OpenMetabase

Syntax

OpenMetabaseResult OpenMetabase(MbDef tDef, UserCreds tCreds, [OpenMetabaseArg tArg])

Parameters

tDef. Description of the repository, the user is connecting to.

tCreds. User credentials used for connection.

tArg. Connection parameters.

Description

The OpenMetabase operation connects to the repository and returns the moniker of the repository connection.

Comments

The operation enables the user to execute the following operations:

Connection to a repository can be established in various ways. To connect to a repository, specify the repository information and user authentication parameters. For specifying a repository to connect, the following variants are available:

To authenticate the user, use the following methods (a more detailed description is provided below):

Authentication parameters are specified in the tCreds field.

The operation results in the following objects:

NOTE. Session parameters are stored in the BI server memory or at the state server if configuration defined a group of StateServer settings. If the StateServer group of settings is defined, the state server is disconnected, the session identifier is not generated.

The obtained moniker is further used in the following cases:

The sessKey session key can be used, for example, to work with access protocol to get a list of operations executed in the session.

The sessCookie identifier, unlike the moniker, is not used to work with the repository, and is used only to identify existing server sessions. If the obtained identifier is saved and on a new connection is further specified as a value of the tArg.sessCookie field, BI server checks if a session with the same identifier exists. If such a session exists, it is checked if it can be reused. The necessary conditions for reuse of the session:

Authentication Methods

Direct Indication of Credentials

The credentials are specified in the tCreds.user and tCreds.pass fields.

Connection Using Digital Signature

To connect to repository using a digital signature, prepare the repository in the following way:

NOTE. If the BI server is deployed on the IIS server, the BI server pool must be started using credentials of the same user who started the PP.Util.exe utility.

Before connection execute the GetVerifierCode operation to get the data block the client must sign with the digital signature. The signed data must be specified in the tCreds.verifier.signature field, and in the tCreds.verifier.cookie field specify the random number that also will be obtained as the result of executing the GetVerifierCode operation. In the tCreds.verifier.user field specify the user who connects to the repository. This user may be not available in the repository DBMS or in the security manager.

NOTE. If the specified user does not exist anywhere, it is created in the security manager of the repository. If the tCreds.verifier.role field was defined, the user is included into the specified group and granted respective permissions. If this field is not defined, the user is included into the Built-in Users Group. If required, permissions of the created user can be edited with the SetMbSec operation.

In the tCreds.verifier.mbUser field specify the user whose credentials will be used for actual connection to the repository database. This user must exist in the repository and have permissions to enter the repository. Also, in the tCreds.verifier.certificate field specify identifier of the certificate to be used to verify the digital signature. This certificate must be saved to the repository as described above. An empty string is set as the value of the tCreds.pass field, and this field is not used when connecting to the repository using a digital signature.

Integrated Domain Authentication

To use integrated domain user authentication, the tCreds.user field is not specified, specify empty value in the tCreds.pass field. In this case the current operating system user credentials are sent for connection.

Example

Various methods of using this operation are given in the following examples:

Example name
Connecting to Repository with Direct Passing of Credentials
Connecting to Repository Using Digital Signature
Connecting to Repository Using Integrated Domain Authentication

See also:

Common Operations