Informatica Cloud

ICRT Process User Roles and URLs

Scott S NelsonLeave a comment

I am in complete agreement with the current wisdom of designing security in from the start. When developing, it is often more expedient to leave the security out until everything else has been tested to reduce the number of parts that need to be evaluated when debugging, and I (for better or worse) take the expedient path most of the time.

Recently I built some Informatica Cloud Real Time (ICRT) Processes intended for use as web services and built them with Anonymous access allowed up until completion, at which point I added the authorized users to the list to lock them down. And then found that they would not run when provided the correct authentication.

I will spare you the many things I looked at to resolve the issue and simply point that my excuse for it taking so long was the nature of the response when calling the service, which was “HTTP Status 403 – User is not authorized to perform operation within tenant context”. With that error my pursuits at debugging were focused on security configuration.

The actual source of the issue is that once the process is deployed requiring authentication, it uses a different URL format. To wit the unauthenticated structure is:

https://[SEGEMENT] .rt.informaticacloud.com/active-bpel/public/soap/[ORG ID]/[PROCESS NAME]

and the authenticated URL is:

https://[SEGEMENT] .rt.informaticacloud.com/active-bpel/soap/[PROCESS NAME].

So, be sure to publish the correct authenticated URL to clients while developing and update your test client when finalizing.

Facebooktwitterredditlinkedinmail
© Scott S. Nelson

Sometimes Two Processes are Better than One

Scott S NelsonLeave a comment

This is a short post to save people the time of discovering that what is usually thought to be more efficient is not in one case…

I’m working on some ETL integrations where the source is sometimes so complicated that it is too painful to work with it within the Informatica Cloud Mapping Designer. Fortunately, the customer also has Informatica Cloud Real Time, which has some handy APIs for accessing and re-arranging data from ReST and SOAP services. In one particular case I need to get check each record before sending the result set to a Mapping Task. I followed an example where one process calls a sub-process that is designated to apply to only the object type of the record being processed (a simplified version is depicted below).

Top Process calling Sub-Process for a List
Top Process calling Sub-Process for a List
Sub Process that Writes a Particular Object Type to a file.
Sub Process that Writes a Particular Object Type to a file.

This worked as described, though looking at the resulting process, it seemed that I could eliminate the sub-process by recursing the file writer call inside the first process.

One Recursive Process Writing a List to a File
One Recursive Process Writing a List to a File

The recursion approach worked, but it was much, much slower than the approach of handing off the file writing task to the sub-process. This seemed unexpected given the minimal processing being done, but there you have it.

Facebooktwitterredditlinkedinmail
© Scott S. Nelson

How to Encrypt and Transmit Files in Informatica Cloud with a Single Mapping Object

Scott S NelsonLeave a comment

Recently I had the need to encrypt a file before sending it via FTP. A colleague of mine (JayJay Zheng) had discovered that a Mapping object could perform an FTP by configuring the Source transformation with a File Processor connection and then entering the FTP connection details as Query Options on the connection as shown below:

SFTP with a Mapping Object
SFTP with a Mapping Object

When it came time to encrypt the file prior to transmission, I found KB 476543, HOW TO: Encrypt the data in Data Synchronization task within Informatica Cloud, which did the trick. But in a later design review session, the same colleague pointed out that the number of objects to be maintained could be reduced by using the same Mapping configuration approach as done for FTP with the encryption and running them in sequence within the mapping:

Encrypt and FTP in one Mapping with Piping
Encrypt and FTP in one Mapping with Piping
Facebooktwitterredditlinkedinmail
© Scott S. Nelson

How Not to Miss Your New Informatica Cloud Connection

Scott S NelsonLeave a comment

Today I was faced with a requirement clarification where the target of a File Connector needed to be on a network drive rather than on the SecureAgent server. This is pretty straightforward on Linux where you simply mount the network drive and point to the mount point, but this was a Windows installation which I have not worked with much lately.

To be cautious, I made copies of my working objects to test the change before updating something that I knew worked, specifically the Mapping and Flat File Connection. The change failed, with the cryptic error message “Invalid mapping import and no import log generated.”

I will spare you the various things I tried that caused me to thump my head on my desk repeatedly.

Turns out, when you change the Connection for the same type of Connection, even though the Object name remains unchanged on the screen, if you click the Select button next to the Object name you will find that the Target Object has been reset to the default, which is an existing file. Perfectly fine for updating an existing file, but not so great when your goal is to generate a new file each time. The fix is to set it back afterwards. Screens below for clarification:

Before Connection Change
Before Connection Change
After Connection Change
After Connection Change
Facebooktwitterredditlinkedinmail
© Scott S. Nelson

Establishing Address Doctor Web Service Account Password

Scott S NelsonLeave a comment

As part of the Informatica Cloud Master Certification process, there is a series of graded labs to be performed using Address Doctor web services. The web services are very nicely documented, though I struggled for some time about why I was not able to get the initial authentication working. I made the incorrect assumption that the password used to create the dashboard login account is the same as that used for making service calls. It is not.

Perhaps it is only with the free account used for training, but the web service account password was never sent to me. Once I figured out that it was a different password, I then needed to figure out how to change it, which I will share here.

Step 1: Locate your account ID

AD_DQC_PW_SCR01

Step 2: Log out of the Data Quality Center and click the link to Login Using Account ID

AD_DQC_PW_SCR02

Step 3: Click Forgot My Password

AD_DQC_PW_SCR03

Step 4: Provide the Account ID and your Email Address

AD_DQC_PW_SCR04

Step 6: Use the password that is emailed to you to log in and run Web Services

You can change this provide password if you like from the screen where your obtained your account ID.

Facebooktwitterredditlinkedinmail
© Scott S. Nelson