If you want to disable security for a particular action sequence, you'll need to (1) set the appropriate access control list (ACL) entries on the action sequence, (2) switch your IAclVoter implementation, and (3) adjust the authorization rules for the ViewAction servlet in applicationContext-acegispring-security.xml.
Assume that you have a folder named public in the solution named myorgfinance that you want to open up to unauthenticated (i.e. anonymous) users. In other words, you want to allow anonymous users to run any action sequence in the public folder of the myorgfinance solution.
- Login to the Pentaho User Console as a Pentaho administrator.
- Navigate to the
publicfolder in themyorgfinancesolution. - Right-click the
publicfolder and click Properties. - Click on the Share tab.
- Grant appropriate permissions (for example, Execute) to the role named
Anonymous. - Open
pentahoObjects.spring.xmland change theIAclVoterimplementation class toorg.pentaho.platform.engine.security.acls.voter.PentahoAllowAnonymousAclVoter. Note thatPentahoAllowAnonymousAclVoterdoes not by itself allow access by anonymous users to anything--it simply creates an anonymous token for use in voting decisions. You still have to grant access to theAnonymousrole (like you did in the steps above). - Open
applicationContext-acegispring-security.xml, located in thepentaho-solutions/system, and edit thefilterInvocationInterceptorbean'sobjectDefinitionSourceproperty.Warning: All characters between the
\Aand\Zmust be lowercase in order for a match to occur.Code Block xml xml title applicationContext-acegispring-security.xml ... \A/viewaction.*solution.myorgfinance.*path.public.*\Z=Anonymous,Authenticated ... \A/.*\Z=Authenticated
- Restart the Pentaho BI Server.