Modify application security

Pentaho Metadata Editor

Part Number
Perform the following steps to modify application security:
  1. Open the applicationContext-spring-security.xml file with any text editor.
  2. Make sure that a default anonymous role is defined. Match your bean definition and property value to the code shown in the following example:
    <bean id="anonymousProcessingFilter" class="">
      <constructor-arg value="foobar" />
      <constructor-arg value="anonymousUser" />
          <bean class="">
            <constructor-arg value="Anonymous" />
    Note: These next steps permit PDI client tools to publish to the Pentaho Server without having to supply a user name and password.
  3. Find these two beans in the same file from the previous step.
    • filterInvocationInterceptor
    • filterInvocationInterceptorForWS
  4. Locate the securityMetadataSource property inside the beans and match the contents to the code shown in the following example:
    <bean id="filterInvocationInterceptor" class="">
      <property name="authenticationManager" ref="authenticationManager" />
      <property name="accessDecisionManager" ref="httpRequestAccessDecisionManager" />
      <property name="securityMetadataSource">
        <sec:filter-security-metadata-source request-matcher="ciRegex" use-expressions="false">
          <!-- all patterns have Anonymous role access -->
          <sec:intercept-url pattern="\A/.*\Z" access="Anonymous,Authenticated" />
  5. Save and close the applicationContext-spring-security.xml file.