pentaho5 CAS 单点登录
项目中添加两个jar包:cas-client-core-3.1.5.jar 和 spring-security-cas-client-2.0.5.RELEASE.jar
并修改项目下的applicationContext-spring-security.xml 文件,可以实现CAS单点登录:
以下出现“http://cas.grandsoft.com.cn” 请替换成自己的CAS地址。
<?xml version="1.0" encoding="UTF-8"?> <!--+ | Application context containing FilterChainProxy. +--> <beans xmlns="http://www.springframework.org/schema/beans" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xmlns:pen="http://www.pentaho.com/schema/pentaho-system" xsi:schemaLocation=" http://www.springframework.org/schema/beans http://www.springframework.org/schema/beans/spring-beans-2.5.xsd http://www.pentaho.com/schema/pentaho-system http://www.pentaho.com/schema/pentaho-system.xsd"> <!-- ======================== FILTER CHAIN ======================= --> <!-- if you wish to use channel security, add "channelProcessingFilter," in front of "httpSessionContextIntegrationFilter" in the list below --> <bean id="filterChainProxy" class="org.springframework.security.util.FilterChainProxy"> <property name="filterInvocationDefinitionSource"> <value> <![CDATA[CONVERT_URL_TO_LOWERCASE_BEFORE_COMPARISON PATTERN_TYPE_APACHE_ANT /webservices/**=securityContextHolderAwareRequestFilterForWS,httpSessionPentahoSessionContextIntegrationFilter,httpSessionContextIntegrationFilter,basicProcessingFilter,anonymousProcessingFilter,exceptionTranslationFilterForWS,filterInvocationInterceptorForWS /api/**=securityContextHolderAwareRequestFilterForWS,httpSessionPentahoSessionContextIntegrationFilter,httpSessionContextIntegrationFilter,basicProcessingFilter,anonymousProcessingFilter,exceptionTranslationFilterForWS,filterInvocationInterceptorForWS /plugin/**=securityContextHolderAwareRequestFilterForWS,httpSessionPentahoSessionContextIntegrationFilter,httpSessionContextIntegrationFilter,basicProcessingFilter,anonymousProcessingFilter,exceptionTranslationFilterForWS,filterInvocationInterceptorForWS /**=securityContextHolderAwareRequestFilter,httpSessionPentahoSessionContextIntegrationFilter,httpSessionContextIntegrationFilter,httpSessionReuseDetectionFilter,casProcessingFilter,logoutFilter,basicProcessingFilter,requestParameterProcessingFilter,anonymousProcessingFilter,exceptionTranslationFilter,filterInvocationInterceptor ,casSingleSignOutFilter]]> </value> </property> </bean> <!-- ======================== AUTHENTICATION ======================= --> <bean id="casProcessingFilter" class="org.springframework.security.ui.cas.CasProcessingFilter" autowire="default" dependency-check="default" lazy-init="default"> <property name="authenticationManager"> <ref bean="authenticationManager"/> </property> <property name="authenticationFailureUrl" value="/Home"/> <property name="defaultTargetUrl" value="/Home"/> <property name="filterProcessesUrl" value="/j_spring_cas_security_check"/> </bean> <bean id="casAuthenticationProvider" class="org.springframework.security.providers.cas.CasAuthenticationProvider"> <property name="userDetailsService"> <ref bean="userDetailsService"/> </property> <property name="serviceProperties"> <ref local="serviceProperties"/> </property> <property name="ticketValidator"> <ref local="ticketValidator"/> </property> <property name="key" value="my_password_for_this_auth_provider_only"/> </bean> <bean id="anonymousAuthenticationProvider" class="org.springframework.security.providers.anonymous.AnonymousAuthenticationProvider"> <property name="key" value="foobar" /> </bean> <bean id="ticketValidator" class="org.jasig.cas.client.validation.Cas20ServiceTicketValidator" autowire="default" dependency-check="default" lazy-init="default"> <constructor-arg value="http://cas.grandsoft.com.cn" /> </bean> <bean id="authenticationManager" class="org.springframework.security.providers.ProviderManager" autowire="default" dependency-check="default" lazy-init="default"> <property name="providers"> <list> <!--ref bean="daoAuthenticationProvider" /--> <ref bean="anonymousAuthenticationProvider"/> <ref bean="casAuthenticationProvider"/> </list> </property> </bean> <!-- Automatically receives AuthenticationEvent messages --> <bean id="loggerListener" class="org.springframework.security.event.authentication.LoggerListener" /> <bean id="basicProcessingFilter" class="org.pentaho.platform.web.http.security.PentahoBasicProcessingFilter"> <property name="authenticationManager"> <ref local="authenticationManager" /> </property> <property name="authenticationEntryPoint"> <ref local="basicProcessingFilterEntryPoint" /> </property> </bean> <!-- <bean id="basicAuthPostFilter" class="org.pentaho.platform.web.http.security.PentahoBasicPostProcessingFilter"> </bean> --> <bean id="basicProcessingFilterEntryPoint" class="org.springframework.security.ui.basicauth.BasicProcessingFilterEntryPoint"> <property name="realmName" value="Pentaho Realm" /> </bean> <!-- custom Pentaho begin --> <!-- replaces Spring's default ApplicationEventMulticaster; do not change bean id --> <bean id="applicationEventMulticaster" class="org.pentaho.platform.engine.security.event.OrderedApplicationEventMulticaster" /> <!-- next two beans replace SecurityStartupFilter --> <bean class="org.pentaho.platform.engine.security.event.PentahoAuthenticationSuccessListener" /> <bean class="org.pentaho.platform.engine.security.event.PentahoSessionStartupAuthenticationSuccessListener" /> <bean id="httpSessionReuseDetectionFilter" class="org.pentaho.platform.web.http.security.HttpSessionReuseDetectionFilter"> <property name="filterProcessesUrl" value="/j_spring_security_check" /> <property name="sessionReuseDetectedUrl" value="/Login?login_error=2" /> </bean> <bean id="requestParameterProcessingFilter" class="org.pentaho.platform.web.http.security.RequestParameterAuthenticationFilter"> <property name="authenticationManager"> <ref local="authenticationManager" /> </property> <property name="authenticationEntryPoint"> <ref local="requestParameterProcessingFilterEntryPoint" /> </property> </bean> <bean id="requestParameterProcessingFilterEntryPoint" class="org.pentaho.platform.web.http.security.RequestParameterFilterEntryPoint" /> <bean id="httpSessionPentahoSessionContextIntegrationFilter" class="org.pentaho.platform.web.http.filters.HttpSessionPentahoSessionIntegrationFilter" /> <!-- custom Pentaho end --> <bean id="anonymousProcessingFilter" class="org.springframework.security.providers.anonymous.AnonymousProcessingFilter"> <property name="key" value="foobar" /> <property name="userAttribute" value="anonymousUser,Anonymous" /> </bean> <bean id="httpSessionContextIntegrationFilter" class="org.springframework.security.context.HttpSessionContextIntegrationFilter" /> <bean id="logoutFilter" class="org.springframework.security.ui.logout.LogoutFilter" autowire="default" dependency-check="default" lazy-init="default"> <constructor-arg value="http://cas.grandsoft.com.cn/logout"/> <constructor-arg> <list> <bean class="org.pentaho.platform.web.http.security.PentahoLogoutHandler"/> <bean class="org.springframework.security.ui.logout.SecurityContextLogoutHandler"/> </list> </constructor-arg> <property name="filterProcessesUrl" value="/Logout"/> </bean> <bean id="securityContextHolderAwareRequestFilter" class="org.springframework.security.wrapper.SecurityContextHolderAwareRequestFilter" /> <bean id="securityContextHolderAwareRequestFilterForWS" class="org.springframework.security.wrapper.SecurityContextHolderAwareRequestFilter"> <!-- override so that SavedRequestAwareWrapper is not used --> <property name="wrapperClass" value="org.springframework.security.wrapper.SecurityContextHolderAwareRequestWrapper" /> </bean> <!-- ===================== HTTP REQUEST SECURITY ==================== --> <bean id="serviceProperties" class="org.springframework.security.ui.cas.ServiceProperties" autowire="default" dependency-check="default" lazy-init="default"> <property name="service" value="http://bi.glodon.com/pentaho/j_spring_cas_security_check"/> <property name="sendRenew" value="false"/> </bean> <bean id="exceptionTranslationFilter" class="org.springframework.security.ui.ExceptionTranslationFilter" autowire="default" dependency-check="default" lazy-init="default"> <property name="authenticationEntryPoint"> <ref local="casProcessingFilterEntryPoint"/> </property> <property name="accessDeniedHandler"> <bean class="org.springframework.security.ui.AccessDeniedHandlerImpl" /> </property> </bean> <bean id="casSingleSignOutFilter" class="org.jasig.cas.client.session.SingleSignOutFilter"> </bean> <bean id="casSingleSignOutHttpSessionListener" class="org.jasig.cas.client.session.SingleSignOutHttpSessionListener"> </bean> <bean id="casProcessingFilterEntryPoint" class="org.springframework.security.ui.cas.CasProcessingFilterEntryPoint" autowire="default" dependency-check="default" lazy-init="default"> <property name="loginUrl" value="http://cas.grandsoft.com.cn/login"/> <property name="serviceProperties"> <ref local="serviceProperties"/> </property> </bean> <bean id="exceptionTranslationFilterForWS" class="org.springframework.security.ui.ExceptionTranslationFilter"> <property name="authenticationEntryPoint"> <ref local="basicProcessingFilterEntryPoint" /> </property> <property name="accessDeniedHandler"> <bean class="org.springframework.security.ui.AccessDeniedHandlerImpl" /> </property> </bean> <!-- <bean id="authenticationProcessingFilter" class="org.springframework.security.ui.webapp.AuthenticationProcessingFilter"> <property name="authenticationManager"> <ref local="authenticationManager" /> </property> <property name="authenticationFailureUrl" value="/Login?login_error=1" /> <property name="defaultTargetUrl" value="/Home" /> <property name="filterProcessesUrl" value="/j_spring_security_check" /> <property name="targetUrlResolver"> <bean id="targetUrlResolver" class="org.springframework.security.ui.TargetUrlResolverImpl"> <property name="justUseSavedRequestOnGet" value="true" /> </bean> </property> </bean> --> <!-- <bean id="authenticationProcessingFilterEntryPoint" class="org.springframework.security.ui.webapp.AuthenticationProcessingFilterEntryPoint"> <property name="loginFormUrl" value="/Login" /> <property name="forceHttps" value="false" /> </bean> --> <bean id="httpRequestAccessDecisionManager" class="org.springframework.security.vote.AffirmativeBased"> <property name="allowIfAllAbstainDecisions" value="false" /> <property name="decisionVoters"> <list> <ref bean="roleVoter" /> </list> </property> </bean> <!-- Note the order that entries are placed against the objectDefinitionSource is critical. The FilterSecurityInterceptor will work from the top of the list down to the FIRST pattern that matches the request URL. Accordingly, you should place MOST SPECIFIC (ie a/b/c/d.*) expressions first, with LEAST SPECIFIC (ie a/.*) expressions last --> <bean id="filterInvocationInterceptor" class="org.springframework.security.intercept.web.FilterSecurityInterceptor"> <property name="authenticationManager"> <ref local="authenticationManager" /> </property> <property name="accessDecisionManager"> <ref local="httpRequestAccessDecisionManager" /> </property> <property name="objectDefinitionSource"> <value> <!-- Note - the "=Nobody" below is saying that resource URLs with those patterns not be available through a web call. --> <![CDATA[ CONVERT_URL_TO_LOWERCASE_BEFORE_COMPARISON \A/.*require-js-cfg.js\Z=Anonymous,Authenticated \A/js/require.js\Z=Anonymous,Authenticated \A/js/require-cfg.js\Z=Anonymous,Authenticated \A/content/data-access/resources/gwt/.*css\Z=Anonymous,Authenticated \A/webcontext.js.*\Z=Anonymous,Authenticated \A/content/common-ui/resources/web/cache/cache-service.js.*\Z=Anonymous,Authenticated \A/cacheexpirationservice.*\Z=Anonymous,Authenticated \A/js/theme.*\Z=Anonymous,Authenticated \A/content/common-ui/resources/themes/.*\Z=Anonymous,Authenticated \A/content/common-ui/resources/web/dojo/djconfig.js.*\Z=Anonymous,Authenticated \A/content/pentaho-mobile/resources/.*\Z=Anonymous,Authenticated \A/docs/.*\Z=Anonymous,Authenticated \A/mantlelogin/.*\Z=Anonymous,Authenticated \A/mantle/mantleloginservice/*\Z=Anonymous,Authenticated \A/mantle/.*\Z=Authenticated \A/welcome/.*\Z=Anonymous,Authenticated \A/public/.*\Z=Anonymous,Authenticated \A/login.*\Z=Anonymous,Authenticated \A/ping/alive.gif.*\Z=Anonymous,Authenticated \A/j_spring_security_check.*\Z=Anonymous,Authenticated \A/getimage.*\Z=Anonymous,Authenticated \A/getresource.*\Z=Anonymous,Authenticated \A/admin.*\Z=Admin \A/auditreport.*\Z=Admin \A/auditreportlist.*\Z=Admin \A/versioncontrol.*\Z=Admin \A/propertieseditor.*\Z=Admin \A/propertiespanel.*\Z=Admin \A/subscriptionadmin.*\Z=Admin \A/resetrepository.*\Z=Admin \A/viewaction.*solution.admin.*\Z=Admin \A/scheduleradmin.*\Z=Admin \A/publish.*\Z=Admin \A/logout.*\Z=Anonymous \A/solutionrepositoryservice.*component=delete.*solution=system.*\Z=Nobody \A/solutionrepositoryservice.*solution=system.*component=delete.*\Z=Nobody .*system.*pentaho.xml.*=Nobody .*system.*applicationcontext.*.xml.*=Nobody .*system.*pentahoobjects.spring.xml.*=Nobody .*system.*pentahosystemconfig.xml.*=Nobody .*system.*adminplugins.xml.*=Nobody .*system.*plugin.properties.*=Nobody .*system.*sessionstartupactions.xml.*=Nobody .*system.*systemlisteners.xml.*=Nobody .*system.*hibernate.*=Nobody .*system.*birt/.*=Nobody .*system.*dialects/.*=Nobody .*system.*google/.*=Nobody .*system.*jasperreports/.*=Nobody .*system.*kettle/.*=Nobody .*system.*logs/.*=Nobody .*system.*mondrian/.*=Nobody .*system.*quartz/.*=Nobody .*system.*simple-jndi/.*=Nobody .*system.*smtp-email/.*=Nobody .*system.*ui/.*=Nobody .*system.*\.\./.*=Nobody \A/.*\Z=Authenticated ]]> </value> </property> </bean> <bean id="filterInvocationInterceptorForWS" class="org.springframework.security.intercept.web.FilterSecurityInterceptor"> <property name="authenticationManager"> <ref local="authenticationManager" /> </property> <property name="accessDecisionManager"> <ref local="httpRequestAccessDecisionManager" /> </property> <!-- allow anyone to see the wsdl of various services --> <property name="objectDefinitionSource"> <value> <![CDATA[CONVERT_URL_TO_LOWERCASE_BEFORE_COMPARISON \A/webservices/unifiedrepository\?wsdl.*\Z=Anonymous,Authenticated \A/webservices/userrolelistservice\?wsdl.*\Z=Anonymous,Authenticated \A/webservices/userroleservice\?wsdl.*\Z=Anonymous,Authenticated \A/webservices/authorizationpolicy\?wsdl.*\Z=Anonymous,Authenticated \A/webservices/rolebindingdao\?wsdl.*\Z=Anonymous,Authenticated \A/webservices/scheduler\?wsdl.*\Z=Anonymous,Authenticated \A/webservices/repositorysync\?wsdl.*\Z=Anonymous,Authenticated \A/webservices/datasourcemgmtservice\?wsdl.*\Z=Anonymous,Authenticated \A/webservices/.*\Z=Authenticated \A/api/.*require-js-cfg.js\Z=Anonymous,Authenticated \A/api/.*\Z=Authenticated \A/plugin/.*\Z=Authenticated ]]> </value> </property> </bean> <bean id="defaultRole" class="java.lang.String"> <constructor-arg value="Authenticated" /> </bean> <bean id="anonymousRole" class="java.lang.String"> <constructor-arg value="Anonymous" /> </bean> <!-- used by ExtraRolesUserRoleListServiceDecorator beans --> <bean id="extraRoles" class="org.springframework.beans.factory.config.ListFactoryBean"> <property name="sourceList"> <list> <ref bean="defaultRole" /> <ref bean="anonymousRole" /> </list> </property> </bean> </beans>
相关推荐
Pentaho 5.4.0.1 + CAS单点登录配置文档,英文说明文档,亲测可以使用。
Pentaho Solutions Pentaho Solutions
learning-pentaho-ctoolslearning-pentaho-ctoolslearning-pentaho-ctoolslearning-pentaho-ctoolslearning-pentaho-ctoolslearning-pentaho-ctoolslearning-pentaho-ctools
赠送jar包:pentaho-aggdesigner-algorithm-5.1.5-jhyde.jar; 赠送原API文档:pentaho-aggdesigner-algorithm-5.1.5-jhyde-javadoc.jar; 赠送源代码:pentaho-aggdesigner-algorithm-5.1.5-jhyde-sources.jar; ...
使用过程只需使用到Admin用户,将文件替换:biserver-ce\tomcat\webapps\pentaho\jsp\下的PUCLogin.jsp无需重启服务器,清除缓存刷新页面,直接访问pentaho
pentaho kettle中文开发手册
pentaho4.8版本的汉化总结 其中包含绝大部分的汉化
创建 Pentaho Solutions 中文
[Packt Publishing] Pentaho 5.0 报表实例开发 初学者指南 (英文版) [Packt Publishing] Pentaho 5.0 Reporting by Example Beginner's Guide (E-Book) ☆ 图书概要:☆ Create high-quality, professional, ...
pentaho自带的MYSQL初始化脚本并不健全,初始化后,会报诸多问题。 还是这个压缩包好,5个脚本。 本人已验证
Pentaho Solutions Business Intelligence and Data Warehousing with Pentaho and MySQL
Pentaho Reporting(2014) 资源挺多的
pentaho初学者,整理了一些使用的过程和配置
5 pentaho analysis的汉化及国际化 12 5.1 配置mondrian 12 5.2 编写resource bundle文件 13 5.3 在schema文件中引用resource 13 5.4 All成员的国际化 13 6 mondrian schema文件的编写 15 6.1 逻辑模型 15 6.3 ...
pentaho business analytics cookbook 彩色电子版,完整版本。 书中完整讲述了pentaho工具的安装和使用等,
pentaho经典中文资料经典中文资料经典中文资料经典中文资料经典中文资料经典中文资料经典中文资料经典中文资料经典中文资料经典中文资料
Pentaho SDK 开发 BI 商业智能,Pentaho 入门
Pentaho Solutions BI DW MySQL
pentaho metadata editor学习的一些总结,基础概念与元数据模型的介绍