Settings related to the operation of the SAML Bridge are located in the WEB-INF/web.xml file. These settings describe the location of the Yellowfin instance and the web service credentials, and the attributes for finding and automatically provisioning Yellowfin users.
This setting shows how to access Yellowfin (URL):
<init-param> <param-name>YellowfinWebserviceURL</param-name> <param-value>http://yellowfin:8080</param-value> </init-param> |
Configure the setting for a Yellowfin web server user, that is, a user who can perform web service calls with the Web service role enabled.
<init-param> <param-name>YellowfinWebserviceUser</param-name> <param-value>admin@yellowfin.com.au</param-value> </init-param> <init-param> <param-name>YellowfinWebservicePassword</param-name> <param-value>test</param-value> </init-param> |
Here is how you can enable or disable user provision. Set the value to true to enable, and false to disable this functionality.
<init-param> <param-name>AutoProvision</param-name> <param-value>true</param-value> </init-param> |
To be able to find a user (when the authentication method requires their ‘email address’), you need to provide Yellowfin with the email attribute corresponding to the AD FS Claim Descriptions:
Following is an example of this:
<init-param> <param-name>EmailAttribute</param-name> <param-value>http://schemas.xmlsoap.org/ws/2005/05/identity/claims/emailaddress</param-value> </init-param> |
To do user provision, you need to define FirstNameAttribute, LastNameAttribute and YellowfinRole. For instance, in the example below, Yellowfin gets the user name and surname from AD FS and the user role is defined as ‘Consumer & Collaboration’.
<init-param> <param-name>FirstNameAttribute</param-name> <param-value>http://schemas.xmlsoap.org/ws/2005/05/identity/claims/givenname</param-value> </init-param> <init-param> <param-name>LastNameAttribute</param-name> <param-value>http://schemas.xmlsoap.org/ws/2005/05/identity/claims/surname</param-value> </init-param> <init-param> <param-name>UsernameAttribute</param-name> <param-value>http://schemas.xmlsoap.org/ws/2005/05/identity/claims/emailaddress</param-value> </init-param> <init-param> <param-name>YellowfinRole</param-name> <param-value>Consumer & Collaborator</param-value> </init-param> |
Note: Here, UsernameAttribute relates to the authenticaion method requiring a ‘user name’.
|