Pentaho BI Server Version: 5.4.0.1
Spring security 2.0.5.RELEASE
JBoss EAP 6.4.6 (Patch 6)
Goal: Make Pentaho application authenticate against 3rd party database. In our case (Oracle users/DB tables).
Overview: Pentaho is built on spring security and can be extended to a custom provider than JDBC, LDAP, CAS that are already supplied (un-configured) with the BI Server installation.
JAR Files: I try to use the same libraries that are shipped with pentaho.war just to be consistent. Create a new project in Eclipse and copy the following jar files.
If you don't see some of the jar files in your pentaho.war/WEB-INF/lib don't worry. This is a combined project with some other features I implemented.
Configuration Items
Edit applicationContext-spring-security-jackrabbit.xml, replace the whole bean definitions inside the top <beans> tag with the below.
Spring security 2.0.5.RELEASE
JBoss EAP 6.4.6 (Patch 6)
Goal: Make Pentaho application authenticate against 3rd party database. In our case (Oracle users/DB tables).
Overview: Pentaho is built on spring security and can be extended to a custom provider than JDBC, LDAP, CAS that are already supplied (un-configured) with the BI Server installation.
JAR Files: I try to use the same libraries that are shipped with pentaho.war just to be consistent. Create a new project in Eclipse and copy the following jar files.
If you don't see some of the jar files in your pentaho.war/WEB-INF/lib don't worry. This is a combined project with some other features I implemented.
Java Code Files
The
most important item in the above code that took me a while to figure out is
IPentahoSession, PentahoSessionHolder. We are retrieving the current users
session to IPentahoSession and inserting a userDetail object which can be
retrieved/reused in the UserDetailService method or anywhere elseJ.
And then set the session back to the main object.
2. CustomUserDetailService.java
3. CustomUserRoleListService.java
Repeat the same for getUsers(); and implement these from your database. And since the PentahoSessionHolder has userDetailsObject you can retrieve it here and get results by using users information to connect to a external DB.
Repeat the same for getUsers(); and implement these from your database. And since the PentahoSessionHolder has userDetailsObject you can retrieve it here and get results by using users information to connect to a external DB.
Configuration Items
applicationContext-spring-security-custom.xml (custom is a name that is important and if
you decide to use a different make sure it is consistent all across where custom
is). The files that needs to be edited or
added
- applicationContext-pentaho-security-custom.xml
- applicationContext-pentaho-security-jackrabbit.xml
- applicationContext-spring-security-custom.xml
- Pentaho-spring-beans.xml
- Security.properties
Make a copy of
applicationContext-pentaho-security-jdbc.xml and rename the new one with applicationContext-pentaho-security-custom.xml The new file should look like this.
Make a copy of applicationContext-spring-security-jdbc.xml and rename the new one with applicationContext-spring-security-custom.xml The new file should look like this.
Make a copy of applicationContext-spring-security-jdbc.xml and rename the new one with applicationContext-spring-security-custom.xml The new file should look like this.
Edit applicationContext-spring-security-jackrabbit.xml, replace the whole bean definitions inside the top <beans> tag with the below.
Edit the file security.properties to
match the following
If you are using URL to pass username and password, you need to set the requestParameterAuthenticationEnabled set to true in security.properites above.
You are all set – Restart BI server and try to login as your external ID's. Pay attention to getRoles/getSystemRoles in UserRoleListService as they contain the roles that are displayed in the Administration list. I have Administrator and Authenticated roles that copy the permissions of the Pentaho default roles. I have not figured out how they copy Permissions. But I am able to edit them once I am logged in as Administrator.
If you are using URL to pass username and password, you need to set the requestParameterAuthenticationEnabled set to true in security.properites above.
You are all set – Restart BI server and try to login as your external ID's. Pay attention to getRoles/getSystemRoles in UserRoleListService as they contain the roles that are displayed in the Administration list. I have Administrator and Authenticated roles that copy the permissions of the Pentaho default roles. I have not figured out how they copy Permissions. But I am able to edit them once I am logged in as Administrator.
Hi, thanks for this.
ReplyDeleteWhat did you change in applicationContext-spring-security-jackrabbit.xml and why?
I dont remember what is changed, but jackrabbit is a internal database that is used by Pentaho for folder/files maintenance that you see after you login.
ReplyDelete