PA Configuration database table: Difference between revisions

From QPR ProcessAnalyzer Wiki
Jump to navigation Jump to search
Line 59: Line 59:
||
||
||Legacy setting. Not used.
||Legacy setting. Not used.
|}
== SAML 2.0 Federated Authentication Settings ==
{| class="wikitable" style="text-align: left"
!Name !!Description
|-
||SamlMetadataUrl
||The metadata URL of the identity provider. Check that the metadata can be opened using the configured link. The metadata is an XML document, so it should start '''<?xml version="1.0" encoding="UTF-8"?>''' followed by an '''EntityDescriptor''' tag. The metadata URL might look something like '''<nowiki>https://your.federated.identity.provider.com/saml/metadata</nowiki>'''.
|-
||SamlConsumerUrl
||Url that the identity provider uses when redirecting back to QPR ProcessAnalyzer. Use url with following form: '''<Location of your QPR ProcessAnalyzer installation>/EnticeServices/rest/authenticate/saml''', e.g. '''<nowiki>http://SERVERNAME/EnticeServices/rest/authenticate/saml</nowiki>'''. This setting is mandatory for the federated authentication to work.
|-
||SamlUserIdAttribute
||The name of the SAML attribute in the assertion that will be used as the user's login name. If this field is not given or is empty, the '''saml:Assertion''' > ''' saml:Subject''' > '''saml:NameID''' attribute is used in the assertion. If this field is given, one of the '''saml:Assertion''' > '''saml:AttributeStatement''' > '''saml:Attribute''' elements in the assertion is used (the '''Name''' attribute in the '''saml:Attribute''' element is used for matching). Please note that the first mentioned saml:NameID element is different than the usual SAML attributes that are defined using saml:Attribute elements.
|}
|}



Revision as of 19:49, 20 February 2020

In QPR ProcessAnalyzer database, there is a configuration table PA_Configuration. It contains settings listed in the table below. You need SQL Server Management Studio to edit the settings in the configuration table. QPR ProcessAnalyzer Service needs to be restarted for the changes to take effect.

Name Default value Description
SessionIdleTimeout 3600 Idle user session expiration timeout in seconds. User session expires if the session hasn't been used after this amount of time. This time should be set same as QPR UI session expiration timeout.
SessionMaximumDuration 86400 Maximum duration for a user session in seconds. Even if a session is used so that the SessionIdleTimeout is not reached, the session is expired after this amount of time.
SandboxDatabaseConnectionString Connection string to scripting sandbox database (ETL). If not defined, ETL scripts cannot be run. Connection string for the scripting sandbox database is similar to the QPR ProcessAnalyzer database connection string.
StartupModelLoadingMaxParallelism 2 Maximum number of QPR ProcessAnalyzer models that are loaded into memory simultaneously by the Automatic Loading on Server Startup. If there are more models to be loaded on the server startup than this setting, loading for the rest of the models is started one by one when previous model loadings are completed. If this setting is not defined, 2 is used as a default value.

Loading more models at the same time will speed up the whole model loading process, but on the other hand, it causes more load on the system, which affects the system responsiveness for users. Model loading consists of (1) transferring data from the datasource to QPR ProcessAnalyzer and (2) loaded data preprocessing into a model. The former uses mainly network bandwidth (if datasource is in a different server) and the latter uses mainly processor capacity in the QPR ProcessAnalyzer server.

This setting affects only the model loading during the server startup and it doesn't restrict models loadings initiated by users.

AllowNonTemporaryETLTargetTable false Defined whether ETL scripts are allowed to create global temporary database tables (tables starting with ##).
DeleteModelsInRecycleBinOnStartup 0 When set to 1, deleted QPR ProcessAnalyzer models in the recycle bin are permanently deleted when restarting the QPR ProcessAnalyzer Server. After restarting, the DeleteModelsInRecycleBinOnStartup is automatically set back to 0, so the recycle bin is not emptied every time the server is started.
DatabaseBulkCopyTimeout 600 BulkCopyTimeout given for QPR ProcessAnalyzer database SqlBulkCopy operations.
DatabaseBulkCopyBatchSize 5000 BulkCopyBatchSize given for QPR ProcessAnalyzer database SqlBulkCopy operations.
SandboxDatabaseBulkCopyTimeout 600 BulkCopyTimeout given for sandbox SqlBulkCopy operations.
SandboxDatabaseBulkCopyBatchSize 5000 BulkCopyBatchSize given for sandbox SqlBulkCopy operations.
DatabaseAvailabilityMode 0

One of the following options:

  • 0=Available: no limitations for usage
  • 1=Archived: when connecting with Excel Client, user is informed that the database is archived and is not used for production
  • 2=Unavailable: users can't connect to the database
RecommendedClientVersion Legacy setting. Not used.

SAML 2.0 Federated Authentication Settings

Name Description
SamlMetadataUrl The metadata URL of the identity provider. Check that the metadata can be opened using the configured link. The metadata is an XML document, so it should start <?xml version="1.0" encoding="UTF-8"?> followed by an EntityDescriptor tag. The metadata URL might look something like https://your.federated.identity.provider.com/saml/metadata.
SamlConsumerUrl Url that the identity provider uses when redirecting back to QPR ProcessAnalyzer. Use url with following form: <Location of your QPR ProcessAnalyzer installation>/EnticeServices/rest/authenticate/saml, e.g. http://SERVERNAME/EnticeServices/rest/authenticate/saml. This setting is mandatory for the federated authentication to work.
SamlUserIdAttribute The name of the SAML attribute in the assertion that will be used as the user's login name. If this field is not given or is empty, the saml:Assertion > saml:Subject > saml:NameID attribute is used in the assertion. If this field is given, one of the saml:Assertion > saml:AttributeStatement > saml:Attribute elements in the assertion is used (the Name attribute in the saml:Attribute element is used for matching). Please note that the first mentioned saml:NameID element is different than the usual SAML attributes that are defined using saml:Attribute elements.

LDAP Authentication Settings

Name Description
AuthenticationMethod Authentication related settings, see detailed information in LDAP/AD Authentication.
LDAPConnectionString
LDAPUserFilter
LDAPUserSearchBase
LDAPUserIdAttributeName
LDAPServerUserName
LDAPServerPassword

Readonly Information

Name Description
DatabaseId Unique identifier for the database. Unless the database has been copied from another database, there shouldn't be two databases with the same database id.
DatabaseVersion Database schema version. It will be updated automatically when a QPR ProcessAnalyzer Server of a newer version connects to the database and performs migration for the database.
InitializationScriptDatabaseVersion Database version that was when the database was initialized when the software was installed. Do not change this setting.
MinimumDatabaseVersion Minimum allowed database version for QPR ProcessAnalyzer Server connecting to the database. This is a legacy setting and it should not be used.