Skip to end of metadata
Go to start of metadata

You are viewing an old version of this page. View the current version.

Compare with Current View Page History

« Previous Version 3 Next »

Interactive Login

When a user enters his or her username and password and clicks submit on a login form, it is referred to as an interactive login. The act of processing that form post is called authentication. Note that authentication is a prerequisite to authorization. The Pentaho Professional BI Platform uses Acegi Security to process authentication requests. All of the authentication mechanisms mentioned below delegate to an AuthenticationManager, an Acegi Security type, to make the authentication decision. Out-of-the-box authentication mechanisms provided by the platform are form, basic, and request parameter.

Form-Based Authentication

Form-based authentication lets developers customize the authentication user interface. While the J2EE specifications provide a standard way to specify the login page URL access requirements, there still is container-specific configuration to specify how to read usernames and passwords from a security datastore. This is one reason that the platform uses Acegi Security. The Acegi Security class that processes form posts is AuthenticationProcessingFilter.

Login Page

Login Page

Blank Login Form

Login Form After Bad Credentials Submitted

Login Form After Generic Security Error

Login Form While Logged In

Login Form After Session Re-Use Detected

Logout Page

Basic Authentication

Basic authentication is part of the HTTP specification. It is simple but relatively inflexible. Acegi Security implements Basic authentication using BasicProcessingFilter and BasicProcessingFilterEntryPoint.

Request Parameter Authentication

RequestParameterAuthenticationFilter provides security services for Pentaho Spreadsheet Services (PSS). It allows the user requesting access to provide his or her username and password on the query string of the URL. The credentials are unencrypted.

  • No labels