byPassPentahoLogin

Bypass Pentaho Login is a tool to can access to some pentaho resources, such as reports or dashboards, from a third party tool.

The idea behind is to create a token codified in the same way in the Pentaho server and in the third party tool that allow the login

#Usage

###place in WEB-INF/classes the properties file destinos.properties

This properties file looks like this:

  userid=admin
  password=password
  destination_1=/pentaho/api/repos/:public:Steel Wheels:Dashboards:CTools_dashboard.wcdf/generatedContent
  destination_2=/pentaho/api/repos/:public:Steel Wheels:Dashboards:CTools_dashboard.wcdf/generatedContent

This properties file have: -The user credentials we will use to bypass the login. It is recommended NOT to use the admin user for this. -The route of all the destinations available... you can add as much as you want.

###Put the jar byPassPentahoLogin.jar in the pentaho/WEB-INF/lib directory

###Declare the filter and the servlet in the Pentaho web.xml

You should add the filter before Spring Security Filter Chain Proxy

	<filter>
		<filter-name>JortillesCultomFilter</filter-name>
		<filter-class>com.jortilles.pentaho.util.JortillesCultomFilter</filter-class>
	</filter>

And the filter mapping also before Spring Security Filter Chain Proxy ...

    <filter-mapping>
	   <filter-name>JortillesCultomFilter</filter-name>
	   <url-pattern>/Urbano</url-pattern>
	</filter-mapping>

Add the servelt just at the end of the servlet declarations.

  <!-- insert additional servlets -->
  <servlet>
    <servlet-name>Urbano</servlet-name>
    <servlet-class>com.jortilles.pentaho.util.Urbano</servlet-class>
  </servlet>
  
   <servlet-mapping>
    <servlet-name>Urbano</servlet-name>
    <url-pattern>/Urbano</url-pattern>
  </servlet-mapping>

###Finally... if you are using pentaho 5.3 or above you should enable the option to accept user and password form the url. in /pentaho-solutions/system/security.properties you should set to true the parameter requestParameterAuthenticationEnabled

  requestParameterAuthenticationEnabled=true

Take a look at:

https://help.pentaho.com/Documentation/5.3/0P0/000/090

http://pedroalves-bi.blogspot.pt/2015/02/useful-tips-easy-authentication-in.html

###Now you are able to bypass the login by calling:

http://localhost:8080/pentaho/Urbano?token=e99b5cdc07863f1e7bed336bbaf2e2db&dst=destination_1

Where: The destination_1 is the destination you declared in the destinos.properties file.

The token is the md5 hash of the string: date "SomeExtraText" destination where:

The date is the date with the format dd-MM-yyyy
"SomeExtraText" is just some extra text to make the hash ugliest. You can modify the class JortillesCultomFilter and place here you desired text
Destination is the destination you want to go... in this example destination_1

The filter will decode the call and attach the user and password defined in the properties file to the redirection call. As well all the rest of the parameters.

So... now you only have to codify your hash in the same way in the third party tool. And make your call to:

http://localhost:8080/pentaho/Urbano?token=e99b5cdc07863f1e7bed336bbaf2e2db&dst=destination_1

Name		Name	Last commit message	Last commit date
Latest commit History 12 Commits
.settings		.settings
bin/com/jortilles/pentaho/util		bin/com/jortilles/pentaho/util
src/com/jortilles/pentaho/util		src/com/jortilles/pentaho/util
.classpath		.classpath
.project		.project
README.md		README.md
byPassPentahoLogin.jar		byPassPentahoLogin.jar
destinos.properties		destinos.properties

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

Repository files navigation

byPassPentahoLogin

About

Releases

Packages

Languages

jortilles/byPassPentahoLogin

Folders and files

Latest commit

History

Repository files navigation

byPassPentahoLogin

About

Resources

Stars

Watchers

Forks

Releases

Packages 0

Languages

Packages