Hitachi Vantara Pentaho Community Forums
Results 1 to 2 of 2

Thread: pentaho and single sing on server

  1. #1
    Join Date
    Feb 2007
    Posts
    21

    Default pentaho and single sing on server

    I want to implement cas server for my applications and one of them is pentaho server.

    I've configured my cas server and it works fine with other client applications, but not with pentaho

    I found this link:
    http://wiki.pentaho.org/display/Pent...omment-2818111
    but I can't find sso directory in my pentaho version.

    From my logs I found that authentication in cas server works fine and it send ticket to pentaho, but it can't store authenticated user in security context and http session.
    it looks like this:
    Code:
    2007-11-14 16:25:59,233 DEBUG [org.springframework.web.context.support.XmlWebApplicationContext] Publishing event in context [org.springframework.web.context.support.XmlWebApplicationContext@158f444]: org.acegisecurity.event.authentication.InteractiveAuthenticationSuccessEvent[source=org.acegisecurity.providers.cas.CasAuthenticationToken@189d9d71: Username: org.acegisecurity.userdetails.User@eaff8000: Username: suzy; Password: [PROTECTED]; Enabled: true; AccountNonExpired: true; credentialsNonExpired: true; AccountNonLocked: true; Granted Authorities: cto, is, User, Authenticated, ROLE_USER, ROLE_SUPERUSER, ROLE_ADMIN; Password: [PROTECTED]; Authenticated: true; Details: org.acegisecurity.ui.WebAuthenticationDetails@957e: RemoteIpAddress: 127.0.0.1; SessionId: C1E70F0E14EDDF7AB747F29036E46100; Granted Authorities: cto, is, User, Authenticated, ROLE_USER, ROLE_SUPERUSER, ROLE_ADMIN; Credentials (Service/Proxy Ticket): ST-7-AkshdsPkeSLgaK5WCPP7; Proxy-Granting Ticket IOU: PGTIOU-7-j1PmYBgFfcFr4Ffzqg139pPv4IfXaAUNF9x; Proxy List: []]
    2007-11-14 16:25:59,233 WARN  [org.acegisecurity.event.authentication.LoggerListener] Authentication event InteractiveAuthenticationSuccessEvent: suzy; details: org.acegisecurity.ui.WebAuthenticationDetails@957e: RemoteIpAddress: 127.0.0.1; SessionId: C1E70F0E14EDDF7AB747F29036E46100
    2007-11-14 16:25:59,291 DEBUG [org.pentaho.ui.servlet.PentahoAwareCharacterEncodingFilter] !PentahoAwareCharacterEncodingFilter.ENCODING_IN_CTX!
    and it should look like this:
    Code:
    2007-11-14 16:27:11,300 DEBUG [org.springframework.web.context.support.XmlWebApplicationContext] Publishing event in context [org.springframework.web.context.support.XmlWebApplicationContext@cf323d]: org.acegisecurity.event.authentication.InteractiveAuthenticationSuccessEvent[source=org.acegisecurity.providers.cas.CasAuthenticationToken@89ac93d8: Username: org.bivela.dto.bivela.Users@11d4566; Password: [PROTECTED]; Authenticated: true; Details: org.acegisecurity.ui.WebAuthenticationDetails@957e: RemoteIpAddress: 127.0.0.1; SessionId: 16B6C0CB5F5F060DA4466AA936BA525E; Granted Authorities: ROLE_USER; Credentials (Service/Proxy Ticket): ST-8-vtmlfbd4uSOhRj1V0oYL; Proxy-Granting Ticket IOU: PGTIOU-8-sN7FgaHMI4LdYncbQTJ0S6kgJHbDJrVWt6P; Proxy List: []]
    2007-11-14 16:27:11,300 DEBUG [org.acegisecurity.context.HttpSessionContextIntegrationFilter] SecurityContext stored to HttpSession: 'org.acegisecurity.context.SecurityContextImpl@89ac93d8: Authentication: org.acegisecurity.providers.cas.CasAuthenticationToken@89ac93d8: Username: org.bivela.dto.bivela.Users@11d4566; Password: [PROTECTED]; Authenticated: true; Details: org.acegisecurity.ui.WebAuthenticationDetails@957e: RemoteIpAddress: 127.0.0.1; SessionId: 16B6C0CB5F5F060DA4466AA936BA525E; Granted Authorities: ROLE_USER; Credentials (Service/Proxy Ticket): ST-8-vtmlfbd4uSOhRj1V0oYL; Proxy-Granting Ticket IOU: PGTIOU-8-sN7FgaHMI4LdYncbQTJ0S6kgJHbDJrVWt6P; Proxy List: []'
    2007-11-14 16:27:11,300 DEBUG [org.acegisecurity.context.HttpSessionContextIntegrationFilter] SecurityContextHolder set to new context, as request processing completed
    Do I have to change portal configuration to make pentaho communication with cas server working?

    Can anybody tell me how to make it working?


    OK, I understand, that you have 'SSO' in your subscribe version of Pentaho, but you could give me some tips where to make changes at least.

    Thanks, in advance.
    Last edited by martique; 11-15-2007 at 11:01 AM.

  2. #2
    Join Date
    Oct 2006
    Posts
    817

    Default

    The SSO enable script is a feature of Management Services, included in a Pentaho subscription.

    To go it on your own, I suggest reading Acegi Security's CAS integration documentation.

    The portlet-based interface for Pentaho and the JSP/servlet-based interface for Pentaho reside in two separate webapps and both require CAS integration configuration. The SSO enable script in Management Services enables CAS-based SSO in both webapps.

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •  
Privacy Policy | Legal Notices | Safe Harbor Privacy Policy

Copyright © 2005 - 2019 Hitachi Vantara Corporation. All Rights Reserved.