Skip to main content
Pentaho Documentation

Set Up Multiple Authentication Providers

Overview

Spring security is a cascading security implementation that moves down through a list of security providers, if the first provider fails to authenticate.

If you are using multiple AuthenticationProviders at the same time, you will need to add each one to the applicationContext.spring.security.xml file as shown in these steps. Spring security is a cascading security implementation that moves down through a list of security providers, if the first provider fails to authenticate. We recommend that you make a backup of this file before altering it.

  1. Stop the Pentaho Server and the solution repository.
  2. Navigate to the /pentaho-solutions/system directory and open the applicationContext-­spring-security.xml file with any text editor.
  3. Locate the following authenthicationManager bean tags:

    <bean id="authenticationManager" class="org.springframework.security.providers.ProviderManager">
        <property name="providers">
          <list>
    ...
          </list>
    </bean>      
    
  4. First, add the following AuthenticationProvider information for jackrabbit below the list tag:
    <pen:bean class="org.springframework.security.providers.AuthenticationProvider">
        <pen:attributes>
        <pen:attr key="providerName" value="jackrabbit"/>
        </pen:attributes>
    </pen:bean>       
    
  5. Then, add providerName information right beneath the jackrabbit information. LDAP is used in this example. You can add as many providers as needed:
    <pen:bean class="org.springframework.security.providers.AuthenticationProvider">
        <pen:attributes>
        <pen:attr key="providerName" value="ldap"/>
        </pen:attributes>
    </pen:bean>
    
  6. After you are finished adding AuthenticationProvider information, save and close the file.
  7. Restart the Pentaho Server and solution repository.

The following code block is a more complete example of the authenticationManager portion of the applicationContext-­spring-security.xml file:

<!-- ======================== AUTHENTICATION ======================= -->
 <bean id="authenticationManager" class="org.springframework.security.providers.ProviderManager">
    <property name="providers">
      <list>
        <pen:bean class="org.springframework.security.providers.AuthenticationProvider">
          <pen:attributes>
            <pen:attr key="providerName" value="jackrabbit"/>
          </pen:attributes>
        </pen:bean>
        <pen:bean class="org.springframework.security.providers.AuthenticationProvider">
          <pen:attributes>
            <pen:attr key="providerName" value="webservice"/>
          </pen:attributes>
        </pen:bean>
        <ref local="anonymousAuthenticationProvider" />
      </list>
    </property>
  </bean>
Authentication Provider Examples
 Provider Name Short Description Application Context for AuthenticationProvider
Jackrabbit Default Pentaho security. applicationContext-spring-security-jackrabbit.xml
LDAP LDAP security applicationContext-spring-security-ldap.xml
JDBC JDBC security allows you to use your own security tables applicationContext-spring-security-jdbc.xml
Memory In memory authentication applicationContext-spring-security-memory.xml