Afaik for Application Roles to take place, user should re-login -- Roles are assigned on login. So -- no need to restart the web application, but user should log out and login again.

And yes, Application Roles is a great tool to minimize privileges that are given to the user directly

a) Try setting error page as %CSP.Error.cls for this web application, then errors are shown on the page itself, instead of being logged

b) Reproduce the error with ^%ISCLOG enabled:

kill ^%ISCLOG
set ^%ISCLOG = 3

Reproduce the error quickly.
Disable ^%ISCLOG

set ^%ISCLOG = 0

Check for errors in ^%ISCLOG:

 zwrite ^%ISCLOG

Also, you can create calculated dimension member and sort members by PROPERTIES("KEY") using following expression:


Hi Lee.

"For example, for the error log I am trying to display, it's a table that has just 16 rows and 6 columns. The columns I turn into dimensions. If I crossjoin more than 3 of the columns, I will timeout/freeze."

Can you provide reproducible case? It would be interesting to look into this. Not that crossjoining of three dimensions is a best practice, but it should work quickly for 16 rows.

Now to your questions.

  • How do we prevent double columns for the 1st column?

Go to Widgets -> [your widget] -> Data Properties.

Define properties for your columns.

On the ID property put checkbox "hidden"

  • How to prevent putting commas in the numbers:

Put "#" in the format field [0]

*How to format date to be returned in external format.

As far as I know, you should do this in the SQL query itself.



I think what you did is a proper way to do this, because WSDL itself does not define this type, so there is no way for IRIS to figure out it automatically.


You need to specify

Parameter ARGUMENTSTYLE = "message";

For example:

Class delme.SoapService Extends %SOAP.WebService [ Language = objectscript, ProcedureBlock ]

Parameter ARGUMENTSTYLE = "message";

Parameter SERVICENAME = "MyService";

Parameter NAMESPACE = "";

Method Test(x As %String) As %String(XMLNAME="Root") [ WebMethod ]
    Return "Test"


Then response is following:

<SOAP-ENV:Envelope xmlns:SOAP-ENV="" xmlns:xsi="" xmlns:s="">
      <Root xmlns="">Test</Root>

"Quick analysis shows that CSP Gateway for each request opens a new TCP connection to Cache SuperServer (port 1972) allocating CSP session and license slot."

That is not true.

  • Web Gateway (fka CSP Gateway) has pool of connections that it uses to handle incoming requests. If all existing connections are busy and its number is less than "Maximum Server Connections" [0] then Web Gateway indeed creates new connection. And keeps it in the pool of available connections until this connection is not used for "No Activity Timeout".

  • Each new HTTP request does not allocate CSP session. If the request identifies itself as a part of already existing session (via cookie or other means) then the CSP session is not created. Also, if this is a request to the REST or SOAP Service that has sessions disabled then session is not created.

  • Each new HTTP request does not allocate license unit. HTTP requests for existing sessions use the same license unit. HTTP requests for new sessions usually do allocate the license unit.

"SuperServer has no queues or pools"

  • It's possible to configure SuperServer to have pool of processes to be ready to handle incoming TCP connections [1]


I think both should be used.

If an application needs some privilege for itself (=for all users), e.g. for reading database with code, then this should be role for the application.

If different users within same application have different permissions then this should (can) be handled via user roles.