Versions Compared

Version Old Version 35 New Version 36
Changes made by

Former user

Former user

Saved on

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.

...

In a software system, you can secure elements of that system at different levels, depending on your needs. In a web application, you can secure specific URLs. Deeper in the application you might want to secure specific service method calls. And finally, you might want to secure particular instances of objects. This page talks about the last type of security. Users of the Pentaho platform might wish to have a very precise level of control over objects in their solution repository. The Pentaho BI Platform provides this control.

...

titleUseful Information

Note: This page describes key security classes in the Pentaho BI Platform. Unless otherwise noted, these classes can be found in

...

org.pentaho.platform.engine.security. Class packages will be omitted in the discussion below.

Security in the platform is based in part on the Acegi Security System for Spring. Classes that are part of Acegi Security are marked with Acegi.

...

SecurityHelper

SecurityUtils SecurityHelper is an important class because it shields client code from the complexity of the security implementation (e.g. voters, ACL holders, etc). Below is a class diagram along with the two clients that use SecurityUtils SecurityHelper for authorization purposes.

Panel
bgColor#FFFFFF
titleSecurityUtils SecurityHelper along with its major clients

...

For every domain object, there is exactly one access control list. Add to that a user that wants to perform some operation on that object and that adds up to three inputs: a recipient, an operation, and an ACL. But what makes the "access granted" or "access denied" decision given these three pieces of information? The answer to that question is an IAclVoter. An instance of IAclVoter contains an all-important hasAccess method. It takes the three aforementioned inputs and returns a boolean result: true meaning access granted and false meaning access denied. An ACL voter is a singleton; there is only one instance per Java virtual machine. It is specified in pentaho.xml.

One might ask: How many ways can a voter arrive at a decision? Assume that user sally has the following granted authorities: ROLE_DEV and ROLE_MGR. Also assume that the ACL for a particular object contains the following entries: (sally, read), (ROLE_DEV, readwrite). Both ACL entries are applicable to sally since the first specifies sally (and she is sally) and the second specifies ROLE_DEV (and she has been granted the ROLE_DEV authority). Should the voter grant or deny a request to write to the object associated with this ACL? This is where extensibility of the voting system comes in. The Pentaho BI Platform provides multiple implementations of IAclVoter that each make different decisions in this situation! As the user of the platform, you decide how access decisions are made through your choice of IAclVoter. For more information about IAclVoter implementations, see 12. IAclVoter Node.

...