logo标签列表

不需登录的Pentaho BI服务器报告

authenticationpentahopentaho-cde
6

我需要将我的Pentaho Community仪表板报告集成到DotNet应用程序中。现在我遇到了一个问题。 我希望可以单击报告并且不需要Pentaho服务器询问认证或登录即可打开。我尝试寻找解决方案,并发现如果在URL中使用用户ID和密码,它将起作用。所以我这样做了。

http://192.168.2.122:8085/pentaho/api/repos/:home:Time%20Sheet%20Reports:Project%20Effort%20Analysis%20Dashboard.wcdf/generatedContent&userid=admin&password=password

但是对我来说这并不起作用,浏览器仍然要求登录凭据。我不明白出了什么问题。 如果有任何帮助将不胜感激。
提前致谢。 敬礼, Ritesh.
https://stackoverflow.com/questions/38472931/viewing-pentaho-dashboard-outside-pentaho/44707110#44707110https://stackoverflow.com/questions/13758578/pentaho-reportviewer-url-not-loading-in-iframe?noredirect=1&lq=1 - David
3个回答
15
您需要在“管理用户和角色”视图下创建以下用户:
anonymousUser (notice the uppercase U)

您可以为该用户设置任何密码,这只是为了确保此用户映射到 pentaho-solutions/system 配置文件中使用的用户。

确保匿名角色至少具有“读取”权限。

匿名角色应已存在于BA服务器中(这是默认情况下在“管理用户和角色”视图中的系统角色)。

在“Public”下创建一个文件夹:在我的情况下是“OpenReports”。

选择“OpenReports”文件夹,单击属性>单击“共享”>取消选中>继承文件夹权限

确保将anonymousUser和anonymous角色添加到其中,并授予他们至少“读取”权限。

单击“确定”

将分析器报告复制到新的OpenReports文件夹中

验证是否已继承anonymousUser和Anonymous角色的权限;如果没有,请相应地添加它们。

停止BA服务器

找到以下文件:

\pentaho\server\biserver-ee\pentaho-solutions\system\applicationContext-spring-security.xml

请添加以下代码:

\A/i18n.*\Z=Anonymous,Authenticated

\A/js/utils.js\Z=Anonymous,Authenticated

\A/api/.*require-js-cfg.js\Z=Anonymous,Authenticated

\A/api/.*\Z=Anonymous,Authenticated

\A/api/repos.*\Z=Anonymous,Authenticated

\A/api/common-ui/resources/.*\Z=Anonymous,Authenticated

\A/api/common-ui/util/.*\Z=Anonymous,Authenticated
以下行打开OpenReports文件夹及其内容的匿名访问。
\A/api/repos.*public.*openreports.*\Z=Anonymous,Authenticated

\A/api/repos.*public.*openreports.*/viewer/.*\Z=Anonymous,Authenticated

\A/api/repos.*public.*openreports.*/common-ui/.*\Z=Anonymous,Authenticated

\A/api/repos.*public.*openreports.*/common-ui/util/.*\Z=Anonymous,Authenticated



after:

\A/js/require-cfg.js\Z=Anonymous,Authenticated

and before:

\A/content/data-access/resources/gwt/.*css\Z=Anonymous,Authenticated
添加以下代码行:(这些代码打开了Analyzer插件的URL访问权限)
\A/content/pentaho-cdf/.*\Z=Anonymous,Authenticated

\A/content/common-ui/.*\Z=Anonymous,Authenticated

\A/content/analyzer/.*\Z=Anonymous,Authenticated

\A/content/analyzer/scripts/.*\Z=Anonymous,Authenticated

确保添加以下代码:

After:

\A/content/data-access/resources/gwt/.*css\Z=Anonymous,Authenticated

and before:

\A/webcontext.js.*\Z=Anonymous,Authenticated

Locate the following

Change the following lines from:

\A/api/.*\Z=Authenticated

\A/plugin/.*\Z=Authenticated

to:

\A/api/.*\Z=Anonymous,Authenticated

\A/plugin/.*\Z=Anonymous,Authenticated

保存文件

重新启动BA服务器

现在,您可以通过以下示例URL成功调用报表而无需通过登录页面进行身份验证:

http://192.168.2.122:8085/pentaho/api/repos/:public:OpenReports:Leading%20Product%20Lines%20(pivot%20table).xanalyzer/editor

1
谢谢你,Marlon。它有效了。这正是我想要的。不会泄露整个服务器,只会使一个文件夹匿名化。再次感谢你。 - Ritesh
Marlon,我无法理解你所说的“after”,“before”,“to”。请问你能告诉我们在applicationContext-spring-security.xml文件中需要修改的确切标签或行吗?类似于:https://help.pentaho.com/Documentation/5.3/0P0/150/040。提前感谢! - JRichardsz
@JRichardsz "before" 是你需要搜索的行, "after" 是你需要复制粘贴到搜索行上的行(替换)。希望你明白了。 - Marlon Abeykoon
有人知道在8.0或者更高版本中是否可以实现这个功能吗?似乎如果你不是已认证的用户,就无法访问jackrabbit存储库中的文件,所以唯一的解决方案是创建某种虚拟的访客用户? - Codek
1
@Codek 现在已经有3年没用Pentaho了。你最好提一个新问题并引用这个答案,希望会有人回答。 - Marlon Abeykoon
3
0
对于Pentaho BI服务器的后续版本(我在CE 9.4.0.0-343中进行了测试),@Marlon提供的答案仍然有效,只是有一些细微的差别。
以下几点与他的答案完全一致:

You need the following user to be created under the Manage Users & Roles Perspective:

anonymousUser (notice the uppercase U)

You can give this user any password; this is only to make sure this user maps the user used in the configuration files inside pentaho-solutions/system

Make sure the Anonymous role has at least the Read Permission.

The Anonymous role should exist already in the BA Server (this is by default a system role in the Manage Users and Roles Perspective)

Under Public create a folder: in my case "OpenReports"

Select the "OpenReports" folder click properties > click Share > Uncheck > Inherits folder permissions

Make sure to add anonymousUser and role anonymous to it and they at least the Read permission

Click OK

Copy an Analyzer report to the new OpenReports folder

Verify the permissions for anonymousUser and Anonymous role were inherited; if not add them accordingly.

Stop BA Server

Locate the following file:

\pentaho\server\biserver-ee\pentaho-solutions\system\applicationContext-spring-security.xml
在bean定义中
  <bean id="filterInvocationInterceptor" class="org.springframework.security.web.access.intercept.FilterSecurityInterceptor">
....
    <property name="securityMetadataSource">

搜索这些行
        <sec:intercept-url pattern="\A/[^\?]*(require)(-js)?(-cfg)?.js(\?.*)?\Z" access="Anonymous,Authenticated" />
        <sec:intercept-url pattern="\A/content/data-access/resources/gwt/.*css\Z" access="Anonymous,Authenticated" />

在我的版本(9.4.0.0-343)中,这是第313行和第314行。
在这两行之间添加以下行:
        <sec:intercept-url pattern="\A/i18n.*\Z" access="Anonymous,Authenticated" />
        <sec:intercept-url pattern="\A/js/utils.js\Z" access="Anonymous,Authenticated" />
        <sec:intercept-url pattern="\A/api/.*require-js-cfg.js\Z" access="Anonymous,Authenticated" />
        <sec:intercept-url pattern="\A/api/.*\Z" access="Anonymous,Authenticated" />
        <sec:intercept-url pattern="\A/api/repos.*\Z" access="Anonymous,Authenticated" />
        <sec:intercept-url pattern="\A/api/common-ui/resources/.*\Z" access="Anonymous,Authenticated" />
        <sec:intercept-url pattern="\A/api/common-ui/util/.*\Z" access="Anonymous,Authenticated" />
        <sec:intercept-url pattern="\A/api/repos.*public.*openreports.*\Z" access="Anonymous,Authenticated" />
        <sec:intercept-url pattern="\A/api/repos.*public.*openreports.*/viewer/.*\Z" access="Anonymous,Authenticated" />
        <sec:intercept-url pattern="\A/api/repos.*public.*openreports.*/common-ui/.*\Z" access="Anonymous,Authenticated" />
        <sec:intercept-url pattern="\A/api/repos.*public.*openreports.*/common-ui/util/.*\Z" access="Anonymous,Authenticated" />

在以下两行之间(原始文件中的第314行和第315行,由于上面的添加而被移动),
        <sec:intercept-url pattern="\A/content/data-access/resources/gwt/.*css\Z" access="Anonymous,Authenticated" />
        <sec:intercept-url pattern="\A/webcontext.js.*\Z" access="Anonymous,Authenticated" />

添加以下行:
        <sec:intercept-url pattern="\A/content/pentaho-cdf/.*\Z" access="Anonymous,Authenticated" />
        <sec:intercept-url pattern="\A/content/common-ui/.*\Z" access="Anonymous,Authenticated" />
        <sec:intercept-url pattern="\A/content/analyzer/.*\Z" access="Anonymous,Authenticated" />
        <sec:intercept-url pattern="\A/content/analyzer/scripts/.*\Z" access="Anonymous,Authenticated" />

然后在bean定义中:
  <bean id="filterInvocationInterceptorForWS" class="org.springframework.security.web.access.intercept.FilterSecurityInterceptor">
....
    <property name="securityMetadataSource">

替换以下两行:
        <sec:intercept-url pattern="\A/api/.*\Z" access="Authenticated" />
        <sec:intercept-url pattern="\A/plugin/.*\Z" access="Authenticated" />

使用

        <sec:intercept-url pattern="\A/api/.*\Z" access="Anonymous,Authenticated" />
        <sec:intercept-url pattern="\A/plugin/.*\Z" access="Anonymous,Authenticated" />

只需在access属性中添加Anonymous,即可。
就这样。重新启动Pentaho服务器,您应该能够在Public/OpenReports/文件夹下访问所有报告,无需登录。
网页内容由stack overflow 提供, 点击上面的
可以查看英文原文,
原文链接