Bypass STP Login Screen Using Hard-Coded Credentials - Execute SAS Stored Process from Web

Question

Is there a way to hard-code _username and _password macro variables in a stored process to be passed as login credentials when executed from SAS Stored Process Web?

For testing purposes I'm trying to execute my stored process from a link like this, and to have the hard-coded credentials in the program do the authentication:

http://server-name.com:8080/SASStoredProcess/do?_program=/path/to/program

I've spent a lot of time researching and I've seen how input parameters can be specified in the URL, so I'm not looking for that. I am wondering if the program code itself can do the authentication.

Answer 1

You can use a guest account to run a stored process for webanon@saspw user, but if this user is not presented in environment additional configuration should be done.

You can run a stored process like this:

http://server-name.com:8080/SASStoredProcess/guest?_program=/path/to/program

Using this link you are automatically logged in on webanon@saspw user.

Answer 2

I don't think I you can have code in the stored process itself do the authentication, because the authentication happens before the stored process runs. The authentication may determine whether or not the user can even see the stored process.

Thats said, there are doubtless many options for how to handle the authentication, beyond passing the username and password in the URL. But I'm not the best person to expound on those.