Page History

Versions Compared

Old Version 1

changes.mady.by.user Yellowfin Admin

Saved on Aug 27, 2014

compared with

New Version 2

changes.mady.by.user Yellowfin Admin

Saved on Nov 13, 2014

Key

This line was added.
This line was removed.
Formatting was changed.

...

Table of Contents

class	contents

Single Sign On

Styleclass

Class	topLink

top

Expand

title	LOGINUSER (Single Sign On)

This service connects to Yellowfin and retrieves a logon token for a given user. When this token is passed to the Yellowfin Logon URL it will disable the login screen for the authenticated users and their session will being immediately.

Code Block


AdministrationServiceResponse rs = null;
AdministrationServiceRequest rsr = new AdministrationServiceRequest();
   
rsr.setLoginId("admin@yellowfin.com.au");
rsr.setPassword("test");
rsr.setOrgId(new Integer(1));
rsr.setFunction("LOGINUSER");
     
AdministrationPerson ap = new AdministrationPerson();
ap.setUserId("admin@yellowfin.com.au");
ap.setPassword("test");
rsr.setPerson(ap);
     
rs = rssbs.remoteAdministrationCall(rsr);
    
if ("SUCCESS".equals(rs.getStatusCode()) ) {
				
	out.write("Success");
	out.write("URL:  http://<yellowfin-server>/logon.i4?LoginWebserviceId=" + rs.getLoginSessionId()); 
                			
} else {
			
	out.write("Failure");
				
}

The LOGINUSER function will Single Sign On a given user into Yellowfin. The contents of the AdministrationPerson object will be used to define the user being logged in.

Request Element	Data Type	Description
LoginId	String	Login ID of the account used to connect to Yellowfin webservices eg. admin@yellowfin.com.au
Password	String	Password of the account used to connect to Yellowfin webservices
OrgId	Integer	Primary organisation ID within Yellowfin. Always set this to 1.
Function = "LOGINUSER"		Web services function
Person	AdministrationPerson	The AdministrationPerson object holding all of the new user's details for the user creation process
OrgRef	String	Client Org Internal Reference Id (optional). This will log the user into a given Client Org. If this is not set, then the user will be prompted with the Client Org Selection page on login.

These are the parameters that you need to set in the AdministrationPerson object:

AdministrationPerson Element	Data Type	Description
UserId	String	User ID of the user that you wish to login. This can be the user ID or the email address, depending on the Logon ID method.
Password	String	Password of the new user.

The response returned will contain these parameters:

Response Element

Data Type

Description

StatusCode

String

Status of the web service call. Possible values include:

SUCCESS
FAILURE

LoginSessionId

String

A unique login token. This token is appended to the Login URL to take a user directly into Yellowfin.

Redirecting to Yellowfin with the login token

Using the token received from the webservice call (the contents of AdministrationResponse.LoginSessionId), you can forward the user to the URL:

http://<YELLOWFIN-SERVER>/logon.i4?LoginWebserviceId=<TOKEN>

This URL will bypass the authentication screen in Yellowfin and take the user directly into Yellowfin.

The token has a limited validity period. It must be used within 5 minutes, and once it has been used, it cannot be used again. To make subsequent calls from a third party application into Yellowfin, you must call the LOGINUSER web service again.

Using the token with the JavaScript API

The SSO token can also be used with embedded JavaScript API widgets. The token is added to the scriptlet URL like this:

<script type="text/javascript" src="http://localhost/JsAPI?dashUUID=e9a6ab0a-bcb0-4fe6-9663-4dd33e58f08e&token=<TOKEN>"></script>

Specifying Session Options

You can pass variables/switches that toggle functionality only for the session created via this Single Sign On request. These options can be enabled by passing them via the Parameters attribute in the AdministrationRequest, or by appending them to the redirection URL.

Parameters are added to the AdministrationRequest.Parameters attribute as a list of key value pairs, like:

YFTOOLBAR=TRUE

ENTRY=DASHBOARD

Options passed on the login URL look like:

http://<yellowfin-server>/logon.i4?LoginWebserviceId=<token>&yftoolbar=true&entry=DASHBOARD

Here is a list of the available options:

Parameter Option Key	URL Option Key	Description
YFTOOLBAR	yftoolbar	`TRUE`/`FALSE`. Hide the Yellowfin toolbar for this session.
ENTRY	entry	Determine the user's only entry point on completion of the login process. This is used in conjunction with other parameters to determine the content the user is shown. Possible values: `DASHBOARD` `REPORTLIST` `BROWSE` `BROWSETAB` `CREATEREPORT` `EDITREPORT` `VIEWREPORT` `ADMINISTRATION` `EDITDASHBOARD` `VIEWDASHBOARD` `VIEWSTORYBOARD` `TIMELINE`
REPORTID	reportid	Used with `ENTRY = EDITREPORT` or `VIEWREPORT`. This is the internal Id of the report to redirect to.
REPORTUUID	reportuuid	Used with `ENTRY = EDITREPORT` or `VIEWREPORT`. This is the UUID of the rpeort to redirect to.
STORYBOARDUUID	storyboarduuid	Used with `ENTRY = VIEWSTORYBOARD`. This is the UUID of the storyboard to redirect to.
MOBILEDEVICE	mobiledevice	`TRUE`/`FALSE`. Takes the user to a mobile version of the Yellowfin interface.
REPORTNAME	reportname	Used with `ENTRY = EDITREPORT` or `VIEWREPORT`. This is the name of the report to redirect to.
DISABLESOURCEFILTERS		`TRUE`/`FALSE`. Disable Source Filter or Client Reference Filters for this user, for this session. This allows the user to see all data. This doesn't work for content based on Client Source Substitution.
DISABLEHEADER	disableheader	`TRUE`/`FALSE`. Hide the Yellowfin header for this session.
HIDEHEADER	hideheader	Same as `DISABLEHEADER`.
DISABLEFOOTER	disablefooter	`TRUE`/`FALSE`. Hide the Yellowfin footer for this session.
HIDEFOOTER	hidefooter	Same as `DISABLEFOOTER`.
DISABLESIDENAV	disablesidenav	`TRUE`/`FALSE`. Hide the Yellowfin side navigation for this session.
HIDESIDENAV	hidesidenav	Same as `DISABLESIDENAV`.
DISABLELOGOFF	disablelogoff	`TRUE`/`FALSE`. Hide the Yellowfin logoff link for this session.
HIDELOGOFF	hidelogoff	Same as `DISABLELOGOFF`.
REASONCODE	reasoncode	Custom string (80 ASCII characters) that will be dropped into all events generated by this session. Events are dropped in the Event table in the Yellowfin database. This option can also be used with the JavaScript API.
REASONDESCRIPTION	reasondescription	Custom string (2048 ASCII characters) that will be dropped into all events generated by this session. Events are dropped in the Event table in the Yellowfin database. This option can also be used with the JavaScript API.
DASHBOARDID	dashboardid	Used with `ENTRY = EDITDASHBOARD` or `VIEWDASHBOARD`. This is the internal id of the dashboard tab to redirect to.
DASHBOARDUUID	dashboarduuid	Used with `ENTRY = EDITDASHBOARD` or `VIEWDASHBOARD`. This is the internal id of the dashboard tab to redirect to.
FILTER<ID>	filter<ID>	Used with `ENTRY = VIEWREPORT`. Override filter values for the given report. FILTER is appended with the internal ID of the filter, plus the string representation of the filter value. For example: `FILTER2134=MALE` You can pass multiple filters for the one report.
SOURCEFILTER_<FILTERCODE>		Override the source filter values for this user for this session. `SOURCEFILTER_` is appended with the Filter Type Code from the Source Filter setup page, plus the value you wish to give access to. For example: `SOURCEFILTER_COUNTRY=AU` You can pass multiple source filter values for the one session. This option can also be used with the JavaScript API.
CONTENT_<INCLUDE/EXCLUDE>		Override the content access that a user has for this session. `CONTENT_` is appended with either `INCLUDE` or `EXCLUDE`. The value for this key is either the Content Category Code, or the Content Category UUID. If you choose to `INCLUDE` content, then these will be the only Content Categories that the user will have access to. If you choose to `EXCLUDE` content, then these excluded Content Categories will be removed from the content that the user normally has access to. Inclusion and Exclusion of content is based on the Category level. All sub categories with the specified category are included or excluded. An example of including/excluding with category codes and UUIDs: `CONTENT_INCLUDE=TUTORIAL` `CONTENT_INCLUDE=c83357db-8aef-4ec7-ab72-fce34de9ee77` `CONTENT_EXCLUDE=TUTORIAL` `CONTENT_EXCLUDE=c83357db-8aef-4ec7-ab72-fce34de9ee77` It is not logical to use both `INCLUDE` and `EXCLUDE` for the same session. This option can also be used with the JavaScript API.

Expand
title LOGINUSERNOPASSWORD (Single Sign On)
This service is a drop in replacement for `LOGINUSER`, but the password for the user being logged in is not required.
Options are the same as `LOGINUSER` except for:
AdministrationRequest.Function will be set to `LOGINUSERNOPASSWORD`
AdministrationPerson.Password can be blank
An extra parameter needs to be added to the Configuration table of the Yellowfin database to enable this functionality:
IpOrg
ConfigTypeCode
ConfigCode
ConfigData
1
SYSTEM
SIMPLE_AUTHENTICATION
TRUE
You may need to restart Yellowfin for the database change to take affect.
You will receive a web service arror `26: UNSECURE_LOGIN_NOT_ENABLED` if this configuration option is not added to the Yellowfin database.

User Replication and Managment

...

Content

Space Tools