Configuring a proxy account for relational data connections

Removed in v2.0.8 Configure a proxy account to authenticate TM1 Web connections to relational databases.

Administrators can ensure that, when a TM1 Web user runs an SQL query against a relational datasource, they are not prompted and they are authenticated against a proxy account. The proxy account stores connection information that is stored in the websheet.

You must use the Java instance that is included in your TM1 installation. Because proxy account configuration uses JDBC, all operating systems are supported.

Note: If no connection information is defined in the websheet or the user does not enter the correct proxy account information, they are prompted for alternative authentication. For more information, see Viewing relational data in TM1 Web.

You can maintain proxy account information in the relational_host.xml file.

relational_hosts.xml

The relational_hosts.xml file is used to authenticate a TM1 connection to a relational database. It contains the following parameters:

keypath: The location of the relational.key file.; If no path is specified, the relational.key file appears in the following location:; tm1web\WEB-INF\cert\key\relational.key
datasource name: The name given to the data source.
excelhost: The relational database name or IP address of the connection defined in the websheet.
host: The relational database name or IP address of the connection to be used on the server.; This parameter can assist you when you migrate websheets from development to production. If you define a query in Excel against a database DBDev, the excelhost value should be defined as DBDev.; In the development environment, you would set the host to DBDev as well, so that queries in TM1 Web are run against the development relational database server.; When you change to the production environment, you would set the host to DBProd, so that queries in TM1 Web are run against the production relational database server. This way, the websheet database connection does not need to be changed.
username: The encrypted user name that is stored in the relational.key file.
password: The encrypted password that is stored in the relational.key file.

RelationalEncryptor.jar

The RelationalEncryptor.jar file is a command line tool that generates the relational.key file. It also creates or updates entries in the relational_hosts.xml file.

Use the command with the following syntax:

java -jar RelationalEncryptor.jar name excelhost realhost username password

relational.key

The relational.key file contains the encrypted user name and password that appears in the relational_hosts file.

The default location is tm1web\WEB-INF\cert\key\relational.key. However, the location can be changed using the keypath parameter in the relational_hosts.xml file.