Introduction

There are 2 ways to apply Essbase security in the CXO Software:

Essbase Authentication plugin with SSO mode enabled
Use User Impersonation

Essbase Authentication plugin with SSO mode enabled

Documentation > Applying Essbase Security in CXO > image2021-6-11_15-41-10.png

In this scenario, the username and password the end user enters to login to CXO are used to connect to Essbase server. The limitations of this scenario are:

Impossible to use any other authentication adapter (SAML, Windows etc)
Impossible to connect to more than one Essbase Server

Read more about Essbase Authentication Plugin.

Note: The term SSO in the context above means that credentials provided by user in CXO are being used for connecting to essbase as well. It should not be confused with Single Sign On behavior between applications in a browser.

User Impersonation

The user impersonation scenario can be used to overcome the limitations of the Essbase Authentication plugin scenario.

Documentation > Applying Essbase Security in CXO > image2021-6-11_15-52-44.png

In this case, the connection to Essabase servers is made using the username and password configured in CXO Software on behalf of the the end user logged in to CXO. In this case the Essbase API function "LoginAs" is used to open the connection.

To turn on Essbase impersonation:

Start the Source system manager (if you want to check if the connection is working you need to login with a cxo user, that also exists in Essbase)
Select the Essbase source system
Click Connector Properties
Under SSO Login, check Impersonate User

Documentation > Applying Essbase Security in CXO > image2018-2-23_13-41-10.png

Documentation > Applying Essbase Security in CXO > image2018-3-8_9-52-45.png