Settings related to the operation of the SAML Bridge are located in the WEB-INF/web.xml file. These settings describe the location of the Yellowfin instance and the web service credentials, and the attributes for finding and automatically provisioning Yellowfin users.
Access Yellowfin
Here is how to access Yellowfin (URL):
<init-param> <param-name>YellowfinWebserviceURL</param-name> <param-value>http://yellowfin:8080</param-value> </init-param>
Web Server User
Configure the setting for a Yellowfin web server user, that is , a user who can perform web service calls with the Web service role enabled.
<init-param> <param-name>YellowfinWebserviceUser</param-name> <param-value>admin@yellowfin.com.au</param-value> </init-param> <init-param> <param-name>YellowfinWebservicePassword</param-name> <param-value>test</param-value> </init-param>
Enable User Provision
Here is how you can enable or disable user user provision. Set it to true to enable it, and false to disable it.
<init-param> <param-name>AutoProvision</param-name> <param-value>true</param-value> </init-param>
Find User
To be able to find a user (when the authentication method requires their ‘email address’), you need to provide Yellowfin with the email attribute corresponding to the AD FS Claim Descriptions:
Following is an example of this:
<init-param> <param-name>EmailAttribute</param-name> <param-value>http://schemas.xmlsoap.org/ws/2005/05/identity/claims/emailaddress</param-value> </init-param>
To do user provision, you need to define FirstNameAttribute, LastNameAttribute and YellowfinRole. For instance, in the example below, Yellowfin gets user name and surname from AD FS and user role is defined as ‘Consumer & Collaboration’.
<init-param> <param-name>FirstNameAttribute</param-name> <param-value>http://schemas.xmlsoap.org/ws/2005/05/identity/claims/givenname</param-value> </init-param> <init-param> <param-name>LastNameAttribute</param-name> <param-value>http://schemas.xmlsoap.org/ws/2005/05/identity/claims/surname</param-value> </init-param> <init-param> <param-name>UsernameAttribute</param-name> <param-value>http://schemas.xmlsoap.org/ws/2005/05/identity/claims/emailaddress</param-value> </init-param> <init-param> <param-name>YellowfinRole</param-name> <param-value>Consumer & Collaborator</param-value> </init-param>
Note: Here, UsernameAttribute relates to the authenticaion method requiring a ‘user name’.