Like what you see? Have a play with our trial version.

Error rendering macro 'rw-search'

null

Versions Compared

Old Version 9

changes.mady.by.user user-3484a

Saved on

compared with

New Version 10

changes.mady.by.user user-3484a

Saved on

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.

...

The purpose of the Bridge is to match this username with an existing user in Yellowfin and perform a Single Sign-On (SSO) into Yellowfin as that user. Very rarely there will be a password available from the third-party source. The LOGINUSERNOPASSWORD web service will allow for the Bridge to log in a user using only their Username. Alternatively, LOGINUSER can be used to log the user with a password.

...

Sometimes there will be a need to auto-create the users if they do not yet exist in Yellowfin. This might require using additional information to create the user, like email address, first and last name, etc. which should be sourced from the third-party authentication source. The Bridge can use the GETUSER or VALIDATEUSER web service function to determine if a user exists in Yellowfin or not and the ADDUSER web service call to create a user. If bulk user creation option is required, ADDUSERS ADDUSERS web service function can be called.

Part of the Bridge process may also be to modify the user's Yellowfin role or group membership as part of the login process. If Yellowfin is integrated with a product where access to different content may change, it may be required to update this group membership during the login process. This would require sourcing information from the third-party source about what groups a user should be added to/removed from. The UPDATEUSER web service call will allow a user’s role to be modified and the INCLUDEUSERINGROUP / EXCLUDEUSERFROMGROUP  EXCLUDEUSERFROMGROUP web service calls can be used to add/remove from groups that determine what Yellowfin content they can access.

...

Expand
titleLOGINUSER

 

This service connects to Yellowfin and retrieves a login token for a given user which is defined by user ID (such as an email address or any other ID depending on the Login ID method). When this token is passed with the Yellowfin Login URL, it will disable the login screen for the authenticated users and their session will start immediately.

For example, if admin@yellowfin.com.au is a web service admin user, the request should be this:

Code Block
languagejava
AdministrationServiceRequest rsr = new AdministrationServiceRequest();

rsr.setLoginId("admin@yellowfin.com.au");
rsr.setPassword("test");
rsr.setOrgId(1);
rsr.setFunction("LOGINUSER");

 

  • The LOGINUSER function requires the AdministrationPerson object, in which you can define a user to log in. The example below shows this:

    Code Block
    languagejava
    AdministrationPerson ap = new AdministrationPerson();

ap.setUserId("user@yellowfin.com.au");
ap.setPassword("usertest");
rsr.setPerson(ap);
 
  • If the user is a member of multiple client organizations, you can specify a particular organization to log in to. For instance:

     Code Block
    languagejava
    rsr.setOrgRef("org1");   
       Where 
  • Where "org1" refers to the client organization reference ID. If this reference ID is not provided, then the user will be redirected to the Client Org Selection page upon logging in.
 
  • If the user account does not exist in Yellowfin, then you will receive web service error 25: COULD_NOT_AUTHENTICATE_USER.
 
  • The LOGINUSER function also allows for different login session parameters to be specified via the setParameters() method. 
    For example, the code below will log the user, user@yellowfin.com.au, into Yellowfin, but the Yellowfin header will not be displayed, and the user will be taken to the timeline page, once the call is performed.

     Code Block
    languagejava
    String[] parameters = new String[] {"ENTRY=TIMELINE","DISABLEHEADER=TRUE"};
rsr.setParameters(parameters);


  • 

     
    For more options on similar login session options, click here.
 
  • Once the request is configured, perform the call:

     Code Block
    languagejava
    AdministrationServiceResponse rs = adminService.remoteAdministrationCall(rsr);

  
  • Then initialize the Administration web service. Click here to learn how to do this. 
 
  • The response will contain the following parameters:

    Response Element
    Data Type
    Description
    StatusCode
    String
    Status of the web service call. Possible values include:
    • SUCCESS
    • FAILURE
    LoginSessionId
    String
    A unique login token. This token is appended to the Login URL to take a user directly into Yellowfin.
 
 
Redirecting to Yellowfin with the Login Token
Using the token received from the web service call (the contents of AdministrationResponse.LoginSessionId), you can forward the user to the URL:
 Code Block
languagetext
http://<YELLOWFIN-SERVER>/logon.i4?LoginWebserviceId=<TOKEN>
This URL will bypass the authentication screen in Yellowfin and take the user directly into Yellowfin.
 Note
The token has a limited validity period. It must be used within 5 minutes, and once it has been used, it cannot be used again. To make subsequent calls from a third-party application into Yellowfin, you must call the LOGINUSER web service again.
 
Using the token with the JavaScript API
The SSO token can also be used with embedded JavaScript API widgets. The token is added to the scriptlet URL like this:
 Code Block
languagejs
<script type="text/javascript" src="http://localhost/JsAPI?dashUUID=e9a6ab0a-bcb0-4fe6-9663-4dd33e58f08e&token=<TOKEN>"></script>
 
 
 
Complete Example
You can use the following LOGINUSER example. To try it out, follow these steps;
  1. Copy the below code and save it as ws_admin_singlesignon.jsp. 
  2. Place this file in the root folder, that is Yellowfin/appserver/webapps/ROOT
  3. Adjust host, port, admin user and user to login details according to your environment. 
  4. Run http://<host>:<port>/ws_admin_singlesignon.jsp from your Internet browser.
 
 Code Block
languagejava
<%            
/*       ws_admin_singlesignon.jsp         */              
%>
<%@ page language="java" contentType="text/html; charset=UTF-8" %>
<%@ page import="com.hof.util.*, java.util.*, java.text.*" %> 
<%@ page import="com.hof.web.form.*" %>
<%@ page import="com.hof.mi.web.service.*" %>
<%
String
 url = "http://localhost:8080";         //provide your Yellowfin URL

AdministrationServiceService s_adm = new AdministrationServiceServiceLocator("localhost",8080,"/services/AdministrationService", false);        // adjust host and port number


AdministrationServiceSoapBindingStub adminService = (AdministrationServiceSoapBindingStub) s_adm.getAdministrationService();
AdministrationServiceRequest rsr = new AdministrationServiceRequest();

rsr.setLoginId("admin@yellowfin.com.au");          // provide your Yellowfin webservices admin account
rsr.setPassword("test")                            // change to be the password of the account above
rsr.setOrgId(1);
rsr.setFunction("LOGINUSER");

AdministrationPerson ap = new AdministrationPerson();
ap.setUserId("user@yellowfin.com.au");                  // provide existing Yellowfin user to login
ap.setPassword("usertest");                             // password of the user above

rsr.setPerson(ap);

String[] parameters = new String[] {"ENTRY=TIMELINE","DISABLEHEADER=TRUE"};
rsr.setParameters(parameters);

AdministrationServiceResponse rs = adminService.remoteAdministrationCall(rsr);


String token = "";
if ("SUCCESS".equals(rs.getStatusCode()) ) {
               token = rs.getLoginSessionId();
               response.sendRedirect(url + "/logon.i4?LoginWebserviceId=" + token);
} else {
               out.write("Single Sign on Failure");
               return;
}
%>




 
 
...