KB485789: Default authentication for Library Web and Mobile login

Product Owner, Principal • MicroStrategy

This article explains how an administrator can choose the default authentication mode for the Library server.

Starting in MicroStrategy 2021 Update 8, an administrator can choose the default authentication mode for the Library server. This gives the administrator the flexibility to determine which authentication mode is used when users log into Library for the first time when multiple authentication modes are enabled. This article outlines how the default authentication mode setting affects login behaviors for Library web and mobile.

In MicroStrategy Web, auth.modes.default is valid for an extended period of time. There is a possibility that when configuring this setting for MicroStrategy web, it is also copied to the Library server configuration. In releases prior to MicroStrategy 2021 Update 8, Library web did not read this setting. Therefore, administrators may not be aware that this setting is added to the Library server configuration file. Starting in MicroStrategy 2021 Update 8, Library web reads this setting. If the login mode presented is different after upgrading to MicroStrategy 2021 Update 8, check this setting using Workstation or the Library config file as detailed in the steps shown further below.

Library Web and Mobile

When an auth mode is set as the default and users open Library web, a login prompt appears. This is similar to when SAML is set as the default and there is no MicroStrategy login prompt that appears, but the SAML IdP appears.

	Enabled auth mode	Default auth mode	Behavior change vs. prior version
Fresh install	Standard	Standard	No behavior change
Upgrade	Only one mode enabled	The only enabled mode	No behavior change
	Multiple auth modes enabled	Web and Mobile client read the default auth mode (auth.modes.default) defined in configOverride.xml	Following 2 scenarios' behavior change are by design 1.Multiple modes including OIDC mode are enabled. In releases prior to MicroStrategy 2021 Update 8, OIDC is used as the default auth mode when it is enabled. Starting from MicroStrategy 2021 Update 8, the default auth mode is configured by administrator. 2.Multiple modes including SAML mode are enabled, SAML is the default authentication mode. In release prior to MicroStrategy 2021 Update 8, user needs to click “Log in with Identity” button to redirect to SAML page for login. Starting from MicroStrategy 2021 Update 8, user will be redirect to SAML page directly if SAML is the default authentication mode.

HyperIntelligence for Web and Mobile

HyperIntelligence clients have special handling when SAML or OIDC is enabled. When these two auth modes are enabled, the Library server default auth mode is ignored, but uses one of these two auth modes as default. This is the default behavior for all 2021 HyperIntelligence clients, which means this Library server feature won't affect the HyperIntelligence clients' behavior.

Change the default authentication setting in Workstation

Open Workstation.
In the Navigation pane, click Environments.
Right-click an environment and choose Properties. Choose Get Info if you are using a Mac.
In the left pane, click Library.
If you are an administrator, you can set set one of the selected authentication modes to be the default authentication mode through Library.

Change the Default Authentication Setting in the Library Server Config File

Edit the following Library server config file: MicroStrategyLibrary/WEB-INF/classes/config/configOverrides.properties.
Set the default mode to one of the corresponding values below. When setting

NOTE: with this method, admin need to restart Tomcat/Library server for all library server nodes.

Supported Authentication Mode	Authentication Mode Value
Standard	1
Guest	8
LDAP	16
Trusted	64
Integrated	128
SAML	1048576
OIDC	4194304

Comment

0 comments

Details

Knowledge Article

Published:

November 23, 2022

Last Updated:

December 9, 2022

Library Web and Mobile

	Enabled auth mode	Default auth mode	Behavior change vs. prior version
Fresh install	Standard	Standard	No behavior change
Upgrade	Only one mode enabled	The only enabled mode	No behavior change
	Multiple auth modes enabled	Web and Mobile client read the default auth mode (auth.modes.default) defined in configOverride.xml	Following 2 scenarios' behavior change are by design 1.Multiple modes including OIDC mode are enabled. In releases prior to MicroStrategy 2021 Update 8, OIDC is used as the default auth mode when it is enabled. Starting from MicroStrategy 2021 Update 8, the default auth mode is configured by administrator. 2.Multiple modes including SAML mode are enabled, SAML is the default authentication mode. In release prior to MicroStrategy 2021 Update 8, user needs to click “Log in with Identity” button to redirect to SAML page for login. Starting from MicroStrategy 2021 Update 8, user will be redirect to SAML page directly if SAML is the default authentication mode.

HyperIntelligence for Web and Mobile

Change the default authentication setting in Workstation

Open Workstation.

In the Navigation pane, click Environments.

Right-click an environment and choose Properties. Choose Get Info if you are using a Mac.

In the left pane, click Library.

If you are an administrator, you can set set one of the selected authentication modes to be the default authentication mode through Library.

Change the Default Authentication Setting in the Library Server Config File

Edit the following Library server config file: MicroStrategyLibrary/WEB-INF/classes/config/configOverrides.properties.

Set the default mode to one of the corresponding values below. When setting

NOTE: with this method, admin need to restart Tomcat/Library server for all library server nodes.

Supported Authentication Mode	Authentication Mode Value
Standard	1
Guest	8
LDAP	16
Trusted	64
Integrated	128
SAML	1048576
OIDC	4194304