Authentication and Authorization¶
There are two types of authentication:
Local-based authentication. This authentication type is only useful to configure the Virtual DataPort servers that users can connect to using this tool and the Kerberos settings.
To use this type of authentication, go to http://denodo-server.acme.com:9090/denodo-data-catalog/LoginLocal. With this type of authentication, you can only use the local user “admin” whose password is “admin” by default.
Once you log in for the first time using this authentication method, we recommend changing the password of the local “admin” user. To do this, click Change password on the top right of the site (under the user icon).
The main use of the local-based authentication is to change the Virtual DataPort server to which the Data Catalog will connect or change the Kerberos authentication settings.
VDP-based authentication (default option). With this option, the tool delegates the authentication of users to Virtual DataPort. Therefore, you have to use the same login and password that you use in the Virtual DataPort Administration Tool.
To use this type of authentication, launch the application from the Control Center or go to http://denodo-server.acme.com:9090/denodo-data-catalog/Login.
- Select the Virtual DataPort server you want to connect to from the list.
- The user must have the “Connect” privilege over the database of the URI.
If Kerberos is configured (see section Kerberos Configuration), you can log in to the server with Kerberos using Single Sign On (SSO). Note there is no support to use Kerberos with user and password.
If you are logging in with an LDAP user, the URI database used to log in must point to a virtual database configured with LDAP.
When you select “VDP-based authentication”, the Virtual DataPort server checks that the provided credentials are valid and that the user has the privileges granted to connect to the Server. Take the following into account:
- Only the global administrators of the server and the users with the role data_catalog_admin can administer the tool and synchronize the metadata.
- All the users can browse, search and query the data and metadata of the Server.
If it is the first time you access the Data Catalog (or if you have not yet synchronized the metadata) and you have administration privileges, an alert (see image below) will be shown in the top right of the site, asking you to synchronize the metadata with the Virtual DataPort Server.
A feature of the Data Catalog is to allow the administrators to create categories and tags and apply them to the databases and views from the Virtual DataPort Server, so that they are organized in some way. In order to do this, you first have to synchronize the metadata.
It is highly recommended to synchronize the metadata as the first step once logged in.
Once you are logged in, you will see the main window (see the figure below). These are the main parts:
- Main page: a search box is presented. It is a shortcut to Catalog Search, with the default options.
- Search tab (see section Search): allows to do searches in the catalog and contents (if an index is configured).
- Browse: allows to browse the databases, the relationships among their views, the categories and the tags.
- My Queries (see section Saved Queries): shows the list of the user’s saved queries.
- Administration (see section Administration): allows to configure the server and the catalog. It is only visible to administrators.
- Configuration (see section Configuration): all users can edit their own preferences.
- Logout links.