Hitachi Vantara Pentaho Community Forums
Results 1 to 4 of 4

Thread: JBoss & Mondrian

  1. #1

    Default JBoss & Mondrian

    I added a security constraint to the PCI R3 with the url pattern of /*. Authentication works well, however there appears to be a problem when I access cubes (reports and dashboards are ok). The relevant portion of the log is:

    09:38:58,603 ERROR [OlapModelTag]
    mondrian.olap.MondrianException: Mondrian Error:Internal error: while parsing catalog.

    When I attempt to access the catalog schema file directly, I am forced to re-authenticate - I'm guessing this is the source of the problem. When I remove the security constraint, everything is fine.

    Is there a fix to Pivot.jsp or somewhere else I could use to work around this issue? Some other work-around?

    Thanks.
    Last edited by phart; 12-10-2006 at 04:48 PM.

  2. #2
    Join Date
    Aug 2005
    Posts
    10

    Exclamation it is a bug

    I use Acegi as the security controll. If I give GetMondrianModel a ROLE_ANONYMOUS,then /* will be ok for jpivot view. Otherwise, /* will fail. Check the log in detail, I found when the core program redirect to GetMondrianModel. Though I had logined in, it still asked for authorized information for GetMondrianModel. It seems that it lost the user info after redirect to GetMondrianModel. So there will be a error for the request failing to pass the Secure. It is a bug of Pentaho Components.

  3. #3

    Default jboss jaas

    i think your workaround is for acegi, is there something similar for jaas?

  4. #4
    Join Date
    Mar 2006
    Posts
    13

    Default GetMiondrianModel Workaround

    Try securing all servlets except GetMondrianModel. It seems to be working well for me, though I haven't tested everything. I'm also using JOSSO but it should also work using a straight JAAS setup.

    Something like this....

    Code:
    <security-constraint>
      <web-resource-collection>
        <web-resource-name>Secure Content</web-resource-name>
        <url-pattern>/ViewAction</url-pattern>
        <url-pattern>/ServiceAction</url-pattern>
        <url-pattern>/Navigate</url-pattern>
        <url-pattern>/Publish</url-pattern>
        <url-pattern>/SchedulerAdmin</url-pattern>
        <url-pattern>/Task</url-pattern>
        <url-pattern>/SolutionManager</url-pattern>
        <url-pattern>/BackgroundExecutionStatus</url-pattern>
        <url-pattern>/RepositoryFilePublisher</url-pattern>
        <url-pattern>/Pivot</url-pattern>
        <url-pattern>/Admin</url-pattern>
        <url-pattern>/UserContent</url-pattern>
        <url-pattern>/PivotError</url-pattern>
        <url-pattern>/PivotBusy</url-pattern>
        <url-pattern>/Home</url-pattern>
        <url-pattern>/InitFailure</url-pattern>
        <url-pattern>/DisplayChart</url-pattern>
        <url-pattern>/Print</url-pattern>
        <url-pattern>/GetChart</url-pattern>
        <url-pattern>/Xmla</url-pattern>
        <url-pattern>/content</url-pattern>
        <url-pattern>/getImage</url-pattern>
        <url-pattern>/GetContent</url-pattern>    
        <http-method>HEAD</http-method>
        <http-method>GET</http-method>
        <http-method>POST</http-method>
        <http-method>PUT</http-method>
        <http-method>DELETE</http-method>
      </web-resource-collection>
      <auth-constraint>
        <role-name>PentahoUser</role-name>
      </auth-constraint>
      <user-data-constraint>
        <transport-guarantee>NONE</transport-guarantee>
      </user-data-constraint>
    </security-constraint>
    CodeMonkey like fritos....

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •  
Privacy Policy | Legal Notices | Safe Harbor Privacy Policy

Copyright © 2005 - 2017 Pentaho Corporation. All Rights Reserved.