原创文章,转载请注明出处:http://qq85609655.iteye.com/blog/2224647
?
在pentaho5上实现了CAS单点登录
参考http://jnwzping.iteye.com/blog/2092849
配置后,单点登录实现了,但是无法再publish了。这个郁闷。
pentaho在国内用的人不少,但是深入研究的人不多。无奈,自己再次搭建环境看源码。
解决办法如下:
pentaho使用Spring Security实现的权限
找到发布的过滤链
/webservices/**=securityContextHolderAwareRequestFilterForWS,httpSessionPentahoSessionContextIntegrationFilter,httpSessionContextIntegrationFilter,basicProcessingFilter,anonymousProcessingFilter,exceptionTranslationFilterForWS,filterInvocationInterceptorForWS
?
这里授权的是basicProcessingFilter
再找到basicProcessingFilter的配置:
<!-- Automatically receives AuthenticationEvent messages --> <bean id="loggerListener" class="org.springframework.security.event.authentication.LoggerListener" /> <bean id="basicProcessingFilter" class="org.pentaho.platform.web.http.security.PentahoBasicProcessingFilter"> <property name="authenticationManager"> <ref local="authenticationManager" /> </property> <property name="authenticationEntryPoint"> <ref local="basicProcessingFilterEntryPoint" /> </property> </bean>
?修改,添加默认的AuthenticationProvider:
<bean id="basicAuthenticationManager" class="org.springframework.security.providers.ProviderManager" autowire="default" dependency-check="default" lazy-init="default"> <property name="providers"> <list> <!-- <ref bean="daoAuthenticationProvider" /> --> <pen:bean class="org.springframework.security.providers.AuthenticationProvider" /> <ref bean="anonymousAuthenticationProvider" /> </list> </property> </bean> <!-- Automatically receives AuthenticationEvent messages --> <bean id="loggerListener" class="org.springframework.security.event.authentication.LoggerListener" /> <bean id="basicProcessingFilter" class="org.pentaho.platform.web.http.security.PentahoBasicProcessingFilter"> <property name="authenticationManager"> <ref local="basicAuthenticationManager" /> </property> <property name="authenticationEntryPoint"> <ref local="basicProcessingFilterEntryPoint" /> </property> </bean>
?这样,就实现了CAS的同时,兼容发布报表,元数据,OLAP的模型。