...
By default, the platform defines an administrative role called Admin
. Use the steps below to change this value. For the examples below, assume that the new administrative role is called "NewAdmin
."
pentaho.xml
In pentaho.xml
, update the admin-role
element within the acl-voter element.
Code Block | xml | xml |
---|
Wiki Markup |
{quote*Be Careful:* In Pentaho security, role name case is important! A role named ADMIN is not the same as a role named Admin. For example, using the role named ADMIN when editing access control lists will not match a user who has been granted a role named Admin.{quote} By default, the platform defines an administrative role called {{Admin}}. Use the steps below to change this value. For the examples below, assume that the new administrative role is called "{{NewAdmin}}." h2. pentaho.xml In {{pentaho.xml}}, update the {{admin-role}} element within the acl-voter element. {code:xml} <pentaho-system> <acl-voter> <admin-role>NewAdmin</admin-role> ... {code} Additionally, replace any references to the old administrative role within the {{default-acls}} element within the acl-publisher element. |
...
Code Block | ||
---|---|---|
xml | xml | {code:xml} <pentaho-system> <acl-publisher> <default-acls> <acl-entry role="NewAdmin" acl="ADMIN_ALL" /> ... {code} {quote}*Warning:* If you modify the {{acl-publisher}} element, you'll probably need to re-apply the default ACLs. Please see [Re-Applying Default ACL|Re-Applying Default ACL]. Be careful though as re-applying default ACLs will reset any ACLs created through the Admin Permissions interface. |
...
{quote} h2. applicationContext-acegi-security.xml |
...
Using the [Acegi Security documentation|http://www.acegisecurity.org/docbook/acegi.html] (section 21.3) as your guide, modify the {{objectDefinitionSource}} property of the {{filterInvocationInterceptor}} bean to match the new admin group. |
...
{quote}*Warning:* While the example below only shows a single url to role mapping, multiple lines in {{objectDefinitionSource}} refer to the administrative role and therefore must be changed too. |
...
Code Block | ||
---|---|---|
xml | xml | {quote} {code:xml} <property name="objectDefinitionSource"> <value> <![CDATA[ CONVERT_URL_TO_LOWERCASE_BEFORE_COMPARISON ... \A/admin.*\Z=NewAdmin ... ]]> </value> </property> {code} |