Hitachi Vantara Pentaho Community Forums
Results 1 to 3 of 3

Thread: Problems in Pentaho 3.5 and JDBC security with my own user and role tables

  1. #1

    Default Problems in Pentaho 3.5 and JDBC security with my own user and role tables

    Hi all,
    Please help me to have user login through the users and roles from the oracle 10g database. I am using pentaho 3.5. I have tried a lot and managed to achieve jdbc security and thus able to login to pentaho console with the user list and role list stored in tables in the oracle database.

    The Main problem I am facing is that If I login with any user other than Admin then no solution folder appears. Only text 'Loading...' is there in the browse section of console.

    What is the cause and solution to this.

    I have used following structure:

    User table: st_emp (emp_no, password, enabled, name)

    Role table: st_emp_approle (role,emp_no, description)

    One user is having 'Admin' role and other users have either value 'MEMBER' or 'OWNER' in the role table.

    I want to use only one role for a user. But, I think pentaho needs default role 'Authenticated' against a user. To overcome that I modified part of applicationContext-spring-security.xml and added MEMBER,OWNER in place of Authenticated as shown below.

    Code:
     
    <![CDATA[
    CONVERT_URL_TO_LOWERCASE_BEFORE_COMPARISON
    \A/docs/.*\Z=Anonymous,Admin,MEMBER,OWNER
    \A/mantlelogin/.*\Z=Anonymous,Admin,MEMBER,OWNER
    \A/mantle/mantleloginservice/*\Z=Anonymous,Admin,MEMBER,OWNER
    \A/mantle/.*\Z=Admin,MEMBER,OWNER
    \A/welcome/.*\Z=Anonymous,Admin,MEMBER,OWNER
    \A/public/.*\Z=Anonymous,Admin,MEMBER,OWNER
    \A/login.*\Z=Anonymous,Admin,MEMBER,OWNER
    \A/ping/alive.gif.*\Z=Anonymous,Admin,MEMBER,OWNER
    \A/j_spring_security_check.*\Z=Anonymous,Admin,MEMBER,OWNER
    \A/getimage.*\Z=Anonymous,Admin,MEMBER,OWNER
    \A/getresource.*\Z=Anonymous,Admin,MEMBER,OWNER
    \A/admin.*\Z=Admin
    \A/auditreport.*\Z=Admin
    \A/auditreportlist.*\Z=Admin
    \A/versioncontrol.*\Z=Admin
    \A/propertieseditor.*\Z=Admin
    \A/propertiespanel.*\Z=Admin
    \A/subscriptionadmin.*\Z=Admin
    \A/resetrepository.*\Z=Admin
    \A/viewaction.*solution.admin.*\Z=Admin
    \A/scheduleradmin.*\Z=Admin
    \A/publish.*\Z=Admin
    \A/logout.*\Z=Anonymous
    \A/solutionrepositoryservice.*component=delete.*solution=system.*\Z=Nobody
    \A/solutionrepositoryservice.*solution=system.*component=delete.*\Z=Nobody
    .*system.*pentaho.xml.*=Nobody
    .*system.*applicationcontext.*.xml.*=Nobody
    .*system.*pentahoobjects.spring.xml.*=Nobody
    .*system.*pentahosystemconfig.xml.*=Nobody
    .*system.*adminplugins.xml.*=Nobody
    .*system.*plugin.properties.*=Nobody
    .*system.*publisher_config.xml.*=Nobody
    .*system.*sessionstartupactions.xml.*=Nobody
    .*system.*systemlisteners.xml.*=Nobody
    .*system.*hibernate.*=Nobody
    .*system.*birt/.*=Nobody
    .*system.*dialects/.*=Nobody
    .*system.*google/.*=Nobody
    .*system.*jasperreports/.*=Nobody
    .*system.*jfree/.*=Nobody
    .*system.*kettle/.*=Nobody
    .*system.*logs/.*=Nobody
    .*system.*metadata/.*=Nobody
    .*system.*mondrian/.*=Nobody
    .*system.*olap/.*=Nobody
    .*system.*quartz/.*=Nobody
    .*system.*simple-jndi/.*=Nobody
    .*system.*smtp-email/.*=Nobody
    .*system.*ui/.*=Nobody
    .*system.*analysistemplate.tpl.*=Nobody
    .*system.*\.\./.*=Nobody
    \A/.*\Z=Admin,MEMBER,OWNER
    ]]>

    I changed hibernate word to jdbc in pentaho-spring-beans.xml
    and also modified queries as per my user and role tables in the files
    applicationContext-spring-security-jdbc.xml and applicationContext-pentaho-security-jdbc.xml


    For your reference these 3 files are also attached.



    -- My questions and concerns --
    1. ---Solution folders not getting displayed for users other than admin
    2. ---I don't want to use 'Authenticated' role for each user in role table
    3. ---If i m using oracle database tables for user and roles But for repository i continue to use default hibernate based database which came with pentaho, then is this ok? any compatibility issues?
    4. --- When my no. of users is more than 30000 then share tab in properties of steel-wheels with admin login hangs. why is so and whats solution?
    5. ---Currently I using pentaho in windows. If I want to change to unix server for pentaho then How much would be the impact? please brief explain


    Please help me in resolving this issue as soon as possible. Also i searched a lot before posting this, got many threads like this but nothing worked for me. Kindly reply fast.
    Attached Files Attached Files

  2. #2

    Lightbulb Try an override

    Arun,

    Try to create an override declaration (in pentaho.xml) giving access on root directory to “OWNER” and “MEMBER” roles:
    Code:
       <overrides>
         <file path="/pentaho-solutions">
           <acl-entry role="MEMBER" acl="EXECUTE" />
           <acl-entry role="OWNER" acl="EXECUTE" />
         </file>
       </overrides> 
    
    After this, re-apply the default ACL (use PAC or stop Pentaho; drop PRO_ACLS_LIST and PRO_FILES tables; re-start Pentaho).


    Regards,


    Mauro
    Last edited by mschramm; 03-11-2010 at 01:35 PM.

  3. #3
    Join Date
    Apr 2008
    Posts
    146

    Default Worked for me.

    Thanks! This worked for me!
    I am using a fresh install of 3.5.2-GA and imported my LDAP configuration changes from a 3.5.0 server that was working fine until the upgrade.

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •  
Privacy Policy | Legal Notices | Safe Harbor Privacy Policy

Copyright © 2005 - 2019 Hitachi Vantara Corporation. All Rights Reserved.