MicroStrategy ONE

How to Define Login Options

You can further secure the authentication process in MicroStrategy Web by defining login options.

  1. Access the MicroStrategy Web Administrator page. (How?)

  2. In the left pane, click Security. The Security page opens and the login options are displayed under Login.

  3. You can determine whether standard, LDAP, and database authentication users are automatically logged in to a project if their MicroStrategy Web session is lost, or if they must log in manually. Do one of the following

    Web automatically logs Windows and guest authentication users back in if the session is lost.

    • To ensure that standard, LDAP, and database authentication users are automatically logged in to a project if their MicroStrategy Web session is lost, select the Allow automatic login if session is lost checkbox.

    • To require standard, LDAP, and database authentication users to log in again if their MicroStrategy Web session is lost, clear the Allow automatic login if session is lost checkbox.

  4. You can determine whether users can change a password that has expired. Do one of the following:

    • To allow to users to change a password after it expires, select the Allow users to change expired password checkbox.

      Some users do not have privileges to change the password at all. This privilege is assigned to a user by the administrator in the User Editor.

    • To prevent users from changing a password after it expires, clear the Allow users to change expired password checkbox.

  5. You can determine whether the AutoComplete feature in users' browsers is able to store MicroStrategy login information. If AutoComplete is on, users do not have to type their login information completely. For example, if a user's name is 'djohnson' and they begin to type the letters 'd' and 'j', AutoComplete brings up the word 'djohnson.' The user can then select 'djohnson' instead of typing the rest of the letters. Do one of the following:

    • To enable the AutoComplete feature for login information, select the Allow AutoComplete checkbox.

    • To disable the AutoComplete feature for login information, clear the Allow AutoComplete checkbox.

  6. You can determine whether or not to create a new HTTP session each time a user logs in to a project, to help prevent session fixation attacks. This setting is only applicable to the JSP version of MicroStrategy Web. Do one of the following:

    • To create a new HTTP session each a user logs in to a project, select the Create new HTTP session upon login checkbox.

    • To keep the same HTTP session when a user logs in to a project, clear the Create new HTTP session upon login checkbox.

  7. You can determine whether users can automatically log into a project by including the user ID and password information when using the Web URL API. For example, a link can allow a user to execute a report or document with the Web URL API. Do one of the following:

    • To allow the user ID and password in the URL to be used, select the Allow users to log in by including their user ID and password in the URL checkbox.

    • To ignore the user ID and password in the URL, which forces the user to log in using the interface, clear the Allow users to log in by including their user ID and password in the URL checkbox.

    • For more information about using the Web URL API, see the MicroStrategy Developer Library (MSDL), part of the MicroStrategy SDK product.

  8. Click Save.