Skip to Content
avatar image
Former Member

Single sign on in event stream processor

Hi All,

I am using design studio 1.6 with SAP ESP 5.1 SP11. I have a ESP model running and I have build design studio dashboard on top of ESP.

When I run the dashboard it always keeps asking me for authorization of ESP server. I manually type the ID password and it works beautifully. I was wondering if I can turn on single sign on so that I don't have to add that everytime I open design studio document.

another thing is, after publishing it on the BI launchpad portal when other users log in, what account will they use because in the cockpit I only see one account which I used at the time of installation of ESP.

Thanks a lot for help in advance.

Happy.

Add comment
10|10000 characters needed characters exceeded

  • Get RSS Feed

1 Answer

  • Best Answer
    avatar image
    Former Member
    Sep 11, 2017 at 06:02 PM

    Hi Singh,

    I am Lin from ESP dev team. I try to answer your question here.

    From the ESP Security guide, we can support below authentications:

    • Kerberos – ticket-based authentication
    • RSA – requires a key alias, a keystore containing a private key, and the password of the keystore
    • SAP HANA – requires host and port information for the SAP HANA indexserver.
    • Username/password, implemented using one of the following:
    • LDAP credentials
    • SAP BI credentials
    • Native operating system credentials (native OS)
    • Preconfigured username/password

    By default installation, we set Native operating system credentials (native OS)

    In this way, user can use the OS accounts user ID to do login.

    Basically we don't support "single sign on", however user can use ESP Kerberos authentication to set up Single Sign on I think.

    Another way, if user only need login to ESP without password. user may chose RSA authentication, for example: after setting the RSA Authentication , the user clients can do login like below :

    1. The ESP utilities (streamingupload, streamingplayback etc) or ESP ODBC can do RSA login with alias and the generated private key file !
    2. If it is java base application, user need alias+keystore+keystore password to do RSA login

    Another thing, user definitely can create more login IDs for each authentication method, User also can add authorizations for each login ID, for example, some IDs can only do publish and some IDs can only do subscriber etc

    For the authentication and authorization setting , we suggest to use cockpit to do that. however there are some command lines which also can do authentication and authorization setting.

    Thanks,

    Lin

    Add comment
    10|10000 characters needed characters exceeded