Versions Compared

Old Version 17

changes.mady.by.user Former user

Saved on

compared with

New Version Current

changes.mady.by.user Former user

Saved on

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.
Comment: Migration of unmigrated content due to installation of a new plugin

...

Here is an example login module configuration file entry for it using an HSQLDB driver:

Code Block
xml
xml
titlelogin.confxml
JDBCLoginModule {
    org.mortbay.jetty.plus.jaas.spi.JDBCLoginModule required
    debug="true"
    dbUrl="jdbc:hsqldb:."
    dbUserName="sa"
    dbPassword="password"
    dbDriver="org.hsqldb.jdbcDriver"
    userTable="myusers"
    userField="myuser"
    credentialField="mypassword"
    userRoleTable="myuserroles"
    userRoleUserField="myuser"
    userRoleRoleField="myrole";
};

There is no particular schema required for the database tables storing the authentication and role information. The properties userTable, userField, credentialField, userRoleTable, userRoleUserField, userRoleRoleField configure the names of the tables and the columns within them that are used to format the following queries:

Code Block
xml
xml
titledatabase queryxml
select <credentialField> from <userTable> where <userField> =?
select <userRoleRoleField> from <userRoleTable> where <userRoleUserField> =?

...

Note
titleBe Careful

Pay and extra attention to the semi-colon at the end of last entry in the login.conf. Without that you will get error in authentication. JDBCLoginModule key in the login.conf needs to be exactly same as the value in console.properties. Here is the snippet of a correct console.properties in this case

Code Block
xml
xml
titleconsole.propertiesxml
# Security Authentication Section for Enterprise Console
console.security.enabled=true
console.security.roles.allowed=Admin,server-administrator,content-administrator
console.security.roles.delimiter=,
console.security.realm.name=Pentaho
console.security.login.module.name=JDBCLoginModule
console.security.auth.config.path=resource/config/login.conf
console.security.callback.handler=org.mortbay.jetty.plus.jaas.callback.DefaultCallbackHandler

...

Here is a sample login module configuration for it:

Code Block
xml
xml
titlelogin.confxml
ds {
   org.mortbay.jetty.plus.jaas.spi.DataSourceLoginModule required
   debug="true"
   dbJNDIName="ds"
   userTable="myusers"
   userField="myuser"
   credentialField="mypassword"
   userRoleTable="myuserroles"
   userRoleUserField="myuser"
   userRoleRoleField="myrole";
 };

...

With this login module implementation, the authentication and role information is read from a property file.

Code Block
xml
xml
titlelogin.confxml
props {
   org.mortbay.jetty.plus.jaas.spi.PropertyFileLoginModule required
   debug="true"
   file="/somewhere/somefile.props";
 };

...

Here's an example:

Code Block
xml
xml
titlelogin.propertiesxml
admin: OBF:1xmk1w261u9r1w1c1xmq,user,admin
superadmin: changeme,user,developer
master: MD5:164c88b302622e17050af52c89945d44,user
: CRYPT:adpexzg3FUZAk,admin

...

The configuration for the security setting is stored in the security section of console.properties

Code Block
xml
xml
titleconsole.propertiesxml
\# Pentaho Administration Console's Jetty Server Settings
console.start.port.number=8088
console.stop.port.number=8033

\# SSL Section for Pentaho Administration Console
console.ssl.enabled=false
console.ssl.port.number=8143
keyAlias=jetty
keyPassword=changeit
keyStore=resource/config/keystore
keyStorePassword=changeit
trustStore=resource/config/keystore
trustStorePassword=changeit
wantClientAuth=false
needClientAuth=false

\# Security Authentication Section for Pentaho Administration Console
console.security.enabled=true
console.security.roles.allowed=admin
console.security.roles.delimiter=,
console.security.realm.name=Pentaho
console.security.login.module.name=PropertiesFileLoginModule
console.security.auth.config.path=resource/config/login.conf

...

If you want to implement your own custom LoginModule, there are two classes to be familiar with:

Code Block
java
java
titleAbstractLoginModule.javajava
package org.mortbay.jetty.plus.jaas.spi;

public abstract class AbstractLoginModule implements LoginModule
{
&nbsp; ...
&nbsp; public abstract UserInfo getUserInfo (String username) throws Exception;
}
Code Block
java
java
titleUserInfo.javajava
package org.mortbay.jetty.plus.jaas.spi;

public class UserInfo
{

  public UserInfo (String userName, Credential credential, List roleNames)
  {
  ...
  }

  public String getUserName()
  {
  ...
  }

  public List getRoleNames ()
  {
  ...
  }

  public boolean checkCredential (Object suppliedCredential)
  {
  ...
  }
}

...