| Wiki Markup |
|---|
{scrollbar}
{quote}
* |
Note:
...
The
...
Single
...
Sign-On
...
(SSO)
...
Enable
...
Script
...
is
...
part
...
of
...
the
...
Pentaho
...
BI
...
Suite
...
Enterprise
...
Edition,
...
which
...
you
...
can
...
read
...
about
...
in
...
...
...
...
...
.
Overview
Single sign-on
...
(SSO)
...
allows
...
a
...
user
...
to
...
authenticate
...
then
...
request
...
secured
...
resources
...
from
...
members
...
of
...
the
...
SSO
...
system
...
without
...
subsequent
...
re-authentication.
...
Pentaho
...
can
...
integrate
...
with
...
SSO
...
systems
...
like
...
...
...
and
...
...
.
...
For
...
more
...
information,
...
please
...
refer
...
to
...
the
...
Spring
...
Security
...
documentation
...
on
...
...
...
...
(in
...
the
...
Pre-Authentication
...
chapter)
...
and
...
...
...
.
...
The
...
remainder
...
of
...
this
...
document
...
discusses
...
integrating
...
Pentaho
...
with
...
CAS.
...
Central
...
Authentication
...
Service
...
CAS is a single sign-on
...
service.
...
When
...
users
...
explicitly
...
attempt
...
to
...
login
...
(also
...
known
...
as
...
authenticate
...
)
...
or
...
when
...
users
...
request
...
a
...
resource
...
which
...
requires
...
authentication,
...
they
...
are
...
redirected
...
to
...
the
...
CAS
...
application.
...
It
...
alone
...
handles
...
the
...
username
...
and
...
password
...
submitted
...
by
...
the
...
user.
...
Upon
...
successful
...
login,
...
CAS
...
returns
...
the
...
user
...
to
...
the
...
resource
...
originally
...
requested.
...
It
...
is
...
up
...
to
...
the
...
application
...
containing
...
the
...
requested
...
resource
...
to
...
grant
...
or
...
deny
...
access
...
based
...
on
...
authorization
...
rules
...
inside
...
that
...
application.
...
Note
...
that
...
CAS
...
provides
...
only
...
the
...
name
...
of
...
the
...
authenticated
...
user
...
to
...
each
...
application;
...
it
...
is
...
up
...
to
...
each
...
application
...
to
...
fetch
...
the
...
roles
...
belonging
...
to
...
the
...
authenticated
...
user.
...
Once
...
it
...
has
...
fetched
...
the
...
roles
...
belonging
...
to
...
an
...
authenticated
...
user,
...
it
...
can
...
make
...
authorization
...
decisions
...
based
...
on
...
those
...
roles.
...
In
...
CAS
...
terminology,
...
a
...
"service
...
app"
...
refers
...
to
...
a
...
"client"
...
of
...
the
...
Central
...
Authentication
...
Service;
...
it
...
relies
...
on
...
CAS
...
to
...
authenticate
...
users
...
for
...
it.
...
The
...
Pentaho
...
BI
...
Platform
...
is
...
a
...
service
...
app.
...
Also
...
note
...
that
...
the
...
backing
...
database
...
used
...
by
...
CAS
...
to
...
check
...
usernames
...
and
...
passwords
...
is
...
not
...
necessarily
...
the
...
same
...
backing
...
database
...
used
...
by
...
client
...
applications
...
to
...
fetch
...
roles.
...
Integrating
...
Pentaho
...
with
...
CAS
...
SSO
...
Enabling
...
CAS
...
SSO
...
in
...
Pentaho
...
is
...
as
...
simple
...
as
...
...
...
...
...
...
,
...
which
...
is
...
part
...
of
...
the
...
Pentaho
...
BI
...
Suite
...
Enterprise
...
Edition.
...
The
...
script
...
assumes
...
that
...
a
...
CAS
...
server
...
is
...
already
...
configured.
...
However,
...
if
...
you
...
are
...
setting
...
up
...
a
...
new
...
CAS
...
server,
...
some
...
helpful
...
tips
...
can
...
be
...
found
...
in
...
...
...
...
...
.
...
| Child pages (Children Display) |
|---|
...