Configuration

The configuration of the OData service is in the file <DENODO_HOME>/resources/apache-tomcat/webapps/denodo-odata4-service/WEB-INF/classes/configuration.properties.

In this file you can modify the following properties:

  • odataserver.address: service name. For example, if you change this to /odata-interface.svc, the URL to access the service will be http://localhost:9090/denodo-odata4-service/odata-interface.svc/<database name>/.

  • odataserver.serviceRoot (optional): root URI of the service. Set the value of this property if the service is going to be accessed through a gateway, so links within the OData response use this URI as root. For example, if the value of this property is https://gw.denodo.com:9000/ODATA/, a request to http://server001:9090/denodo-odata4-service/denodo-odata.svc/movies will return this URL in the response: https://gw.denodo.com:9000/ODATA/denodo-odata.svc/movies.

  • server.pageSize: number of records returned per request. See more about this in the section Pagination section.

  • enable.adminUser: if false the user account admin (not other administrator accounts) will not be allowed to access this service. This functionality can be used only with Basic authentication, not with Kerberos authentication, nor OAuth.

  • debug.enabled: if true, the responses to requests with the query parameter ?odata-debug=json will include debugging information, in addition to the data itself.

  • disable.basicAuthentication: set to true to disable HTTP Basic authentication in this service; false to enable it.

  • disable.kerberosAuthentication: set to true to disable Kerberos authentication in this service; false to enable it.

    To enable Kerberos authentication in this service, first you need to enable Kerberos authentication for the Denodo server. The section Kerberos Authentication explains how to do it.

  • disable.oauth2Authentication: set to true to disable OAuth 2.0 authentication in this service.

    To enable OAuth authentication in this service, first you need to enable OAuth authentication for the Denodo server. The section OAuth Authentication explains how to do it.

When you enable/disable the authentication mechanisms of this service, you need to leave at least one authentication mechanism enabled.

Restart the Virtual DataPort server for the changes on this file to take effect.

Kerberos Authentication

The OData Service supports Single Sign-On (using the Kerberos protocol). Follow these steps to enable this:

  1. Perform the post-installation tasks described in the section Setting-up Kerberos Authentication of the Installation Guide.

  2. Enable Kerberos in the Virtual DataPort Server, as described in the section Setting-Up the Kerberos Authentication in the Virtual DataPort Server of the Administration Guide.

  3. In the file <DENODO_HOME>/resources/apache-tomcat/webapps/denodo-odata4-service/WEB-INF/classes/configuration.properties, set the property disable.kerberosAuthentication to false.

  4. Configure Kerberos in your browser.

Important

To access the Denodo OData 4.0 Service, use the Fully Qualified Domain Name of the Server Principal Name you configured in the Virtual DataPort Server. For example, if your Server Principal Name is HTTP/denodo-prod.subnet1.contoso.com@CONTOSO.COM, you should access the Denodo OData 4.0 Service through the URL http://denodo-prod.subnet1.contoso.com:9090/denodo-odata4-service/denodo-odata.svc or https://denodo-prod.subnet1.contoso.com:9443/denodo-odata4-service/denodo-odata.svc.

Enabling Cross-Origin Resource Sharing (CORS)

This service supports Cross-origin resource sharing (CORS). The section Cross-origin Resource Sharing (CORS) (settings of published REST web services) explains what CORS is.

To enable the CORS support on the OData Service, follow these steps:

  1. Edit the file web.xml of the folder <DENODO_HOME>/resources/apache-tomcat/webapps/denodo-odata4-service/WEB-INF/.

  2. Add the following at the top of this file.

    <!DOCTYPE doc [
    <!ENTITY cors_settings SYSTEM "cors_settings.xml">
    ]>
    

    The file has to end up looking like:

    <!DOCTYPE doc [
    <!ENTITY cors_settings SYSTEM "cors_settings.xml">
    ]>
    <web-app ...
    

    And add the reference in the filters section:

    <!-- ******************* -->
    <!-- Filters             -->
    <!-- ******************* -->
    &cors_settings;
    
  3. Edit the file cors_settings.xml of the folder <DENODO_HOME>/resources/apache-tomcat/webapps/denodo-odata4-service/WEB-INF/.

  4. Uncomment the contents of the file.

  5. By default, the value of the property cors.allowed.origins is *. With this, the service will allow CORS requests received from any domain.

    To limit the domains from which CORS requests are allowed, change the value of this property: replace * with the list of allowed URLs (separate each URL by a comma).

    For example, https://foo.com, http://foo.com, https://foo.bar.com

    CORS requests from any other origin will be denied with the HTTP code 403 (Forbidden)

    Important

    For each URL, enter its protocol as well. URLs that not contain the protocol are invalid. E.g. foo.com is invalid.

  6. Restart the Virtual DataPort server to apply the changes.