Selecting the Authentication Module

To enable Analytic Services to use the security platform, you must add the AUTHENTICATIONMODULE setting to the essbase.cfg configuration file located in the bin directory of the Analytic Services installation. The setting applies to all applications and databases defined on the Analytic Server.

A default essbase.cfg file is created during installation.
To edit the essbase.cfg configuration file:

  1. Edit the file in text format with any text editor, such as Windows Notepad.


  2. Enter the AUTHENTICATIONMODULE setting and its parameters on a single line in the file. You do not need to end the line with a semicolon.


  3. Make sure that the file is named essbase.cfg.


  4. Save the file in the essbase\bin directory.


  5. Stop and restart Analytic Services after changing the configuration file. Analytic Services reads the configuration file only once, at startup.

Note: To provide support for the security platform, the parameters for AUTHENTICATIONMODULE have been expandede. Therefore, use the following documentation to enable the security platform, rather than using the AUTHENTICATIONMODULE documentation in the Analytic Server Configuration Settings section.

AUTHENTICATIONMODULE (for Security Platform)

Specifies the configuration needed to prepare the Analytic Server to use the security platform.

Syntax

AUTHENTICATIONMODULE module_name configURL

 module_name An acronym that tells Analytic Services to use the Hyperion security platform. Use the following value:

  CSS
 configURL The URL to the location of the configuration XML file for the security platform. It can be placed centrally on a Web server, or, if on the same computer as the Analytic Server, the URL can be a file path under the current host name.

A sample configuration XML file is installed with Analytic Services: HYPERION_HOME\common\CSS\2.5.3\configuration\css-full.xml. You can either edit this file to suit your configuration or create a new one. See Configuring the Security Platform for details about this configuration file, which is different from the essbase.cfg configuration file for Analytic Services.

Notes

As with most server configuration settings, restart Analytic Server to initialize all changes.

Example

The following entry in essbase.cfg specifies that Analytic Services should allow use of the security platform, which is configured to the corporate authentication repository by means of the XML file stored at the specified URL.

AuthenticationModule CSS http://myServer:8080/css_config.xml

The following entry in essbase.cfg specifies that Analytic Services should allow use of the security platform, which is configured to the corporate authentication repository by means of the XML file stored in a subdirectory of HYPERION_HOME. Note that you must use %20 to represent a space, if the URL contains spaces.

AuthenticationModule CSS file://localhost/C:/Program%20Files/Hyperion/common/CSS/2.5.3/configuration/css-full.xml

After the administrator has edited or re-created Analytic Services users to be externally authenticated security-platform users, the users can now log on to Analytic Services using the login information stored in their company's authentication repository (LDAP, NT LAN Manager, or Active Directory). See also MaxL Statements for External User Management.

©2004 Hyperion Solutions Corporation. All Rights Reserved.
http://www.hyperion.com