sexta-feira, 17 de janeiro de 2014

Pentaho Servlet Integrator

You can always see someone asking how to integrate Pentaho with a Third Party Application.

Pentaho Servlet Integrator allows you to call from a Third Party App any analyse, dashboard, report etc from the Pentaho without pass user/password on the URL.

How does it work ? 




  1. First, the user authenticate on their application. From some menu, he/she asks to access some resource on the Pentaho, such as, a report or a dashboard.
  2. Second, their application must maintain the tokensbi table inserting a new record, storing username / tokenid / url.

    username: the same username must be created on the Pentaho.
    tokenid: in our case we use jsessionid as token.
    url: the url from the resource on the Pentaho Server.
  3. Third, the application do a sendRedirect to
    http://pentaho-server:8080/pentaho/Integrator?token=<tokenid>&url=<url_enconded_base64>
  4. Then, Pentaho server will decode the url and try do a select on tokensbi table, filtering by tokenid and url.
  5. So, If tokenid/url is valid, Pentaho server will create an authenticated session for the user.

How to use it

  1. Download Pentaho Servlet Integrator

    svn checkout http://pentaho-servlet-integrator.googlecode.com/svn/trunk/ pentaho-servlet-integrator-read-only
    
  2. Save Integrator.jsp on the folder biserver-ce\tomcat\webapps\pentaho\jsp
     
  3. Add the following configurations on the file web.xml

    <servlet>
     <servlet-name>Integrator</servlet-name>
     <jsp-file>/jsp/Integrator.jsp</jsp-file>
    </servlet>

    <servlet-mapping>
     <servlet-name>Integrator</servlet-name>
     <url-pattern>/Integrator</url-pattern>
    </servlet-mapping>

  4. Add the following configuration on the file system\applicationContext-spring-security.xml

    \A/integrator.*\Z=Anonymous,Authenticated

    after the lines

            <![CDATA[
    CONVERT_URL_TO_LOWERCASE_BEFORE_COMPARISON
  5. Create a table called tokensbi

    CREATE TABLE public.tokensbi
    (
      id bigint NOT NULL DEFAULT nextval(('public.toke_seq'::text)::regclass),
      username character varying(32) NOT NULL,
      token character varying(100) NOT NULL,
      url character varying(255) NOT NULL,
      created timestamp without time zone NOT NULL DEFAULT clock_timestamp(),
      CONSTRAINT toke_id_pk PRIMARY KEY (id),
      CONSTRAINT toke_uk UNIQUE (username, url)
    )
  6. Create on the Pentaho Server a new database connection that has access on the tokensbi table.
  7. Edit Integrator.jsp and update the variable DatabaseJndiName, setting the name defined for the new connection.
  8. Change the application to insert a new record on tokensbi table each time that the user click to access some Pentaho resource.

5 comentários:

Unknown disse...

Primeiramente quero agradecer ao seu Post, que está com ótima qualidade .
Bom dia,
Kleyson, essa sua implementação funciona corretamente no Pentaho 5.0 ? Eu fiz uma conexão com a Base do Hipersonic do 5.0 e vi que ele parece não estar utilizando ela, aguardo resposta, obrigado .

jual ebook disse...

very useful information.

Hp Android dan Paket Internet disse...

wow.. thanks for the trick...

penjual sempak sekali pakai disse...

Nice information, thanks for your articles

atasi kanker disse...

thanks for info