The details of these steps are out of scope for this article, you can reference the linked documentation pages for more info. Ensure the client accepts as valid the TSL certificate presented by SAS/CONNECT spawner, for example by adding the ROOT CA certificate into the client truststore.Ensure the TLS certificate presented by SAS/CONNECT spawner includes the external hostname used to connect to the server and any desired DNS alias.Enable the SAS/CONNECT spawner to support external clients.For example, you want to connect a legacy SAS 9 environment to a modern SAS Viya cluster running in the cloud.įirst, your SAS Administrator should have already configured all the required parts: The authentication uses the OAuth protocol to sign in as the same user already logged into the client – more on that later.Ī more common use case is when you are writing your code in a client executing in a different environment than the cluster where the SAS/CONNECT server will start. Kubernetes takes care of finding the correct pod on the correct host and directs the connection there.
You can see that we used sas-connect-spawner as the hostname this maps to the internal Kubernetes services with that name, listening on the SAS/CONNECT default port 17551. * authenticate re-using the already logged-in credentials */ * launch a SAS/CONNECT session on the same cluster */ Let’s start with the simplest use case: you are working within SAS Studio in a SAS Viya environment, and you want to start a SAS/CONNECT session in the same cluster, authenticating as yourself. In the following sections, we present some sample code snippets that show how to perform the initial SIGNON to SAS Viya in different cases - from the same Kubernetes clusters, or from an external client across different releases (SAS Viya and SAS 9.4) – and leveraging different authentication methods: with interactive or hard-coded username and password, using authinfo files, or sharing OAuth tokens. how does the client session authenticate?.where will the remote session start – i.e., what is the backend server name?.The first step in every program that leverages SAS/CONNECT is to submit a SIGNON statement from a client session to start a remote server session: that remote SAS/CONNECT session will be available to execute SAS code and to upload or download data from/to the client.įrom a programmer’s point of view, there are two key information pieces that a client needs to provide – either explicitly written or implied with a default value – to be able to successfully start a SAS/CONNECT session: This time the focus is on the programmers: let's see some sample code that can leverage these new capabilities! Previous articles presented the evolved architecture and capabilities that helped SAS/CONNECT move to dynamic cloud environments with SAS Viya.
0 kommentar(er)
