Current ADS login uses Snowflake’s internal password – Customer would like to use ADFS SSO to authenticate.
The below assumes that Snowflake 3.10.3 drivers is installed as part of this release of ADS. See issue #15754
We need to add a separate switch for ADSF authentication in the Snowflake server properties.
41 KB
52 KB
51 KB
51 KB
6 KB
4 KB
44 KB
18 KB
20 KB
23 KB
80 KB
257 KB
83 KB
194 KB
116 KB
Also, refer to issue #156 for more details.
Here are more details. If you look in the SQL Server Connection you will see the ability to switch between a windows authentication and a SQL login. The snowflake connection needs the same thing. Now that Snowflake can integration with Active directory, adding this switch will allow for single sign on authentication. This may become a hot issue because Snowflake added the ability to integrate SSO for all instances in September. Right now, I have to give users two logins to be able to use snowflake sso and then a second one for them to use Aqua. It's a pain.
Here are more details. If you look in the SQL Server Connection you will see the ability to switch between a windows authentication and a SQL login. The snowflake connection needs the same thing. Now that Snowflake can integration with Active directory, adding this switch will allow for single sign on authentication. This may become a hot issue because Snowflake added the ability to integrate SSO for all instances in September. Right now, I have to give users two logins to be able to use snowflake sso and then a second one for them to use Aqua. It's a pain.
Revision no. 57543
Author: harish.khattri
@Tom
Is there any other scenario to test? Please confirm.
I tested these scenarios and it is working fine. I referred these scenarios from the login workflow described in the Snowflake Documentation.
Revision no. 57543
Author: harish.khattri
@Tom
Is there any other scenario to test? Please confirm.
I tested these scenarios and it is working fine. I referred these scenarios from the login workflow described in the Snowflake Documentation.
Hi Harish,
A couple more testing scenarios include:
Hope that helps,
Tom
Hi Harish,
A couple more testing scenarios include:
Hope that helps,
Tom
Hi Tom,
I fixed the scenario where user closes login window without being authenticated. Please review the code. I have tested with connection from Schema Script Generator, Server Script Generator, Server properties and ER Moduler. Right now I hardcoded time as 2 minutes. If the changes are fine then, we can make it configurable.
Revision no. 57563
Author: harish.khattri
Hi Tom,
I fixed the scenario where user closes login window without being authenticated. Please review the code. I have tested with connection from Schema Script Generator, Server Script Generator, Server properties and ER Moduler. Right now I hardcoded time as 2 minutes. If the changes are fine then, we can make it configurable.
Revision no. 57563
Author: harish.khattri
Revision no. 57563
Looks like we are introducing a new thread in ConnectionProperties > getConnectionPrivate api.
Please revert the changes. We don't want to introduce a thread here. Tom is looking into Snowflake JDBC driver properties and see if we have any timeout there.
Revision no. 57563
Looks like we are introducing a new thread in ConnectionProperties > getConnectionPrivate api.
Please revert the changes. We don't want to introduce a thread here. Tom is looking into Snowflake JDBC driver properties and see if we have any timeout there.
Hi Harish,
I agree with Asif. Let's revert the changes. I did try the following jdbc parameters but I don't think they will work because we are not trying to make the connection yet. The jdbc is waiting on the browser window for a token. Anyway, give them a try. If not, we will live with what we have so don't worry about fixing this.
Thanks,
Tom
loginTimeout
Specifies how long to wait for a response when connecting to the Snowflake service before returning a login failure error.
Default is 60 seconds.
networkTimeout
Specifies how long to wait for a response when interacting with the Snowflake service before returning an error. Zero (0) indicates no network timeout is set.
Default is 0 seconds.
queryTimeout=<number>
Specifies how long to wait for a query to complete before returning an error. Zero (0) indicates to wait indefinitely.
Default is 0 seconds.
Hi Harish,
I agree with Asif. Let's revert the changes. I did try the following jdbc parameters but I don't think they will work because we are not trying to make the connection yet. The jdbc is waiting on the browser window for a token. Anyway, give them a try. If not, we will live with what we have so don't worry about fixing this.
Thanks,
Tom
loginTimeout
Specifies how long to wait for a response when connecting to the Snowflake service before returning a login failure error.
Default is 60 seconds.
networkTimeout
Specifies how long to wait for a response when interacting with the Snowflake service before returning an error. Zero (0) indicates no network timeout is set.
Default is 0 seconds.
queryTimeout=<number>
Specifies how long to wait for a query to complete before returning an error. Zero (0) indicates to wait indefinitely.
Default is 0 seconds.
Revision no. 57565
Author: harish.khattri
Revision no. 57565
Author: harish.khattri
<ADS Automation 20.6>
Issue with Microsoft edge
Unable to login to "SnowflakeTestSSO - PARTNER7" using Microsoft Edge.
Build Version :
Aqua Data Studio 20.6.0-dev-24-no-ofsc .
Build #: 57563
Steps to reproduce:
1. Open ADS
2. Navigate to SnowflakeTestSSO - PARTNER7 db from Server list
3. Right click => Click on Connect (Image here)
4. It will Redirected to Microsoft edge browser having an alert showing "This site is not Secure" - (Image here)
5. Click on Details
6. Click on "Go on to the webpage (Not recommended)" (Image here)
7. Then pop-up comes to enter username and password (Image here)
8. Enter system credentials
9. It starts appearing popup repeatedly to enter password and does not redirect to the expected web page
<ADS Automation 20.6>
Issue with Microsoft edge
Unable to login to "SnowflakeTestSSO - PARTNER7" using Microsoft Edge.
Build Version :
Aqua Data Studio 20.6.0-dev-24-no-ofsc .
Build #: 57563
Steps to reproduce:
1. Open ADS
2. Navigate to SnowflakeTestSSO - PARTNER7 db from Server list
3. Right click => Click on Connect (Image here)
4. It will Redirected to Microsoft edge browser having an alert showing "This site is not Secure" - (Image here)
5. Click on Details
6. Click on "Go on to the webpage (Not recommended)" (Image here)
7. Then pop-up comes to enter username and password (Image here)
8. Enter system credentials
9. It starts appearing popup repeatedly to enter password and does not redirect to the expected web page
Hi Tom,
I did tried by ignoring the domain name also but It didn't worked on the given VM's for automation.
Is it fine If we use other browser than edge?
Hi Tom,
I did tried by ignoring the domain name also but It didn't worked on the given VM's for automation.
Is it fine If we use other browser than edge?
Hi Tom,
The following are some observations
Case 1:
When we try to test this with Microsoft Edge on successful redirection to the URL
Shows error like "Error 400 Bad Request"
TC - Lets not worry about Edge and just test with Firefox, Safari and Chrome
Case 2:
When we try to run test cases by manually setting Google Chrome as default browser then it is working as expected.
But We are getting an issue while setting Google Chrome as default browser programmatically as the element from the windows settings is get automatically closed on lost focus/ switching to other windows and hence Ranorex spy is unable to track it properly.
TC - Just set Chrome as the default browser manually and run the tests.
Hi Tom,
The following are some observations
Case 1:
When we try to test this with Microsoft Edge on successful redirection to the URL
Shows error like "Error 400 Bad Request"
TC - Lets not worry about Edge and just test with Firefox, Safari and Chrome
Case 2:
When we try to run test cases by manually setting Google Chrome as default browser then it is working as expected.
But We are getting an issue while setting Google Chrome as default browser programmatically as the element from the windows settings is get automatically closed on lost focus/ switching to other windows and hence Ranorex spy is unable to track it properly.
TC - Just set Chrome as the default browser manually and run the tests.
Automation test result
Automation test result
Revision no. 57628
Author: harish.khattri
Revision no. 57628
Author: harish.khattri
Verified File -> Options -> SSO Options for Snowflake. It is showing "Snowflake" instead of "Snowflake SSO Options". Please refer attached screenshot "Today's_build.png"
Link of attached image :
Verified File -> Options -> SSO Options for Snowflake. It is showing "Snowflake" instead of "Snowflake SSO Options". Please refer attached screenshot "Today's_build.png"
Link of attached image :
Verified on build 20.6.0-rc-2 on windows 10, Mac and Ubuntu 18.0.4 platforms with chrome, mozilla firefox and Safari browsers.
Verified on build 20.6.0-rc-2 on windows 10, Mac and Ubuntu 18.0.4 platforms with chrome, mozilla firefox and Safari browsers.
Issue #15719 |
Verified |
Fixed |
Resolved |
Completion |
No due date |
Fixed Build ADS 20.6.0-dev-30-no-ofsc |
No time estimate |
1 issue link |
is blocked by #15754
Issue #15754Update the Snowflake driver from 3.8.0 to 3.11.0 |
Also, refer to issue #156 for more details.