Skip to main content
Pentaho Documentation

Set Up Multiple Authentication Providers

/*]]>*/

Overview

Spring security is a cascading security implementation that moves down through a list of security providers, if the first provider fails to authenticate.

If you are using multiple AuthenticationProviders at the same time, you will need to add each one to the applicationContext.spring.security.xml file as shown in these steps. Spring security is a cascading security implementation that moves down through a list of security providers, if the first provider fails to authenticate. We recommend that you make a backup of this file before altering it.

  1. Stop the BA Server and the solution repository.
  2. Navigate to the /pentaho-solutions/system directory and open the applicationContext-­spring-security.xml file with any text editor.
  3. Locate the authenthicationManager bean tags.
    <bean id="authenticationManager" class="org.springframework.security.providers.ProviderManager">
        <property name="providers">
          <list>
    ...
          </list>
    </bean>      
    
  4. First, add AuthenticationProvider information for jackrabbit below the list tag.
    <pen:bean class="org.springframework.security.providers.AuthenticationProvider">
        <pen:attributes>
        <pen:attr key="providerName" value="jackrabbit"/>
        </pen:attributes>
    </pen:bean>       
    
  5. Then, add providerName information right beneath the jackrabbit information. LDAP is used in this example. You can add as many providers as needed.
    <pen:bean class="org.springframework.security.providers.AuthenticationProvider">
        <pen:attributes>
        <pen:attr key="providerName" value="ldap"/>
        </pen:attributes>
    </pen:bean>
    
  6. After you are finished adding AuthenticationProvider information, save and close the file.
  7. Restart the BA server and solution repository.

Here is a more complete example of the authenticationManager portion of the applicationContext-­spring-security.xml file.

<!-- ======================== AUTHENTICATION ======================= -->
 <bean id="authenticationManager" class="org.springframework.security.providers.ProviderManager">
    <property name="providers">
      <list>
        <pen:bean class="org.springframework.security.providers.AuthenticationProvider">
          <pen:attributes>
            <pen:attr key="providerName" value="jackrabbit"/>
          </pen:attributes>
        </pen:bean>
        <pen:bean class="org.springframework.security.providers.AuthenticationProvider">
          <pen:attributes>
            <pen:attr key="providerName" value="webservice"/>
          </pen:attributes>
        </pen:bean>
        <ref local="anonymousAuthenticationProvider" />
      </list>
    </property>
  </bean>
Authentication Provider Examples
 Provider Name Short Description Application Context for AuthenticationProvider
jackrabbit Default Pentaho security. applicationContext-spring-security-jackrabbit.xml
ldap LDAP security applicationContext-spring-security-ldap.xml
jdbc JDBC security allows you to use your own security tables applicationContext-spring-security-jdbc.xml
memory In Memory authentication applicationContext-spring-security-memory.xml