3 Replies Latest reply on Jun 10, 2020 2:46 PM by iArchSolutions-Joe

    Passing a userID when creating a maxl session

    samlambert

      I want to have multiple ways of logging into Essbase using maxl sessions. One would just be the default method, but the other I'd like would be through passing a userID when creating a maxl session. I was wondering if anyone has any experience with this?

        • 1. Re: Passing a userID when creating a maxl session
          iArchSolutions-Joe

          Good morning - can you give a little better example of what you mean by "multiple ways" - you can create maxL scripts that contain the login credentials out of the box.  You should also encrypt those credentials so there are no plain passwords being exposed.  Could you also provide the version of Oracle EPM & Essbase? if you can provide that info maybe we can be a better help.  In the meantime.....

           

          Here's the link to doc on encrypting maxL credentials:

           

          https://docs.oracle.com/cd/E57185_01/ESBTR/maxl_invoke_encrypt.html

           

          You also probably already have this but here's the doc on mail< uses, samples, etc...

           

          https://docs.oracle.com/cd/E57185_01/ESBTR/maxl_chap.html

           

          Joe Malewicki

          Certified Cloud Architect

          joe.malewicki@iarchsolutions.com

          203-880-4268

           

          ***Please don’t forget to mark comments as helpful or answered so others in the community can better resolve the same issues if it is encountered.***

          • 2. Re: Passing a userID when creating a maxl session
            samlambert

            So right now when I create maxl sessions I login with the global user for application access. I want to pass in a user_id/username instead of the global user. Essentially like a security filter. I think something with essmsh might be what i'm looking for.

            • 3. Re: Passing a userID when creating a maxl session
              iArchSolutions-Joe

              Good morning - just checking in to see if you made any progress on this?  Most of our clients will setup a sort of "batch admin" type fo native account within Shared Services nd use just that account for any scripting/automation batch needs\s.  Being a native Shared Services account, you will still be able to process your jobs even is your external MSAD/LDAP providers go offline.  This account or accounts can also be tightened up to only allow the access you need to help mitigate any security risks of too much access.  And yes - using maxL with encrypted credentials is the way to go!  Tons of samples in the Oracle docs as I mentioned and also all over the internet.

               

              A good way to ensure you're encrypted it so setup Wireshark once done and monitor that traffic from wherever the batch job is kicked off to it's target Essbase instance.

               

              Joe Malewicki

              Certified Cloud Architect

              joe.malewicki@iarchsolutions.com

              203-880-4268

               

              ***Please don’t forget to mark comments as helpful or answered so others in the community can better resolve the same issues if it is encountered.***