/
Implementing SSO with DataFlow

Implementing SSO with DataFlow

Owned by Francisco Javier López Acevedo
17/01/25
2 min read

Available since version 6.1.0-Warcraft

Introduction

Until now, everything related to DataFlow has been done with internal users of Dataflow Streamsets Data Collector.

As of version 6.1.0 of Onesait Platform, SSO has been implemented with DataFlow, so that at the Streamsets level, it will be the Platform users themselves who record all the operations carried out, instead of doing so with the application's own users.

This will allow, among other things, to have greater control of who executes what. Thus, it will be possible to see both in the logs and in the execution history who executes each process:

image-20240715-120630.png
Historical: each execution reflects the user who launched it.
image-20240715-120716.png
Logs: reflect the user who launched the process.

For the end user of Onesait Platform, this change is completely transparent. For the user, the operation of the DataFlow module and the development and execution of pipelines will be identical to what it has been up to now.

Configuration

Regarding Platform deployments with DataFlow, the configuration changes slightly.

To facilitate the configuration of DataFlow, the following properties have been added to the standard configuration file /etc/sdc/sdc.properties:

onesaitplatform.im.enabled=true dpm.app.security.path=controlpanel/streamsets/auth onesaitplatform.im.base.url=http://controlpanelservice:18000 onesaitplatform.controlpanel.api.base=http://controlpanelservice:18000 onesaitplatform.acl.get.url=controlpanel/api/dataflows/pipelines onesaitplatform.admin.user.token=xxxxxxxxxx

Where each of these properties refers to:

Property

Use

Property

Use

onesaitplatform.im.enabled

Enables the use of SSO. In deployments of version 6.1.0 and later it is required to be ‘true’.

dpm.app.security.path

Platform security service access URL. Specifically it is the URL for internal access to Control Panel.

onesaitplatform.controlpanel.api.base

URL of access to the intermediate services necessary for DataFlow (ACLs, mainly). Specifically, it is the URL for internal access to Control Panel.

onesaitplatform.acl.get.url

Path for access to the ACLs validation service. The default value does not change.

onesaitplatform.admin.user.token

API Key token of a Platform administrator user. This data changes with each installation.

This is the default configuration, which works on all common installations. The only property that needs to be changed on each installation is the onesaitplatform.admin.user.token property.