...
Be
...
Careful:
...
In
...
Pentaho
...
security,
...
role
...
name
...
case
...
is
...
important!
...
A
...
role
...
named
...
ADMIN
...
is
...
not
...
the
...
same
...
as
...
a
...
role
...
named
...
Admin.
...
For
...
example,
...
using
...
the
...
role
...
named
...
ADMIN
...
when
...
editing
...
access
...
control
...
lists
...
will
...
not
...
match
...
a
...
user
...
who
...
has
...
been
...
granted
...
a
...
role
...
named
...
Admin.
...
By
...
default,
...
the
...
platform
...
defines
...
an
...
administrative
...
role
...
called
...
Admin
...
.
...
Use
...
the
...
steps
...
below
...
to
...
change
...
this
...
value.
...
For
...
the
...
examples
...
below,
...
assume
...
that
...
the
...
new
...
administrative
...
role
...
is
...
called
...
"
...
NewAdmin
...
."
...
pentaho.xml
...
In
...
pentaho.xml
...
,
...
update
...
the
...
admin-role
...
element
...
within
...
the
...
acl-voter
...
element.
...
Code Block | ||||
---|---|---|---|---|
| ||||
<pentaho-system>
<acl-voter>
<admin-role>NewAdmin</admin-role>
...
{code}
|
Additionally,
...
replace
...
any
...
references
...
to
...
the
...
old
...
administrative
...
role
...
within
...
the
...
default-acls
...
element
...
within
...
the
...
acl-publisher
...
element.
...
Code Block | ||||
---|---|---|---|---|
| ||||
<pentaho-system>
<acl-publisher>
<default-acls>
<acl-entry role="NewAdmin" acl="ADMIN_ALL" />
...
{code}
{quote}* |
Warning:
...
If
...
you
...
modify
...
the
...
acl-publisher
...
element,
...
you'll
...
probably
...
need
...
to
...
re-apply
...
the
...
default
...
ACLs.
...
Please
...
see
...
...
...
...
.
...
Be
...
careful
...
though
...
as
...
re-applying
...
default
...
ACLs
...
will
...
reset
...
any
...
ACLs
...
created
...
through
...
the
...
Admin
...
Permissions
...
interface.
...
applicationContext-acegi-security.xml
...
Using
...
the
...
...
...
...
(section
...
21.3)
...
as
...
your
...
guide,
...
modify
...
the
...
objectDefinitionSource
...
property
...
of
...
the
...
filterInvocationInterceptor
...
bean
...
to
...
match
...
the
...
new
...
admin
...
group.
...
Warning:
...
While
...
the
...
example
...
below
...
only
...
shows
...
a
...
single
...
url
...
to
...
role
...
mapping,
...
multiple
...
lines
...
in
...
objectDefinitionSource
...
refer
...
to
...
the
...
administrative
...
role
...
and
...
therefore
...
must
...
be
...
changed
...
too.
...
Code Block | ||||
---|---|---|---|---|
| ||||
<property name="objectDefinitionSource">
<value>
<![CDATA[
CONVERT_URL_TO_LOWERCASE_BEFORE_COMPARISON
...
\A/admin.*\Z=NewAdmin
...
]]>
</value>
</property>
{code} |