In this section: |
Managed Reporting is configured by default to use the built-in file-system-based repository (basedir) for information about its users, groups, and roles. You can configure Managed Reporting to use a relational DBMS instead, and maintain this information with the Managed Reporting Administration interface.
This section shows how to configure Managed Reporting to use a relational DBMS to maintain information about your users, groups and roles. You have the choice of storing user passwords (encrypted) in the WF_MRUSERS table, or selecting another means of authenticating users. For example, you can trust that authentication is performed by the Web server (Basic, Integrated Windows Authentication, third-party SSO system, and so on), or configure external authentication to LDAP or the WebFOCUS Reporting Server.
You can also adapt Managed Reporting to read and/or write to an existing relational schema, as described in Using an Existing DBMS Schema.
How to: Reference: |
You must create or identify a database in which to store your security information. You can use the same database for both the ReportCaster Repository and the external repository for Managed Reporting security information (recommended).
You must also create or identify a DBMS login account to create and access these tables. You can use the same or different accounts for the ReportCaster and Managed Reporting repositories.
The Microsoft SQL Server Realm Driver prefixes (SQLS and SQLS2005) refer to the version of the JDBC Driver being used. For example, you can select the SQLS prefix when using the Microsoft SQL Server 2000 JDBC Driver to connect to Microsoft SQL Server 2000. The SQLS2005 prefix allows connections to Microsoft SQL Server 2000, 2005, and 2008 depending on the JDBC Driver that is configured.
The following table lists which prefix is supported according to the JDBC Driver version:
Realm Driver Prefix |
JDBC Driver Version |
MS SQL Server |
---|---|---|
SQLS |
MS SQL Server JDBC Driver 2000 |
2000 |
SQLS2005 |
|
|
MS SQL Server JDBC Driver 2.0 |
|
Do not change the PREFIX value before running the utility that creates your tables. This utility recognizes only the built-in prefix values ASE, DB2, INFMX, MYSQL, ORCL, and SQLS. After your tables are created, you can create and use multiple custom prefix values, such as for development and test.
For more information about the properties you can configure, see Standard DBMS Properties.
----------------------------------------------------- | | | MR Realm Driver DBMS Configuration Utility | | | | Information Builders, Inc. | | Copyright 2004 | | | ----------------------------------------------------- Current Database: SQLSERVER Select one of the following Actions below (You may exit anytime by selecting X): ----------------------------------------------------- 1. Create MR Realm Tables and Load Required Data 2. Load Sample Data 3. Delete Sample Data 4. Drop MR Realm Tables (all data will be deleted) X. Exit ----------------------------------------------------- Select Action:
This option inserts two sample domain entries into the WF_MRDOMAINS table. These domains will be automatically created in the MR Repository (basedir) when you log on to MR as an administrator (see Step 6 in Understanding Sign-on Processing with External Authorization).
By default, this value is set to ibi.uas.service.WFMRX_DBSecurityManager when you select a relational DBMS directory.
Is the path to the class that contains the driver.
Is the connection string of the driver. For more information about how to configure this property, see your JDBC driver documentation.
Note: If you are not using the default instance of SQL Server, you must add a second backslash prior to the instance name. For example:
jdbc:microsoft:sqlserver://hostname\\instancename:1433; DatabaseName=databasename;SelectMethod=Cursor
Important: When using the WebFOCUS Administration Console to edit this setting, the two backslashes preceding the instance name are properly saved to mrrealm.cfg. However, the console incorrectly displays them as a single backslash. The second backslash is necessary for the prefix. DRIVER.URL setting in mrrealm.cfg to escape the single backslash required by the JDBC driver.
Is an ID that has read/write privileges on the tables in the security repository.
Is the password for USER. When updated through the WebFOCUS Administration Console, this value will always be encrypted with WebFOCUS Encryption.
Is the table owner if the tables were created by an account other than the one specified in USER.
Is the maximum number of connections. Zero specifies an unlimited number of connections.
Is the timeout value in milliseconds that the Realm Driver will wait for a database connection. Zero specifies no timeout and is the default value.
Specifies how to authenticate the user to the database directory. When set to false (the default), WebFOCUS looks up the user password in the WF_MRUSERS table and compares it with the value provided by the user. When set to true, the Realm Driver makes a JDBC connection to the database with the user ID and password that were entered on the Managed Reporting logon page and checks for success or failure.
Generally, this should be left set to false. If you have DBMS login accounts for your Managed Reporting users and you want to authenticate them with these credentials, you should consider configuring external authentication to the Reporting Server and having the Reporting Server validate these DBMS credentials.
WebFOCUS encrypts/decrypts end-user passwords written to/read from the WF_MRUSERS table. By default, passwords stored in the WF_MRUSERS table use the encryption algorithm specified by the WFENCR parameter in the install_drive:\ibi\WebFOCUS77\webapps\webfocus77\WEB-INF\web.xml file and uses the ibi.webfoc.wfsecurity.encryption.defenc.WFDefaultEncryption encryption class by default. To change the default encryption class, see Optional Built-in Encryption Providers.Therefore, the ENCRYPTION parameter in the WebFOCUS Administration Console must always contain the value of WFENCR to use the encryption algorithm configured in the web.xml file.
Reference: |
By adding properties to your WebFOCUS/config/mrrealm.cfg file, you can customize the behavior of the WFMR_DBSecurityManager class. These changes need to be made by editing the file directly, not using the WebFOCUS Administration Console. You should make a backup copy of the file first in case you need to undo your changes.
Optionally, you can uncomment the prefix.DATASOURCE=datasourcename property in mrrealm.cfg to define JDBC connection attributes in your web.xml file. In this case, prefix.USER and prefix.PASSWORD are ignored. Once you uncomment this property in the file, it will become accessible in the console.
By default, Managed Reporting uses SQL statements to read and write to its relational DBMS security repository. You can configure Managed Reporting to call stored procedures instead if your DBMS is Sybase, SQL Server, or Oracle.
To use stored procedures, uncomment the prefix.USE_STORED_PROCEDURES property in your mrrealm.cfg file, where prefix is either ASE (Sybase), SQLS, or ORCL. Then set this property to true. Next, run the MR Realm DBMS Configuration Utility and select option 5. Create Stored Procedures. The utility will create 43 stored procedures in your DBMS, and Managed Reporting will call these for its repository communications instead of issuing SQL statements.
There are four functions that are not implemented as stored procedures and therefore must be added as properties to the mrrealm.cfg file:
prefix.SELECT_DOMAIN_OBJ_FIELDS
prefix.SELECT_GROUP_OBJ_FIELDS
prefix.SELECT_ROLE_OBJ_FIELDS
prefix.SELECT_USER_OBJ_FIELDS
For more information about how to set these properties, see http://techsupport.informationbuilders.com/tech/wbf/wbf_tmo_realm.html.
By default, the WFMRX_MRSecurityManager class is configured to read and write to a specific relational DBMS schema. You may be able to configure Managed Reporting to use your own relational schema, depending on its structure and your experience with the Structured Query Language (SQL).
Generally speaking, Managed Reporting issues SQL statements to read and write information to the DBMS repository (see Using Stored Procedures). You can override the standard SQL statements with your own SQL using properties in mrrealm.cfg. For more information, see http://techsupport.informationbuilders.com/tech/wbf/wbf_tmo_realm.html.
WebFOCUS |