Skip to main content

Microstrategy Authentication Using the URL API

Microstrategy Authentication Using the URL API

Users have to be authenticated before accessing functionality in MicroStrategy Web. Using the URL API, there are three ways for MicroStrategy Web to obtain the information needed to authenticate a user.
A detailed explanation of each method for obtaining the authentication information is provided below.

Opening the login page to gather user for credentials

If the URL attempts to access a MicroStrategy Web page that requires login and no credentials or session state are provided in the URL, the user is redirected to the login page.
If login is successful, the user is redirected to the specified page.  
The sample URL shown below executes a report without providing authenticating information. Since the Report Execution page requires login, the user is redirected to the login page to be authenticated before the report is run.
J2EE environment:
http://webserver/MicroStrategy/servlet/mstrWeb?
Server=localhost
&Project=MicroStrategy+Tutorial
&Port=0
&evt=4001
&src=mstrWeb.4001
&reportID=EB3CD5D14F4C8C77782AC0882C986B8D
.NET environment:
http://webserver/MicroStrategy/asp/Main.aspx?
Server=localhost
&Project=MicroStrategy+Tutorial
&Port=0
&evt=4001
&src=Main.aspx.4001
&reportID=EB3CD5D14F4C8C77782AC0882C986B8D
Sample values are used for parameters in the sample URLS, such as "localhost"  for Intelligence Server or "MicroStrategy+Tutorial" for the project.

Bypassing the login page by providing credentials in the URL

If the URL attempts to access a MicroStrategy Web page that requires login and user credentials are provided in the URL, the login page is bypassed. If the credentials provided are valid, a session is created and the user is redirected to the specified page.
The sample URL shown below executes a report and provides a user name and password to be used for authentication. Since the Report Execution page requires login, the credentials are authenticated before the report is run. In addition to the information necessary to execute the action, the URL contains the uid (user name) and pwd (password) parameters, as shown in bold in the sample URL below.
J2EE environment:
http://webserver/MicroStrategy/servlet/mstrWeb?
Server=localhost
&Project=MicroStrategy+Tutorial
&Port=0
&evt=4001
&src=mstrWeb.4001
&reportID=EB3CD5D14F4C8C77782AC0882C986B8D
&uid=asmith
&pwd=as445888
.NET environment:
http://webserver/MicroStrategy/asp/Main.aspx?
Server=localhost
&Project=MicroStrategy+Tutorial
&Port=0
&evt=4001
&src=Main.aspx.4001
&reportID=EB3CD5D14F4C8C77782AC0882C986B8D
&uid=asmith
&pwd=as445888
For security reasons, this authentication approach is not recommended.
When you pass credentials in the URL, they can be mapped to other credentials before the session is created. In a non-portal environment, a custom External Security Module (ESM) can be used to map the login credentials to MicroStrategy credentials and then pass these mapped credentials to Intelligence Server for user authentication and session creation. In a portal environment, user credentials are mapped by a custom credential mapper class specified as a property of the MicroStrategy portlet, rather than by a custom ESM.
Sample values are used for parameters in the sample URLs, such as "localhost"  for Intelligence Server or "MicroStrategy+Tutorial" for the project.

Bypassing the login page by providing the session state in the URL

If the URL attempts to access a MicroStrategy Web page that requires login and the state of the session is provided in the URL, the login page is bypassed. If the session state is a valid state, the user is taken directly to the specified page.
The sample URL shown below executes a report and provides an existing session state to be used for authentication. Since the Report Execution page requires login, the credentials are authenticated before the report is run. In addition to the information necessary to execute the action, the URL contains the usrSmgr(session state) parameter, as shown in bold in the sample URL below.
J2EE environment:
http://webserver/MicroStrategy/servlet/mstrWeb?
Server=localhost
&Project=MicroStrategy+Tutorial
&Port=0
&evt=4001
&src=mstrWeb.4001
&reportID=EB3CD5D14F4C8C77782AC0882C986B8D
&usrSmgr=l.1.2.0.e.1033.1033.0.1.0.e.0.1.0.1.1.0.1.3.1.16.6.e.1.00000000e8bbb72f11860fe7b2fd062ba59fc24d328683594c768f25209a639e9cfacdb08abeb0400fd8ccc6eb3568cc53aad4647b17be92812146175d751f4db8b834e40fa39a8545849d74f0ee1b95b4f467c30c6f4c7a5dff5cb39f989c689c129c5b22a32718577dcce1189e93f8f49075f3e688eef0.1033.1.2.0.upp*_1*_pl*_1*_upl*_1*_sp*_1*_upriv*_1*_ul*_1*_pp*_1*_up*_1*_wp*_1.0.1.1.2.0.3.3.1.16.6.54F3D26011D2896560009A8E67019608.Administrator.8704.4.America%2FNew*_York..MicroStrategy+Tutorial.127*.0*.0*.1
.NET environment:
http://webserver/MicroStrategy/asp/Main.aspx?
Server=localhost
&Project=MicroStrategy+Tutorial
&Port=0
&evt=4001
&src=Main.aspx.4001
&reportID=EB3CD5D14F4C8C77782AC0882C986B8D
&usrSmgr=l.1.2.0.e.1033.1033.0.1.0.e.0.1.0.1.1.0.1.3.1.16.6.e.1.00000000e8bbb72f11860fe7b2fd062ba59fc24d328683594c768f25209a639e9cfacdb08abeb0400fd8ccc6eb3568cc53aad4647b17be92812146175d751f4db8b834e40fa39a8545849d74f0ee1b95b4f467c30c6f4c7a5dff5cb39f989c689c129c5b22a32718577dcce1189e93f8f49075f3e688eef0.1033.1.2.0.upp*_1*_pl*_1*_upl*_1*_sp*_1*_upriv*_1*_ul*_1*_pp*_1*_up*_1*_wp*_1.0.1.1.2.0.3.3.1.16.6.54F3D26011D2896560009A8E67019608.Administrator.8704.4.America%2FNew*_York..MicroStrategy+Tutorial.127*.0*.0*.1
This is the recommended seamless authentication approach because it is the most secure.
Sample values are used for parameters in the sample URLS, such as "localhost"  for Intelligence Server or "MicroStrategy+Tutorial" for the project.
ClosedClick here to see sample code to reuse an existing session. This is the code that you use in a J2EE environment.
ClosedClick here to see sample code to create a new session. This is the code you use in a .NET environment.
Labels:

Comments

Post a Comment

Popular posts from this blog

Microstrategy "Error type: Odbc error. Odbc operation attempted

 "Error type: Odbc error. Odbc operation attempted: SQLExecDirect. [HYT00:0: on SQLHANDLE] [MicroStrategy][ODBC Oracle Wire Protocol driver]Timeout expired" is shown when executing reports from Web When users are trying to execute some reports in MicroStrategy web in particular, they may receive the Error “SQL Generation Complete Index out of range” and “Timeout expired” error as shown below: Possible Causes: One possible cause is that the MicroStrategy Intelligence Server using a cached database connection that was already dropped by the RDBMS. To resolve this: Admin should delete the database connection caches and create a new DSNs in case they are sharing DSNs to connect to different databases. In addition, change the settings for the ‘Connection lifetime’ and the ‘Connection idle time out’.  Follow the steps below to perform the mentioned changes and verify the report after each step and some of the settings require i-server r...
4 comments
Read more

Types of prompts in Microstrategy

Types of prompts in Microstrategy The different types of prompts allow you to create a  prompt  for nearly every part of a report. Prompts can be used in many objects including reports, filters, metrics, and custom groups, but all prompts require user interaction when the report is executed. The correct prompt type to create depends on what report objects you want users to be able to base a filter on to filter data, as described in the list below. Filter definition prompts   allow users to determine how the report's data is filtered, based on one of the following objects: Attributes in a hierarchy : Users can select prompt answers from one or more attribute elements from one or more attributes. The attribute elements that they select are used to filter data displayed on the report. This prompt lets you give users the largest number of attribute elements to choose from when they answer the prompt to define their filtering criteria. For example, on a repor...
1 comment
Read more

Types of result caches in Microstrategy

Types of result caches Microstrategy The following types of  result caches are created by Intelligence Server: • Matching caches • History caches • Matching-History caches • XML caches All document caches are Matching caches; documents do not generate History caches or XML caches. Intelligent Cube reports do not create Matching caches. Matching caches Matching caches  are the  results of reports and documents that are retained for later use by the same requests later on. In general, Matching caches are the type of result caches that are used most often by Intelligence Server. When result caching is enabled, Intelligence Server determines for each request whether it can be served by an already existing Matching cache. If there is no match, it then runs the report or document on the database and creates a new Matching cache that can be reused if the same request is submitted again. This caching process is managed by the system administrator and ...
Post a Comment
Read more

Non Aggregate metrics Beginning lookup, Ending lookup, Beginning fact., Ending fact

Non Aggregate metrics  Beginning lookup,  Ending lookup,  Beginning fact .,  Ending fact A nonaggregatable metric, such as an inventory metric, is one that should not be aggregated across an attribute.   For example, if you have monthly inventory numbers in your data warehouse and want to calculate the yearly inventory, adding the monthly numbers together does not provide a useful business measure. Instead, you may want to use the end-on-hand and beginning-on-hand inventory numbers to see how the total inventory changed during the year.  The following options are available: • To use the first value in the lookup table, select  Beginning lookup . • To use the last value in the lookup table, select  Ending lookup . • To use the first value in the fact table, select  Beginning fact . • To use the last value in the fact table, select  Ending fact .
Post a Comment
Read more

Super Cubes in MicroStrategy 2019

Super Cubes in MicroStrategy 2019 Beginning in MicroStrategy 11.0 and 2019, users will notice objects referred to as " Super Cubes ".  Super Cubes are simply a renaming of what was previously referred to as MTDI (Multi Table Data Import) Cubes. Note that only the naming convention has changed, as the functionality remains the same . This name change is visible in MicroStrategy Workstation and MicroStrategy Web. In MicroStrategy Workstation, right click on any cube created via Data Import and select Properties . The object Type is listed as Super Cube: This can also be seen when editing or authoring a dossier. In your Datasets panel, hover over the name of your dataset. The tooltip will show the dataset type listed as a Super Cube.
Post a Comment
Read more

Algorithm to calculate Logical Table Size in Microstrategy

How are the fact tables determined using the logical table size for SQL generation in MicroStrategy The logical table size is an integer number that represents the granularity or level of aggregation of a particular table. It is called 'logical' because it is not related to the physical size of the tables (number of rows). It is calculated according to the attribute IDs that are present in the table and their level in the system hierarchy.   Even though, the number does not reveal the actual number of rows in the table, it is an accurate way of measuring a table size without having to access its contents.   IMPORTANT:   The system hierarchy is defined by the parent-child relationships between attributes of the same family (formerly known as a dimension), not by user-defined hierarchies (i.e., drilling hierarchies).   MicroStrategy Engine utilizes an algorithm based on attribute keys to calculate the Logical Table Size (LTS): Given the following tables: ...
Post a Comment
Read more

Optimizing queries in Microstrategy using VLDB properties

Optimizing queries in  Microstrategy using VLDB properties #vldb #vldbproperties The table b elow summarizes the Query Optimizations VLDB properties. Additional details about each property, including examples where necessary, are provided in the sections following the table. Property Description Possible Values Default Value Additional Final Pass Option Determines whether the Engine calculates...
Post a Comment
Read more

Displaying sections horizontally in MSTR

Displaying sections horizontally in MSTR Document By default, all sections are displayed and printed vertically in a document. The Detail Header is displayed below the Document Header, the Detail is displayed below the Detail Header, and so on. For Ex: the title Monthly Revenue is displayed in the Detail Header, while Month and Revenue are placed in the Detail section as shown below. Displaying the Detail section horizontally displays the monthly revenue across the page, as shown in the document sample below. The Revenue metric was moved below Month, to present a half year of data across a single sheet of paper. The following image shows the same document in Design Mode. The Detail Header contains the title, while the Detail section contains Month and Revenue. The Detail section is displayed horizontally. You can also control the horizontal width using the settings:  A horizontally displayed section prints horizontally across a page and therefore needs addi...
Post a Comment
Read more

MicroStrategy VLDB properties with Hive

 Recommended VLDB Properties for use of  MicroStrategy 9 with Hive 0.7x The recommended VLDB optimizations for Hive 0.7x are listed below. These values are set by default when the "Hive 0.7x" database object is used (set at  Configuration Managers > Database Instances > Database Instance > Database connection type ) Selected Default VLDB Properties for Hive 0.7x  VLDB Category  VLDB Property Setting  Value   Tables  Fallback Table Type  Permanent Table  Tables  Maximum SQL Passes Before FallBack   0 (no threshold)  Tables  Maximum Tables in FROM Clause Before FallBack  0 (no threshold)  Tables  Drop Temp Table Method  Drop after final pass   Tables  Table Creation Type  Implicit Table  Query Optimizations   Sub Query Type   Use Temporary Table, falling back to IN (SELECT COL) for cor...
Post a Comment
Read more

URL API connection mode parameters

URL API connection mode parameters When using the URL API, to denote which type of Authentication to use, developers can use the connMode parameter.  The following values are used for this parameter: Standard = 1 LDAP Authentication = 16 Database Authentication = 32 Guest = 8 Windows Authentication = 2 Trusted Authentication = 64 Integrated Authentication = 128
Post a Comment
Read more