Skip to end of metadata
Go to start of metadata

You are viewing an old version of this page. View the current version.

Compare with Current View Page History

« Previous Version 2 Next »

The security features of the Pentaho Professional BI Platform cannot be removed. However, they can be effectively removed by using the following steps. Essentially, the idea is to create a single user and role and give system-wide access to that user.

  1. Allow anonymous access to all web resources by editing the objectDefinitionSource on the FilterSecurityInterceptor to look like the example below.
  2. Use PentahoAllowAnonymousAclVoter as your IAclVoter implementation. See 03. pentaho.xml for a description of how to configure this voter. When configuring this voter, you will define the anonymous user and role. That user and/or role should be used when assigning ACLs.
  3. Assign ACLs using the user and role defined in the previous step.
applicationContext-acegi-security.xml
<bean id="filterInvocationInterceptor"
  class="org.acegisecurity.intercept.web.FilterSecurityInterceptor">
  <property name="authenticationManager">
    <ref local="authenticationManager" />
  </property>
  <property name="accessDecisionManager">
    <ref local="httpRequestAccessDecisionManager" />
  </property>
  <property name="objectDefinitionSource">
    <value>
      <![CDATA[
        CONVERT_URL_TO_LOWERCASE_BEFORE_COMPARISON
        PATTERN_TYPE_APACHE_ANT
        /**=ROLE_ANONYMOUS
      ]]>
    </value>
  </property>
</bean>
  • No labels