Connector for dg hyparchive - General

Integration module Consume data Connector for dg hyparchive Properties

Name

Give the new connection a name here.

Description

Provide the new connection with a description.

hyparchive Service URI / Registration Service URI/ Stream Service URI

The web service URLs are obtained from your hyparchive server installation. Normally these are created from the host name of the hyparchive server, the port and the name of the web service.

Examples:

https://serverhostname:8001/HypService
https://serverhostname:9001/HypRegService
https://serverhostname:10001/HypServiceStream

Access to the dg hyparchive web service normally ensues via SSL. Each URL must therefore begin with "https://". In addition, the SSL certificate of the hyparchive server needs to be imported into the Intrexx License Manager. There is also the option to activate the services without a certificate, this is done by deactivating the SSL certificate check.

Authentication

The authentication methods, which the portal user will use to access hyparchive, are defined in this area.

Simple


Windows user / password

Enter the corresponding username and password.

Kerberos - Integrated Windows Authentication (Single Sign-On)


User / Password

A Windows username and their password must be entered here for both authentication methods. This user is needed for the web service authentication when accessing from the Intrexx Portal Manager (e.g. to read the stamp definitions in hyparchive). If this user is also a registered hyparchive user, then this user will also be used for accessing the metadata and therefore needs to have the appropriate access permissions. If an internal (i.e. within hyparchive) or varying Windows user is used for the Portal Manager, this can be entered in the last section of the dialog. The authentication method "Kerberos" allows you to apply a Single Sign-On Authentication within Windows domains. The following conditions must however be fulfilled:
  1. The Intrexx Portal Server must be run with the Microsoft Internet Information Server and be a member of a Windows domain.
  2. The Intrexx Portal Server must be configured for Integrated Windows Authentication and the user must be imported from the active directory.
  3. A Service Principal Name must be defined for the hyparchive dg connect WCF Server.
  4. Single Sign-On Authentication must be active for the dg connect WCF Server. Further information can be found in the dg connect WCF documentation.
  5. There must be a corresponding Windows account user for every Intrexx user, who should access hyparchive.
  6. The Integrated Windows Authentication should be activated for the client browser.
If the conditions named above are fulfilled, then the Single Sign-On can be activated. For this, a hyparchive Username/Password will be needed to access the metadata.

Service Principal Name

Enter the SPN of the hyparchive dg connect server here. This is usually compiled in the following way:

"http/<hyparchive DNS Name>"

Whereby "<hyparchive DNS Name>" should be replaced with the fully qualified DNS host name of the hyparchive web service Server. The host name must be identical to the host name that was entered for the URL. After the configuration is saved, the integrated authentication will be automatically activated. When correctly configured, Intrexx portal users will automatically be logged in when accessing hyparchive files. Should problems occur while setting up Single Sign-On, you can find additional instructions to help analyze problems with the Kerberos authentication here.