Skip to Content

Single sign on in event stream processor

Sep 06, 2017 at 04:28 AM


avatar image

Hi All,

I am using design studio 1.6 with SAP ESP 5.1 SP11. I have a ESP model running and I have build design studio dashboard on top of ESP.

When I run the dashboard it always keeps asking me for authorization of ESP server. I manually type the ID password and it works beautifully. I was wondering if I can turn on single sign on so that I don't have to add that everytime I open design studio document.

another thing is, after publishing it on the BI launchpad portal when other users log in, what account will they use because in the cockpit I only see one account which I used at the time of installation of ESP.

Thanks a lot for help in advance.


10 |10000 characters needed characters left characters exceeded
* Please Login or Register to Answer, Follow or Comment.

1 Answer

Best Answer
Lin Murong
Sep 11, 2017 at 06:02 PM

Hi Singh,

I am Lin from ESP dev team. I try to answer your question here.

From the ESP Security guide, we can support below authentications:

  • Kerberos – ticket-based authentication
  • RSA – requires a key alias, a keystore containing a private key, and the password of the keystore
  • SAP HANA – requires host and port information for the SAP HANA indexserver.
  • Username/password, implemented using one of the following:
  • LDAP credentials
  • SAP BI credentials
  • Native operating system credentials (native OS)
  • Preconfigured username/password

By default installation, we set Native operating system credentials (native OS)

In this way, user can use the OS accounts user ID to do login.

Basically we don't support "single sign on", however user can use ESP Kerberos authentication to set up Single Sign on I think.

Another way, if user only need login to ESP without password. user may chose RSA authentication, for example: after setting the RSA Authentication , the user clients can do login like below :

  1. The ESP utilities (streamingupload, streamingplayback etc) or ESP ODBC can do RSA login with alias and the generated private key file !
  2. If it is java base application, user need alias+keystore+keystore password to do RSA login

Another thing, user definitely can create more login IDs for each authentication method, User also can add authorizations for each login ID, for example, some IDs can only do publish and some IDs can only do subscriber etc

For the authentication and authorization setting , we suggest to use cockpit to do that. however there are some command lines which also can do authentication and authorization setting.



10 |10000 characters needed characters left characters exceeded