Initializing help system before first use

Managing Users

Xpress Insight implements a user authentication and authorization security system. Users and programs must successfully log in to the Xpress Insight server with an authenticated set of user credentials before using the system or making requests to the server.

User Authentication Defaults

The default configuration authenticates against user credentials stored within the Xpress Insight database. User information is stored as plain text with passwords persisted in a one-way encrypted form using SHA-256 hashing (1024 iterations and a random 8-byte random salt value).

The default installation includes the following pre-configured administration account:
  • Username: admin
  • Password: admin123

This account is pre-configured with access to all features of the Xpress Insight system, including the administration interface. The password (admin123) should be changed immediately after the application is deployed.

Once a user is authenticated, the authorization system returns a set of authorities for the logged-in user. Certain authorities are required to invoke actions by the Xpress Insight server - see Reviewing Preconfigured System Authorities for a full list of pre-configured system authorities and the actions they authorize.

User accounts are associated with one or more authority groups, and user actions are restricted in scope to apps of which the user is a member. See Using the Predefined Authority Groups and Users for further information about predefined authority groups.

Note There must be at least one active user with the SYS_USER authority within the application at any one time. If an action is performed that results in there being no active SYS_USER, an error is displayed indicating that the requested action cannot be performed. Examples of this type of action include removing SYS_USER from an authority group or removing an authority group assigned to a user.
Covered Topics
  • Listing and Adding Users
    Review this section to understand how to list and add users.
  • Updating Users From LDAP
    When LDAP is enabled, the UPDATE FROM LDAP button is enabled on the List users page.
  • Generating a User Report
    The following describes the tasks associated with generating a user report. Note that user report information is updated on a real-time basis.
  • Listing, Editing, or Adding Authorities
    Managing authorities is an important task for user administration.
  • Managing Authority Groups
    Managing your user authority groups is an important part of the Xpress Insight user authentication and authorization security system.
  • Reviewing the Pre-Configured System Authorities
    Review the Xpress Insight pre-configured authorities which are part of its authorization system.
  • Tableau Configuration
    The TABLEAU tab is used to view and maintain the integration with Tableau. It also provides the facility to check on the integration with Tableau and to check and synchronize the user accounts in the two applications.
  • Configuring LDAP
    The LDAP tab is used to view and maintain the integration with LDAP for user authentication and to retrieve basic user information (first name, last name, and email address). Only users with SYS_SERVER authority can access this tab.
Parent Topic Insight Administrator Guide