Contour BI provides users with three types of authorizations: Custom, CAS and LDAP. The method can be specified on config.jsp page. By default Custom authorization is set.
That gives developers and IT-specialists flexibility in integration Contour BI in IT infrastructure of organization of embedding it into 3rd party applications such as ERP, CRM, and other data driven applications.
Custom authorization means that users are created in Contour BI, their logins and passwords are stored in Contour BI Portal. It is possible to create users either in Contour Reporter or programmatically, using Contour BI Portal API.
To use custom authorization ensure that “Custom” option is selected in Authorization group of properties on config.jsp.
The Central Authentication Service (CAS) is a single sign-on protocol for the web. Its purpose is to permit a user to access multiple applications while providing their credentials (such as user id and password) only once.
If CAS authorization is selected, users are created and their information is stored in CAS server. Contour BI queries the server for users credentials. Roles are created in Contour BI and users copied to Contour BI database. Permissions are granted to roles in Contour Reporter and stored to Contour BI Portal database.
To use CAS authorization select “CAS” option in Authorization group of properties on config.jsp and make following settings:
- URL = path to CAS server
The Lightweight Directory Access Protocol (LDAP) is an open, vendor-neutral, industry standard application protocol for accessing and maintaining distributed directory information services over an Internet Protocol (IP) network.
Active directory (AD) is the implementation of LDAP for Microsoft Windows.
If LDAP authorization is selected, Contour BI will use users stored in LDAP server. For example, users of Windows network of organization.
Contour BI administrator will need to copy users to the Contour BI database using Contour Reporter, also it is possible to add LDAP users by code using API.
Roles are created and stored in Contour BI and permissions are granted to Contour BI roles.
To use LDAP, for example Windows Active Directory select “LDAP” option in Authorization group of properties on config.jsp page and make following settings:
- Domain name – an organization’s domain name, for example, mycompany.com
- Host name – a domain server name, for example, dns.mycompany.com
- SLL – check on to use SSL (Security Socket Layer)
- Verify SSL Certificate – check on for using SSL Certificates
- Credentials – LDAP server administrator login
- Password – LDAP server administrator password
- Base DN – base Distinguished Name (DN), optional
Users can be imported from LDAP server using Contour Reporter or Contour BI Portal API.
Unsing Contour Reporter
- Connect to Contour BI Portal
- Select Accounts/Users
- Click Add user account
- Select LDAP users from the list and add them to Contour BI
- Create Roles and grant roles with permissions, assign users to roles
- Get user list from LDAP server using method ExternalUsers
- Add selected users using AddUser