClient constructed (http://ws128otds1021:8080/otds-v2/services/authentication?wsdl)
2016-02-24 15:25:40.900 INFO   com.opentext.otds.client.OtdsRichClient  - OtdsRichClient constructed (http://ws128otds1021:8080/otds-v2/services/authentication?wsdl)
2016-02-24 15:25:40.900 INFO   com.opentext.otds.client.OtdsClientBase  - initializeConnectionWithRetry(): Attempting connection #0 of 0
2016-02-24 15:25:43.046 INFO   com.opentext.otag.auth.OtdsInstaller  - Created resource named OTAG
2016-02-24 15:25:44.064 INFO   com.opentext.otag.auth.OtdsInstaller  - Created user partition otag
2016-02-24 15:25:44.173 INFO   com.opentext.otag.auth.OtdsInstaller  - Granted otag user partition members access to OTAG
2016-02-24 15:25:44.315 INFO   com.opentext.otag.auth.IdentityService  - Made admin user for internal user management; id is otdsadmin@otag
2016-02-24 15:25:44.363 ERROR  com.opentext.otag.auth.OtdsInstaller  - com.opentext.otds.OtdsException: Cannot find dispatch method for {}setDelegatedAdministrators


WARNING: A servlet request, to the URI http://devcs.n-ix.local:8080/gateway/v1/setup, contains form parameters in the request body but the request body has been consumed by the servlet or a servlet filter accessing the request parameters. Only resource methods using @FormParam will work as expected. Resource methods consuming the request body by other means will not work as expected.
&euml;&thorn;&ograve; 24, 2016 3:25:44 PM com.sun.jersey.spi.container.ContainerResponse logException
SEVERE: Mapped exception to response: 500 (Internal Server Error)
    at com.opentext.otag.auth.OtdsInstaller.createOtdsResource(
    at com.opentext.otag.auth.OtdsInstaller.connectToOtds(
    at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
    at sun.reflect.NativeMethodAccessorImpl.invoke(Unknown Source)
    at sun.reflect.DelegatingMethodAccessorImpl.invoke(Unknown Source)
    at java.lang.reflect.Method.invoke(Unknown Source)

By the way, with OTDS 10.5 everything is working fine.

Thank you in advance.


BEST ANSWER: As chosen by the author.

Hi Vasyl,

I'm afraid for SSO with WebAccess on a 1.2.1 Gateway, you need both OTDS 10.5, Patch Level 5 or above, as well as a Content Server at 10.5 or above.

Also, I'm pretty sure AppWorks Gateway does not support OTDS 10.2.x, you need 10.5 Patch Level 5 or above.


 You have subscribed and will receive email notifications of updates to this topic. To unsubscribe, uncheck the checkbox.


Related categories

Related tags

Your answer

To leave an answer, please sign in.