PDA

View Full Version : User Rights



jerics99
01-12-2006, 05:14 AM
Hi,

User rights for functionality and data, how is it handled in Pentaho and how is maintenance of access rights handled?

Regards,

adeshazor
01-12-2006, 07:54 AM
Samples in the available demo show a few ways in which data can be secured. They use the secure filter component (org.pentaho.component.SecureFilterComponent) to filter the departments, companies, products, regions, etc. the user can choose. The "allowable" list can come from an external system via a SQL query, a web service call, or even the user session. Take a look at the "Secure" section of the portal portion of the v1.0.0 platform demo.

Anthony

Post edited by: adeshazor, at: 01/12/2006 11:58

jerics99
01-13-2006, 01:05 AM
Thanks for your response Anthony. I like the new look of the Pentaho web site by the way.

Regarding administrating user rights, I took a look in the secure folder of the pentaho-solutions/samples/secure folder of my install (based on pentaho_j2ee_deployments-1.0.0.0.zip). I did not find it obvious how the security of Pentaho is working, can you explain a bit more how it works, or is there any documentation explaining this deeper that I can read?

Cheers,

adeshazor
01-23-2006, 01:48 PM
We finally have documentation available that covers the secure filter. The documentation can only be access by registered users. The link to the PDF is below.

http://www.pentaho.org/index.php?option=com_remository&Itemid=276&func=select&id=1

Thanks for your patience,

Anthony

Post edited by: adeshazor, at: 01/23/2006 17:49

Post edited by: adeshazor, at: 01/26/2006 12:06

alinv
01-26-2006, 03:43 AM
I cannot acces the document, even when logged in:

Your session was not validated and anti-leach measures are in effect.

adeshazor
01-26-2006, 08:08 AM
I've updated the link (http://www.pentaho.org/index.php?option=com_remository&Itemid=276&func=select&id=1) to point to the supplemental documentation area instead of the file itself. Sorry for the confusion.

Anthony

ingo.klose
01-26-2006, 08:38 AM
Hello Anthony,

I have an additional question regarding security.

Is it possible to restrict access on reports and folders? Your answer describes security on data via a security filter. But how can I prevent a user from accessing certain folders or executing reports.

Thank you in advance for your help.

Best regards,
Ingo

adeshazor
01-26-2006, 08:53 AM
Currently, we have object-level (report, directory, etc.) security slated as a feature of our forthcoming pro version. The current GA open source version only applies data-level security. So, if the data-level security is applied correctly, a user will be able to run reports but won't get access to any unauthorized data.

Anthony

ingo.klose
01-26-2006, 09:51 AM
Hi,

could you give me some more information about the forthcoming pro version?

When it is supposed to be released?
What other features will be in there and not in the open source version?
Do you have already any pricing ideas?

We are currently evaluating your software as an open source product and it would be helpfull to know your road map regarding the pro versions.

Thanks you for any further information.

Best regards,
Ingo

adeshazor
01-26-2006, 10:05 AM
Thanks for the interest. We are in the process of finalizing the Pro roadmap and pricing; however, we should be able to help you in your evaluation. I'll forward your request to the right people.

Anthony