Meta Integration® Model Bridge (MIMB)
"Metadata Integration" Solution

MIMB Bridge Documentation

MIMB Import Bridge from TIBCO Spotfire Server (Repository)

Bridge Specifications

Vendor TIBCO Software Inc.
Tool Name Spotfire Server
Tool Version 7.13 or newer
Tool Web Site https://spotfire.tibco.com
Supported Methodology [Business Intelligence] Multi-Model, BI Report (Relational Source, Expression Parsing, Report Structure) via Java API

SPECIFICATIONS
Tool: TIBCO Software Inc. / Spotfire Server version 7.13 or newer via Java API
See https://spotfire.tibco.com
Metadata: [Business Intelligence] Multi-Model, BI Report (Relational Source, Expression Parsing, Report Structure)
Component: TibcoSpotfireServer version 11.2.0

DISCLAIMER
This import bridge requires internet access to download third-party libraries:
- such as https://repo.maven.apache.org/maven2/ to download open source third-party libraries,
- and more sites for other third-party software such as database specific JDBC drivers.

The downloaded third-party libraries are stored into $HOME/data/download/MIMB/
- If HTTPS fails, the import bridge then tries with HTTP.
- If a proxy is used to access internet, you must configure that proxy in the JRE (see the -j option in the Miscellaneous parameter).
- If the import bridge does not have full access to internet, that $HOME/data/download/MIMB/ directory can be copied from another server with internet access where the command $HOME/bin/MIMB.sh (or .bat) -d can be used to download all third-party libraries used by all bridges at once.

By running this import bridge, you hereby acknowledge responsibility for the license terms and any potential security vulnerabilities from these downloaded third-party software libraries.

OVERVIEW
This import bridge imports from Tibco Spotfire Server.

REQUIREMENTS
This import bridge connects to Spotfire server using the WebService API and OAuth 2.0 protocol for authentication and authorization.
Before the API can be used, an OAuth 2.0 API client must be registered.
You must complete the following configuration steps to register an OAuth 2.0 API client in the Spotfire server:
- On the computer running Spotfire Server, open a command line as an administrator
- Change the directory to the location of the command line configuration tool (config.bat on Windows, config.sh on Linux).
The default location is $server installation dir$/tomcat/bin
- Export the active server configuration from the Spotfire database into a local configuration.xml file by using the export-config command.
Example: config export-config --tool-password=mypassword
- Use the register-api-client command to register an OAuth API client.
Example: config register-api-client -n OAuthClient1 -Sapi.soap.library-service
All information needed to use the client, including a client ID and a client secret, will be shown after successful completion of the command.
For example:
Client ID: eeb2e41a2ae5d7df13cc600b5973727e.oauth-clients.spotfire.tibco.com
Client secret: 797fc101fbb1d0aa599e65413b33a90b713a65f7f667ee61f61506cc1e76a9a5
To view the full oauth client configuration, you can use the 'show-oauth2-client' command.

The bridge uses such URL to download DXP documents by their GUID identifier, for example:
http[s]://server:port/spotfire/library?id=672418a9-7c64-44ec-88b6-f36a090fe9a5
Downloading DXP documents as local file is a function that can be enabled in the license.
In Spotfire Analyst, using menu Tools -> Administration manager
Groups and Licenses -> select a group -> Licenses -> Tibco Spotfire Enterprise Player -> Save Spotfire Analysis File
The selected group (such as 'Everyone' or 'OAuth2 Client') should contain the user account used for downloading.

Some servers may also restrict DXP download with custom server configuration, according to this support article:
https://support.tibco.com/s/article/How-to-block-restrict-Save-Spotfire-Analysis-File-option-when-using-the-Spotfire-web-player-link
Please ask your server administrator to enable download of DXP documents.

FREQUENTLY ASKED QUESTIONS
Q: I am encountering an HTTP 403 error, while trying to download DXP documents from the Spotfire library.
A: Utilize the "Download user" and "Download password" fields, note this account must have the necessary permissions in order to download the DXP Documents.
Note, for Spotfire versions 11.4.2 and greater, OAuth authentication is no longer supported for downloading DXP documents.

LIMITATIONS
Refer to the current general known limitations at http://metaintegration.com/Products/MIMB/MIMBKnownLimitations.html or bundled in Documentation/ReadMe/MIMBKnownLimitations.html

InformationLinks are not supported, because there is no public metadata API for them.

SUPPORT
Provide a troubleshooting package with:
- the debug log (can be set in the UI or in conf/conf.properties with MIR_LOG_LEVEL=6)
- the metadata backup if available (can be set in the Miscellaneous parameter with -backup option, although this common option is not implemented on all bridges for technical reasons).
To verify that the server is up and running and check the server properties, you may point your web browser to URL:
http://server:port/spotfire/manifest

To verify that the WebService API is available, you may point your web browser to URL:
http://server:port/spotfire/api/soap/LibraryService/wsdl
This WebService API is available since Spotfire server version 7.13.0
Older versions of the WebService API are deprecated, and therefore not supported.


Bridge Parameters

Parameter Name Description Type Values Default Scope
Server URL Specify here the Tibco Spotfire Server URL.
The default URL is usually: http://localhost:8080/spotfire

Accessing Spotfire Server via HTTPS:
In order to connect to the Spotfire Server via HTTPS, you need to import the server certificate into the client machine Java trust store.
1. Copy the Spotfire Server certificate to the client machine, for example in jre\lib\security\server.cer
2. Open a command prompt window, and set the local directory:
cd jre\lib\security
3. If the jssecacerts trust store is missing, make a copy of the default cacerts file:
copy cacerts jssecacerts
4. Import the server certificate file into the trust store:
..\..\bin\keytool.exe -importcert -alias serveralias -file server.cer -keystore jssecacerts
Enter keystore password: changeit
Trust this certificate? [no]: yes
STRING   http://localhost:8080/spotfire Mandatory
Login User The username which the import bridge will use to log in. Be sure this user name has necessary permissions to access the objects you wish to import.
This corresponds to the Client ID for an OAuth 2.0 authentication method.
STRING     Mandatory
Login password The password associated with the username which the import bridge will use to log in.
This corresponds to the Client secret for an OAuth 2.0 authentication method.
PASSWORD     Mandatory
Download user The username which the import bridge will use to download DXP documents. Be sure this user name has necessary permissions to access the objects you wish to import.
For Spotfire versions older than 11.4.2, the OAuth user account allows downloading, so this parameter is not necessary, you can leave the value empty.
For Spotfire versions 11.4.2 and greater, downloading DXP documents via OAuth authentication is no longer supported, so this parameter is necessary.

Basic Http authentication is used by default.
If the server is configured for SSO authentication (for example Kerberos), you should configure such runtime properties below:

-Djava.security.krb5.conf=C:\Windows\krb5.ini
This defines the Kerberos Key Distribution Center (KDC) configuration file location

-Djava.security.auth.login.config=C:\Windows\jaas.conf
This defines the JAAS login configuration file location

-Djavax.security.auth.useSubjectCredsOnly=false

-Dhttp.auth.preference="scheme"
This defines a preferred authentication scheme like "basic", "SPNEGO", "Kerberos" or "NTLM"

-Dhttp.auth.ntlm.domain=mydomain
This defines an NTLM domain

-Djava.security.debug=gssloginconfig

-Dsun.security.krb5.debug=true
-Dsun.security.jgss.debug=true
-Dsun.security.spnego.debug=true
This enables troubleshooting output for an Oracle JVM

-Dcom.ibm.security.krb5.Krb5Debug=all
-Dcom.ibm.security.jgss.debug=all
This enables troubleshooting output for an IBM JVM

For details, refer to the JVM documentation:
https://docs.oracle.com/javase/8/docs/technotes/guides/net/http-auth.html
https://docs.oracle.com/javase/8/docs/technotes/guides/security/jgss/tutorials/BasicClientServer.html#TheLCF
https://docs.oracle.com/javase/8/docs/technotes/guides/security/jgss/tutorials/Troubleshooting.html
https://docs.oracle.com/javase/8/docs/technotes/guides/security/troubleshooting-security.html
STRING      
Download password The password associated with the download user. PASSWORD      
Library subset Specify one or more IDs of documents and/or folders to be retrieved from the Spotfire library, separated by semicolons (;).
By default, an empty value means all documents.
Library Datasource connections will be retrieved when used by selected documents.
Note: Local connections (Datasource connection defined inside documents) will not be imported as Library Datasource connections.
REPOSITORY_SUBSET      
Import local connections Specify one or more IDs of documents with local connections to be retrieved from the Spotfire library, separated by semicolons (;) where the Local connections (Datasource connection defined inside these documents) will be promoted to Library Datasource connections. REPOSITORY_SUBSET      
Miscellaneous INTRODUCTION
Specify miscellaneous options starting with a dash and optionally followed by parameters, e.g.
-connection.cast MyDatabase1="MICROSOFT SQL SERVER"
Some options can be used multiple times if applicable, e.g.
-connection.rename NewConnection1=OldConnection1 -connection.rename NewConnection2=OldConnection2;
As the list of options can become a long string, it is possible to load it from a file which must be located in ${MODEL_BRIDGE_HOME}\data\MIMB\parameters and have the extension .txt. In such case, all options must be defined within that file as the only value of this parameter, e.g.
ETL/Miscellaneous.txt

JAVA ENVIRONMENT OPTIONS
-java.memory <Java Memory's maximum size> (previously -m)

1G by default on 64bits JRE or as set in conf/conf.properties, e.g.
-java.memory 8G
-java.memory 8000M

-java.parameters <Java Runtime Environment command line options> (previously -j)

This option must be the last one in the Miscellaneous parameter as all the text after -java.parameters is passed "as is" to the JRE, e.g.
-java.parameters -Dname=value -Xms1G
The following option must be set when a proxy is used to access internet (this is critical to access https://repo.maven.apache.org/maven2/ and exceptionally a few other tool sites) in order to download the necessary third-party software libraries.
Note: The majority of proxies are concerned with encrypting (HTTPS) the outside (of the company) traffic and trust the inside traffic that can access proxy over HTTP. In this case, an HTTPS request reaches the proxy over HTTP where the proxy HTTPS-encrypts it.
-java.parameters -java.parameters -Dhttp.proxyHost=127.0.0.1 -Dhttp.proxyPort=3128 -Dhttp.proxyUser=user -Dhttp.proxyPassword=pass

MODEL IMPORT OPTIONS
-model.name <model name>

Override the model name, e.g.
-model.name "My Model Name"

-prescript <script name>

This option allows running a script before the bridge execution.
The script must be located in the bin directory (or as specified with M_SCRIPT_PATH in conf/conf.properties), and have .bat or .sh extension.
The script path must not include any parent directory symbol (..).
The script should return exit code 0 to indicate success, or another value to indicate failure.
For example:
-prescript "script.bat arg1 arg2"

-postscript <script name>

This option allows running a script after successful execution of the bridge.
The script must be located in the bin directory (or as specified with M_SCRIPT_PATH in conf/conf.properties), and have .bat or .sh extension.
The script path must not include any parent directory symbol (..).
The script should return exit code 0 to indicate success, or another value to indicate failure.
For example:
-postscript "script.bat arg1 arg2"

-cache.clear

Clears the cache before the import, and therefore will run a full import without incremental harvesting.

If the model was not changed and the -cache.clear parameter is not used (incremental harvesting), then a new version will not be created.
If the model was not changed and the -cache.clear parameter is set (full source import instead of incremental), then a new version will be created.

-backup <directory>

This option allows to save the bridge input metadata for further troubleshooting. The provided <directory> must be empty.

The primary use of this option is for data store import bridges, in particular JDBC based database import bridges.

Note that this option is not operational on some bridges including:
- File based import bridges (as such input files can be used instead)
- DI/BI repository import bridges (as the tool's repository native backup can be used instead)
- Some API based import bridges (e.g. COM based) for technical reasons.

DATA CONNECTION OPTIONS
Data Connections are produced by the import bridges typically from ETL/DI and BI tools to refer to the source and target data stores they use. These data connections are then used by metadata management tools to connect them (metadata stitching) to their actual data stores (e.g. databases, file system, etc.) in order to produce the full end to end data flow lineage and impact analysis. The name of each data connection is unique by import model. The data connection names used within DI/BI design tools are used when possible, otherwise connection names are generated to be short but meaningful such as the database / schema name, the file system path, or Uniform Resource Identifier (URI). The following option allows to manipulate connections. These options replaces the legacy options -c, -cd, and -cs.

-connection.cast ConnectionName=ConnectionType

Casts a generic database connection (e.g. ODBC/JDBC) to a precise database type (e.g. ORACLE) for SQL Parsing, e.g.
-connection.cast "My Database"="MICROSOFT SQL SERVER".
The list of supported data store connection types includes:
ACCESS
APACHE CASSANDRA
DB2/UDB
DENODO
GOOGLE BIGQUERY
HIVE
MYSQL
NETEZZA
ORACLE
POSTGRESQL
PRESTO
REDSHIFT
SALESFORCE
SAP HANA
SNOWFLAKE
MICROSOFT SQL AZURE
MICROSOFT SQL SERVER
SYBASE SQL SERVER
SYBASE AS ENTERPRISE
TERADATA
VECTORWISE
HP VERTICA

-connection.rename OldConnection=NewConnection

Renames an existing connection to a new name, e.g.
-connection.rename OldConnectionName=NewConnectionName
Multiple existing database connections can be renamed and merged into one new database connection, e.g.
-connection.rename MySchema1=MyDatabase -connection.rename MySchema2=MyDatabase

-connection.split oldConnection.Schema1=newConnection

Splits a database connection into one or multiple database connections.
A single database connection can be split into one connection per schema, e.g.
-connection.split MyDatabase
All database connections can be split into one connection per schema, e.g.
-connection.split *
A database connection can be explicitly split creating a new database connection by appending a schema name to a database, e.g.
-connection.split MyDatabase.schema1=MySchema1

-connection.map SourcePath=DestinationPath

Maps a source path to destination path. This is useful for file system connections when different paths points to the same object (directory or file).
On Hadoop, a process can write into a CSV file specified with the HDFS full path, but another process reads from a Hive table implemented (external) by the same file specified using a relative path with default file name and extension, e.g.
-connection.map /user1/folder=hdfs://host:8020/users/user1/folder/file.csv
On Linux, a given directory (or file) like /data can be referred to by multiple symbolic links like /users/john and /users/paul, e.g.
-connection.map /data=/users/John -connection.map /data=/users/paul
On Windows, a given directory like C:\data can be referred to by multiple network drives like M: and N:, e.g.
-connection.map C:\data=M:\ -connection.map C:\data=N:\

-connection.casesensitive ConnectionName

Overrides the default case insensitive matching rules for the object identifiers inside the specified connection, provided the detected type of the data store by itself supports this configuration (e.g. Microsoft SQL Server, MySql etc.), e.g.
-connection.casesensitive "My Database"

-connection.level AggregationLevel

Specifies the aggregation level for the external connections, e.g.-connection.level catalog
The list of the supported values:
server
catalog
schema (default)

TIBCO SPOTFIRE OPTIONS
-r

Remove the report pages and their graphical structure.

-pi

Import the document's preview image, storing the PNG image in base64.
STRING      

 

Bridge Mapping

Meta Integration Repository (MIR)
Metamodel
(based on the OMG CWM standard)
"TIBCO Spotfire Server (Repository)"
Metamodel
Tibco Spotfire (Server)
Mapping Comments
     
DirectoryStructureModel Server  
Name Name  
Folder Folder  
Author Created By  
CreationTime Creation Time  
Description Description  
LastModificationTime Modification Time  
Modifier Modified By  
Name Name  
NativeId Native Id  
NativeType Native Type  
StoreContent Data Source, Information Link, Connection Data Source, Data Connection, Local Connection, Document  
Author Created By  
CreationTime Creation Time  
Description Description  
LastModificationTime Modification Time  
Modifier Modified By  
Name Name  
NativeId Native Id  
NativeType Native Type  

Last updated on Wed, 20 Mar 2024 17:44:18

Copyright © 1997-2024 Meta Integration Technology, Inc. All Rights Reserved.

Meta Integration® is a registered trademark of Meta Integration Technology, Inc.
All other trademarks, trade names, service marks, and logos referenced herein belong to their respective companies.