Introduction
There are 2 ways to apply Essbase security in the CXO Software:
- Essbase Authentication plugin with SSO mode enabled
- Use User Impersonation
Essbase Authentication plugin with SSO mode enabled
In this scenario, the username and password the end user enters to login to CXO are used to connect to Essbase server. The limitations of this scenario are:
- Impossible to use any other authentication adapter (SAML, Windows etc)
- Impossible to connect to more than one Essbase Server
Read more about Essbase Authentication Plugin.
Note: The term SSO in the context above means that credentials provided by user in CXO are being used for connecting to essbase as well. It should not be confused with Single Sign On behavior between applications in a browser.
User Impersonation
The user impersonation scenario can be used to overcome the limitations of the Essbase Authentication plugin scenario.
In this case, the connection to Essabase servers is made using the username and password configured in CXO Software on behalf of the the end user logged in to CXO. In this case the Essbase API function "LoginAs" is used to open the connection.
To turn on Essbase impersonation:
- Start the Source system manager (if you want to check if the connection is working you need to login with a cxo user, that also exists in Essbase)
- Select the Essbase source system
- Click Connector Properties
- Under SSO Login, check Impersonate User
