我需要将我的Pentaho Community仪表板报告集成到DotNet应用程序中。现在我遇到了一个问题。 我希望可以单击报告并且不需要Pentaho服务器询问认证或登录即可打开。我尝试寻找解决方案,并发现如果在URL中使用用户ID和密码,它将起作用。所以我这样做了。
但是对我来说这并不起作用,浏览器仍然要求登录凭据。我不明白出了什么问题。 如果有任何帮助将不胜感激。提前致谢。 敬礼, Ritesh.
我需要将我的Pentaho Community仪表板报告集成到DotNet应用程序中。现在我遇到了一个问题。 我希望可以单击报告并且不需要Pentaho服务器询问认证或登录即可打开。我尝试寻找解决方案,并发现如果在URL中使用用户ID和密码,它将起作用。所以我这样做了。
但是对我来说这并不起作用,浏览器仍然要求登录凭据。我不明白出了什么问题。 如果有任何帮助将不胜感激。anonymousUser (notice the uppercase U)
您可以为该用户设置任何密码,这只是为了确保此用户映射到 pentaho-solutions/system 配置文件中使用的用户。
确保匿名角色至少具有“读取”权限。
匿名角色应已存在于BA服务器中(这是默认情况下在“管理用户和角色”视图中的系统角色)。
在“Public”下创建一个文件夹:在我的情况下是“OpenReports”。
选择“OpenReports”文件夹,单击属性>单击“共享”>取消选中>继承文件夹权限
确保将anonymousUser和anonymous角色添加到其中,并授予他们至少“读取”权限。
单击“确定”
将分析器报告复制到新的OpenReports文件夹中
验证是否已继承anonymousUser和Anonymous角色的权限;如果没有,请相应地添加它们。
停止BA服务器
找到以下文件:
\pentaho\server\biserver-ee\pentaho-solutions\system\applicationContext-spring-security.xml
请添加以下代码:
\A/i18n.*\Z=Anonymous,Authenticated
\A/js/utils.js\Z=Anonymous,Authenticated
\A/api/.*require-js-cfg.js\Z=Anonymous,Authenticated
\A/api/.*\Z=Anonymous,Authenticated
\A/api/repos.*\Z=Anonymous,Authenticated
\A/api/common-ui/resources/.*\Z=Anonymous,Authenticated
\A/api/common-ui/util/.*\Z=Anonymous,Authenticated
以下行打开OpenReports文件夹及其内容的匿名访问。\A/api/repos.*public.*openreports.*\Z=Anonymous,Authenticated
\A/api/repos.*public.*openreports.*/viewer/.*\Z=Anonymous,Authenticated
\A/api/repos.*public.*openreports.*/common-ui/.*\Z=Anonymous,Authenticated
\A/api/repos.*public.*openreports.*/common-ui/util/.*\Z=Anonymous,Authenticated
after:
\A/js/require-cfg.js\Z=Anonymous,Authenticated
and before:
\A/content/data-access/resources/gwt/.*css\Z=Anonymous,Authenticated
添加以下代码行:(这些代码打开了Analyzer插件的URL访问权限)\A/content/pentaho-cdf/.*\Z=Anonymous,Authenticated
\A/content/common-ui/.*\Z=Anonymous,Authenticated
\A/content/analyzer/.*\Z=Anonymous,Authenticated
\A/content/analyzer/scripts/.*\Z=Anonymous,Authenticated
确保添加以下代码:
After:
\A/content/data-access/resources/gwt/.*css\Z=Anonymous,Authenticated
and before:
\A/webcontext.js.*\Z=Anonymous,Authenticated
Locate the following
Change the following lines from:
\A/api/.*\Z=Authenticated
\A/plugin/.*\Z=Authenticated
to:
\A/api/.*\Z=Anonymous,Authenticated
\A/plugin/.*\Z=Anonymous,Authenticated
保存文件
重新启动BA服务器
现在,您可以通过以下示例URL成功调用报表而无需通过登录页面进行身份验证:
在bean定义中You need the following user to be created under the Manage Users & Roles Perspective:
anonymousUser (notice the uppercase U)
You can give this user any password; this is only to make sure this user maps the user used in the configuration files inside pentaho-solutions/system
Make sure the Anonymous role has at least the Read Permission.
The Anonymous role should exist already in the BA Server (this is by default a system role in the Manage Users and Roles Perspective)
Under Public create a folder: in my case "OpenReports"
Select the "OpenReports" folder click properties > click Share > Uncheck > Inherits folder permissions
Make sure to add anonymousUser and role anonymous to it and they at least the Read permission
Click OK
Copy an Analyzer report to the new OpenReports folder
Verify the permissions for anonymousUser and Anonymous role were inherited; if not add them accordingly.
Stop BA Server
Locate the following file:
\pentaho\server\biserver-ee\pentaho-solutions\system\applicationContext-spring-security.xml
<bean id="filterInvocationInterceptor" class="org.springframework.security.web.access.intercept.FilterSecurityInterceptor">
....
<property name="securityMetadataSource">
<sec:intercept-url pattern="\A/[^\?]*(require)(-js)?(-cfg)?.js(\?.*)?\Z" access="Anonymous,Authenticated" />
<sec:intercept-url pattern="\A/content/data-access/resources/gwt/.*css\Z" access="Anonymous,Authenticated" />
<sec:intercept-url pattern="\A/i18n.*\Z" access="Anonymous,Authenticated" />
<sec:intercept-url pattern="\A/js/utils.js\Z" access="Anonymous,Authenticated" />
<sec:intercept-url pattern="\A/api/.*require-js-cfg.js\Z" access="Anonymous,Authenticated" />
<sec:intercept-url pattern="\A/api/.*\Z" access="Anonymous,Authenticated" />
<sec:intercept-url pattern="\A/api/repos.*\Z" access="Anonymous,Authenticated" />
<sec:intercept-url pattern="\A/api/common-ui/resources/.*\Z" access="Anonymous,Authenticated" />
<sec:intercept-url pattern="\A/api/common-ui/util/.*\Z" access="Anonymous,Authenticated" />
<sec:intercept-url pattern="\A/api/repos.*public.*openreports.*\Z" access="Anonymous,Authenticated" />
<sec:intercept-url pattern="\A/api/repos.*public.*openreports.*/viewer/.*\Z" access="Anonymous,Authenticated" />
<sec:intercept-url pattern="\A/api/repos.*public.*openreports.*/common-ui/.*\Z" access="Anonymous,Authenticated" />
<sec:intercept-url pattern="\A/api/repos.*public.*openreports.*/common-ui/util/.*\Z" access="Anonymous,Authenticated" />
<sec:intercept-url pattern="\A/content/data-access/resources/gwt/.*css\Z" access="Anonymous,Authenticated" />
<sec:intercept-url pattern="\A/webcontext.js.*\Z" access="Anonymous,Authenticated" />
<sec:intercept-url pattern="\A/content/pentaho-cdf/.*\Z" access="Anonymous,Authenticated" />
<sec:intercept-url pattern="\A/content/common-ui/.*\Z" access="Anonymous,Authenticated" />
<sec:intercept-url pattern="\A/content/analyzer/.*\Z" access="Anonymous,Authenticated" />
<sec:intercept-url pattern="\A/content/analyzer/scripts/.*\Z" access="Anonymous,Authenticated" />
<bean id="filterInvocationInterceptorForWS" class="org.springframework.security.web.access.intercept.FilterSecurityInterceptor">
....
<property name="securityMetadataSource">
<sec:intercept-url pattern="\A/api/.*\Z" access="Authenticated" />
<sec:intercept-url pattern="\A/plugin/.*\Z" access="Authenticated" />
使用
<sec:intercept-url pattern="\A/api/.*\Z" access="Anonymous,Authenticated" />
<sec:intercept-url pattern="\A/plugin/.*\Z" access="Anonymous,Authenticated" />
access
属性中添加Anonymous,
即可。Public/OpenReports/
文件夹下访问所有报告,无需登录。