Skip to main content

Microstrategy Authentication Using the URL API

Microstrategy Authentication Using the URL API

Users have to be authenticated before accessing functionality in MicroStrategy Web. Using the URL API, there are three ways for MicroStrategy Web to obtain the information needed to authenticate a user.
A detailed explanation of each method for obtaining the authentication information is provided below.

Opening the login page to gather user for credentials

If the URL attempts to access a MicroStrategy Web page that requires login and no credentials or session state are provided in the URL, the user is redirected to the login page.
If login is successful, the user is redirected to the specified page.  
The sample URL shown below executes a report without providing authenticating information. Since the Report Execution page requires login, the user is redirected to the login page to be authenticated before the report is run.
J2EE environment:
http://webserver/MicroStrategy/servlet/mstrWeb?
Server=localhost
&Project=MicroStrategy+Tutorial
&Port=0
&evt=4001
&src=mstrWeb.4001
&reportID=EB3CD5D14F4C8C77782AC0882C986B8D
.NET environment:
http://webserver/MicroStrategy/asp/Main.aspx?
Server=localhost
&Project=MicroStrategy+Tutorial
&Port=0
&evt=4001
&src=Main.aspx.4001
&reportID=EB3CD5D14F4C8C77782AC0882C986B8D
Sample values are used for parameters in the sample URLS, such as "localhost"  for Intelligence Server or "MicroStrategy+Tutorial" for the project.

Bypassing the login page by providing credentials in the URL

If the URL attempts to access a MicroStrategy Web page that requires login and user credentials are provided in the URL, the login page is bypassed. If the credentials provided are valid, a session is created and the user is redirected to the specified page.
The sample URL shown below executes a report and provides a user name and password to be used for authentication. Since the Report Execution page requires login, the credentials are authenticated before the report is run. In addition to the information necessary to execute the action, the URL contains the uid (user name) and pwd (password) parameters, as shown in bold in the sample URL below.
J2EE environment:
http://webserver/MicroStrategy/servlet/mstrWeb?
Server=localhost
&Project=MicroStrategy+Tutorial
&Port=0
&evt=4001
&src=mstrWeb.4001
&reportID=EB3CD5D14F4C8C77782AC0882C986B8D
&uid=asmith
&pwd=as445888
.NET environment:
http://webserver/MicroStrategy/asp/Main.aspx?
Server=localhost
&Project=MicroStrategy+Tutorial
&Port=0
&evt=4001
&src=Main.aspx.4001
&reportID=EB3CD5D14F4C8C77782AC0882C986B8D
&uid=asmith
&pwd=as445888
For security reasons, this authentication approach is not recommended.
When you pass credentials in the URL, they can be mapped to other credentials before the session is created. In a non-portal environment, a custom External Security Module (ESM) can be used to map the login credentials to MicroStrategy credentials and then pass these mapped credentials to Intelligence Server for user authentication and session creation. In a portal environment, user credentials are mapped by a custom credential mapper class specified as a property of the MicroStrategy portlet, rather than by a custom ESM.
Sample values are used for parameters in the sample URLs, such as "localhost"  for Intelligence Server or "MicroStrategy+Tutorial" for the project.

Bypassing the login page by providing the session state in the URL

If the URL attempts to access a MicroStrategy Web page that requires login and the state of the session is provided in the URL, the login page is bypassed. If the session state is a valid state, the user is taken directly to the specified page.
The sample URL shown below executes a report and provides an existing session state to be used for authentication. Since the Report Execution page requires login, the credentials are authenticated before the report is run. In addition to the information necessary to execute the action, the URL contains the usrSmgr(session state) parameter, as shown in bold in the sample URL below.
J2EE environment:
http://webserver/MicroStrategy/servlet/mstrWeb?
Server=localhost
&Project=MicroStrategy+Tutorial
&Port=0
&evt=4001
&src=mstrWeb.4001
&reportID=EB3CD5D14F4C8C77782AC0882C986B8D
&usrSmgr=l.1.2.0.e.1033.1033.0.1.0.e.0.1.0.1.1.0.1.3.1.16.6.e.1.00000000e8bbb72f11860fe7b2fd062ba59fc24d328683594c768f25209a639e9cfacdb08abeb0400fd8ccc6eb3568cc53aad4647b17be92812146175d751f4db8b834e40fa39a8545849d74f0ee1b95b4f467c30c6f4c7a5dff5cb39f989c689c129c5b22a32718577dcce1189e93f8f49075f3e688eef0.1033.1.2.0.upp*_1*_pl*_1*_upl*_1*_sp*_1*_upriv*_1*_ul*_1*_pp*_1*_up*_1*_wp*_1.0.1.1.2.0.3.3.1.16.6.54F3D26011D2896560009A8E67019608.Administrator.8704.4.America%2FNew*_York..MicroStrategy+Tutorial.127*.0*.0*.1
.NET environment:
http://webserver/MicroStrategy/asp/Main.aspx?
Server=localhost
&Project=MicroStrategy+Tutorial
&Port=0
&evt=4001
&src=Main.aspx.4001
&reportID=EB3CD5D14F4C8C77782AC0882C986B8D
&usrSmgr=l.1.2.0.e.1033.1033.0.1.0.e.0.1.0.1.1.0.1.3.1.16.6.e.1.00000000e8bbb72f11860fe7b2fd062ba59fc24d328683594c768f25209a639e9cfacdb08abeb0400fd8ccc6eb3568cc53aad4647b17be92812146175d751f4db8b834e40fa39a8545849d74f0ee1b95b4f467c30c6f4c7a5dff5cb39f989c689c129c5b22a32718577dcce1189e93f8f49075f3e688eef0.1033.1.2.0.upp*_1*_pl*_1*_upl*_1*_sp*_1*_upriv*_1*_ul*_1*_pp*_1*_up*_1*_wp*_1.0.1.1.2.0.3.3.1.16.6.54F3D26011D2896560009A8E67019608.Administrator.8704.4.America%2FNew*_York..MicroStrategy+Tutorial.127*.0*.0*.1
This is the recommended seamless authentication approach because it is the most secure.
Sample values are used for parameters in the sample URLS, such as "localhost"  for Intelligence Server or "MicroStrategy+Tutorial" for the project.
ClosedClick here to see sample code to reuse an existing session. This is the code that you use in a J2EE environment.
ClosedClick here to see sample code to create a new session. This is the code you use in a .NET environment.

Labels

Labels:

Comments

Post a Comment

Popular posts from this blog

MicroStrategy URL API Parameters

MicroStrategy URL Structure The following table summarizes the root URL structure used for every request to MicroStrategy Web. Environment Main Application URL Administration URL J2EE http://webserver/MicroStrategy/servlet/mstrWeb http://webserver/MicroStrategy/servlet/mstrWebAdmin .NET http://webserver/MicroStrategy/asp/Main.aspx http://webserver/MicroStrategy/asp/Admin.aspx Every request sent to MicroStrategy Web calls a central controller. Parameters are appended to  Main.aspx  or  mstrWeb  (in a .NET and J2EE environment, respectively) to indicate to the controller how the request should be internally forwarded and handled. The following examples show a URL for accessing a MicroStrategy folder when the user does not have an existing session. The URL contains not only the parameters needed to connect to MicroStrategy Web, but also the parameters needed to log on and create a session. J2EE environment: <a href="http:...
2 comments
Read more

Update the data on an Intelligent Cube without having to republish the entire cube in MicroStrategy

Update the data on an Intelligent Cube without having to republish the entire cube in MicroStrategy MicroStrategy has introduced a feature known as, Incremental Refresh Options, which allow Intelligent Cubes to be updated based on one or more attributes, by setting up incremental refresh settings to update the Intelligent Cube with only new data. This can reduce the time and system resources necessary to update the Intelligent Cube periodically versus a full republish. For example, if a user has an Intelligent Cube that contains weekly sales data, the user may want this Intelligent Cube to be updated at the end of every week with the sales data for that week. By setting up incremental refresh settings, he can make it so that only data for one week is added to the Intelligent Cube, without affecting the existing data and without having to reload all existing data. Users can select t...
7 comments
Read more

Microstrategy "Error type: Odbc error. Odbc operation attempted

 "Error type: Odbc error. Odbc operation attempted: SQLExecDirect. [HYT00:0: on SQLHANDLE] [MicroStrategy][ODBC Oracle Wire Protocol driver]Timeout expired" is shown when executing reports from Web When users are trying to execute some reports in MicroStrategy web in particular, they may receive the Error ā€œSQL Generation Complete Index out of rangeā€ and ā€œTimeout expiredā€ error as shown below: Possible Causes: One possible cause is that the MicroStrategy Intelligence Server using a cached database connection that was already dropped by the RDBMS. To resolve this: Admin should delete the database connection caches and create a new DSNs in case they are sharing DSNs to connect to different databases. In addition, change the settings for the ā€˜Connection lifetimeā€™ and the ā€˜Connection idle time outā€™.  Follow the steps below to perform the mentioned changes and verify the report after each step and some of the settings require i-server r...
4 comments
Read more

Retrieve a list of user groups and the associated users in MicroStrategy Developer 9.x / 10.x

Retrieve a list of user groups and the associated users in MicroStrategy Developer Follow the steps below to create a list of all groups and the users in each group: In MicroStrategy Developer 9.x, select 'Project Documentation' from the Tools menu to start the wizard. Select any project that is in the project source that contains the users and groups and click Next. Select only Configuration Objects for documentation. Uncheck the 'Basic Properties' object category from the next screen, as shown below: Then select only 'User Group' under the Configuration Objects section and only 'Groups' and 'Members' under the Definition section, as shown below: Go through the rest of the wizard, and open the resulting documentation. After navigating down to the User Groups, the documentation should look similar to the following image: This page shows every group, any child groups, and all members of each group.
Post a Comment
Read more

Microstrategy Dashboard performance improvements steps

Microstrategy  Dashboard performance improvements steps: Many times, causes of poor performance can be simplified to specific components. To troubleshoot performance issues, users must identify these components, then make the appropriate modifications to the environment and/or to the MicroStrategy dashboard to reduce bottlenecks. Dashboard execution stages can be represented below: MicroStrategy Intelligence Server When an end user makes a  Document Execution Request  through any client (a web browser via MicroStrategy Web, the MicroStrategy Desktop/Developer client, the MicroStrategy Mobile app, or the MicroStrategy Office client), the request is sent to the MicroStrategy Intelligence Server, which processes the request and prepares the response. The MicroStrategy Intelligence Server will execute all children datasets on the dashboard by either generating SQL and running this against the data warehouse, or by fetching data from a cache. The Inte...
1 comment
Read more

Microstrategy Dossiers explained

Microstrategy  Dossiers With the release of MicroStrategy 10.9, weā€™ve taken a leap forward in our dashboarding capabilities by simplifying the user experience, adding storytelling, and collaboration.MSTR has  evolved dashboards to the point that they are more than dashboards - they are  interactive, collaborative analytic stories . Ultimately, it was time to go beyond dashboards, both in concept and in name, and so  the've  renamed VI dashboards to  ā€˜ dossiers ā€™.  Dossiers can be created by using the new Desktop product or Workstation or simply from the Web interface which replaces Visual Insights. All the existing visual Insights dashboards will be converted to Dossiers   With MicroStrategy 10.9, there was an active focus on making it easier to build dashboards for the widest audience of end users. To achieve this, some key new capabilities were added that make it easier to author, read, interact and collaborate on dashboards ...
7 comments
Read more

Case functions Microstrategy

Ca se functions Microstrategy Case functions return specified data in a SQL query based on the evaluation of user-defined conditions. In general, a user specifies a list of conditions and corresponding return values. Case This function evaluates multiple expressions until a condition is determined to be true, then returns a corresponding value. If all conditions are false, a default value is returned.  Case  can be used for categorizing data based on multiple conditions. This is a single-value function. Syntax Case ( Condition1 ,  ReturnValue1 ,  Condition2 , ReturnValue2 ,...,  DefaultValue ) Example Case(([Total Revenue] < 300000), 0, ([Total Revenue] < 600000), 1, 2) sum(Case (Day@DESC in (ā€œSatā€,ā€Sunā€), Sales, 0) {~+} Sum(Case(Category@DESC In("Books","Electronics"),Revenue,0)){~+} CaseV (case vector) CaseV  evaluates a single metric and returns different values according to the results. It can be used to perfo...
3 comments
Read more

Microstrategy Caches explained

Microstrategy Caches Improving Response Time: Caching A  cache is a result set that is stored on a system to improve response time in future requests.  With caching, users can retrieve results from Intelligence Server rather than re-executing queries against a database. To delete all object caches for a project 1 In Developer, log into a project. You must log in with a user account that has administrative privileges. 2 From the  Administration  menu, point to  Projects , and then select  Project Configuration . The Project Configuration Editor opens. 3 Expand  Caching , expand  Auxiliary Caches , then select  Objects . To delete all configuration object caches for a server 1 Log in to the project source. 2 From the  Administration  menu in Developer, point to  Server , and then select  Purge Server Object Caches . 4 Click  Purge Now . To purge web cache follow the steps in the link ...
3 comments
Read more

Microstrategy Document Autotext macros:

Autotext  code/macros in  Microstrategy Document/dashboard This is a list of the available auto text macros that the Report Services Document engine recognizes. The following auto text codes allow you to add  document variable information to your document. These auto text codes are automatically replaced by information about the document. Auto text codes for MSTR document/dashboard:  AUTOTEXT DESCRIPTION   {&PAGE}  Display the current page.  {&NPAGES}  Display the total number of pages.  {&DATETIME}  Display the current date and time.  {&USER}  Display the user name that is executing the Report Services Document.  {&DOCUMENT}  Display the document name.  {&DOCUMENTID}  Display the document ID.  {&DESCRIPTION}  Display the document description.  {&PROJECT}  Display the project name.  {&EXECUTIONTIME}  Dis...
2 comments
Read more

MicroStrategy default sort order for an attribute elements browsing

MicroStrategy default sort order for an attribute elements browsing and display How does MicroStrategy 9.x resolve the default sort order for an attribute when different sort orders are defined for different forms? Consider the following cases: CASE 1 A new attribute is created with three forms, all with sort order set to none. Form Name Form Type Default Sort Order ID ID None DESC DESC None LongDesc None None The overall sort order is evaluated and stored in the attribute definition when the attribute is saved. With all form sort orders set to none there is no saved sort order, MicroStrategy defaults to sort ascending by ID. CASE 2 The same attribute is modified so the forms are now: Form Name Form Type Default Sort Order ID ID None DESC DESC Descending LongDesc None Ascending Now when the attribute is saved, MicroStrategy goes through each form in the order they appear in the main 'Forms' window of the attribute editor. The first...
2 comments
Read more