You can embed the DAS console into a self-managed O&M platform in logon-free access mode. Before you embed the DAS console, you must create a RAM user and attach the Security Token Service (STS) policy to the RAM user. This topic describes how to embed the DAS console.

Prerequisites

A RAM user is created and the STS policy is attached to the RAM user. For more information, see Grant permissions to a RAM user.

Procedure

  1. Call the AssumeRole operation to obtain a temporary user identity for assuming a role.
    Note
    • For more information about how to obtain a temporary user identity, see AssumeRole.
    • For more information about RAM roles, see RAM role overview.
  2. Use the security token to obtain a logon token.
    Note The TicketType value can be normal or mini.
    • By default, this parameter is set to normal, and the DAS domain name is HDM Console.
    • If this parameter is set to mini for the partner BID, the DAS domain name is HDM Service Console.
  3. Specify a logon-free URL to the DAS page.
    1. The URL is in the following format:
      https://signin.aliyun.com/federation?Action=Login                      
      &LoginUrl=<Logon URL on the self-managed website that is configured to return the HTTP status code 302 to redirect to another page>                      
      &Destination=<The DAS page to be actually accessed>                      
      &SigninToken=<Logon token>
      Note The DAS page in the Destination field is determined by the TicketType parameter that is specified in Step 2.
      • If the parameter is set to normal, the DAS domain name is https://hdm.console.aliyun.com.
      • If the parameter is set to mini, the DAS domain name is https://hdm4service.console.aliyun.com.
    2. If you want to embed the DAS dashboard page, you can set the Destination field to https://hdm.console.aliyun.com/?hideTopbar=true&isShare=true&hideMenu=true#/dashboard/convoy.
      Note The isShare=true and hideTopbar=true parameters before # are required.
      Parameter Description
      isShare=true Specifies whether to embed the DAS console into an external console.
      hideTopbar=true Specifies whether to hide the top navigation bar of the DAS console.
      hideMenu=true Specifies whether to hide the DAS external menu.
      hideInstanceMenu=true Specifies whether to hide the sidebars of the DAS instance details page and the external console.
    3. Sample code:
      private static String getHdmLoginUrl(String pageUrl, String signInToken) throws URISyntaxException {  
      URIBuilder builder = new URIBuilder(SIGN_IN_DOMAIN);  
      builder.setParameter("Action", "Login");  
      // Specify the logon URL on the self-managed website that is configured to return the HTTP status code 302 to redirect to another page.  
      builder.setParameter("LoginUrl", "https://signin.aliyun.com/login.htm");  
      // Specify the DAS page to be actually accessed, such as the global dashboard, the real-time dashboard, or the instance details page.  
      builder.setParameter("Destination", pageUrl);  
      builder.setParameter("SigninToken", signInToken);  
      HttpGet request = new HttpGet(builder.build());  
      return request.getURI().toString();}