usefulTips

Useful configuration tips

You have to be an administrator to accomplish these steps

sas.commons.web.security

Setting these might require a restart of the servers. The SASEnviromentManager UI gives you hints on this.

You can set these thru SASEnvironment Manager(defintions->sas.logon.callback). All of these can be found together by going to SASEnvironmentManager->Configuration->Definitions and filtering on security.

CORS
- allowCredentials Set this to true
- Allowed Origins - set this to meet your needs.A * will leave this wide open to all clients. Talk to your site administrator.
cookies
- sameSite Critical for browsers like Chrome. For VA-SDK you need to set this to None
- To set this use the SASEnvironmentManager->Configurations->Definitons->sas.commons.web.security.cookies
CSRF
- allowed URI A sample is shown below. Use your expertise in regex to specify the allowed uris.

        http(s?)[:]\/\/([^\.]+\.)*acme\.com,http(s)*[:]\/\/localhost([:])*\d*

        During testing you can set this to .*

** Managing SAS Viya Session Timeouts

SAS Viya sessions will timeout after a set period of inactivity. In some situations one might want to set this timeout to specific values.

Follow the instructions at this link
Create a config for saslogon with a timeout much larger than what you set in Step 1.

Starting with Viya 3.5.1 the timeout has to be set differently. Timeout is expressed as 30m for 30 minutes, 12h for 12 hours etc...

Users of restaf-server see the KEEPALIVE setting to keep the application authentication alive.

Application specific configurations

Logon callback uris

This is useful if you want your custom apps to behave like our standard VA applications on timeout.

The comma-delimited list of URIs that users can be redirected to after signing in following a time-out or logoff. SAS application URIs and registered client redirect URIs are automatically included in the list.

Use SAS Environment Manager to set this in SAS Logon Manager configuration. An example is

http://localhost:8080/viyaapp,https://localhost/viyaapp

Setting up clientid for your custom applications

You can run this as part of your setup scripts. See https://github.com/sassoftware/restaf/wiki/Managing-clientids

Do the following in any shell:

npx @sassoftware/registerclient --host=Url-to-viya-server

On prompt (>) enter

logon

Then respond to request for userid and password.

Once you are logged on issue "help" command to see what is possible.

Web Applications

Recommend that you use authorization_code flow for web applications. This will allow your application to use VA-SDK.

Here is an example;

add viyademo -t authorization_code -s secret -r http://localhost:8080/viyademo,http://localhost:8080/viyaapp,https://localhost/viyademo,https://localhost/viyaapp

Non-web applications

Create password flow clientids

Here is an example:

add mycli -t password -s myclisecret

restaf
restaflib
- Introduction
- Examples:
  - Cas Server
    - Executing a Cas Action
    - Scripting Cas Server with casl
  - Compute Server
    - Scripting SAS server using compute Service
  - Scoring with MAS
    - Scoring models deployed to MAS
  - Scoring with CAS
    - Scoring models deployed to CAS
  - Utility
    - Browsing a cas table
- CAS Related Functions
- MAS Related Functions
- Compute Server Related Functions
- Reports Related Functions
  - findReport: Get the uri for a specific report
  - getReportImage: Get an image of a specific report
Interactive CLI
- Import and Export to Viya
- Managing clientids
Special Topic
- Configure AWS Viya Quick Start for Serverless functions
- Developing apps to run in VA's DDC

Provide feedback

Saved searches

Use saved searches to filter your results more quickly