Unable to render {include} The included page could not be found.
Configuring security involves quite a few steps. Use the list below to make sure you've covered everything.
- Plan.
You must plan out your security before telling Pentaho how to use it. For example, you must also have the appropriate security back-ends (e.g. LDAP) in place.- Determine your roles.
What roles (out of potentially many) will have meaning in the Pentaho BI Platform? - Determine which roles should have access to particular URLs.
This is web resource authorization. Example question: What role will be considered the Pentaho administrator? - Determine which roles should have which permissions to particular action sequences in the solution repository.
This is domain object authorization. Example question: Will roleA
be allowed to execute action sequences in folderX
?
- Determine your roles.
- If you'd like to use a role prefix, define one. (By default, there is no role prefix.)
- Enable action sequence security.
- Define the Pentaho administrator role.
- Take the domain object authorization rules (from the earlier planning step) and define them in the IAclPublisher section of pentaho.xml. *
- Apply the ACLs.
- Take the web resource authorization rules (from the earlier planning step) and define them in the
filterInvocationInterceptor
bean inapplicationContext-acegi-security.xml
. - Optionally, customize the login page.
* Don't forget any applicable overrides. Note: An alternative to overrides is the Permissions UI located in the Admin area. Which one you use (i.e. overrides or the Permissions UI) depends on personal preference.