SlideShare a Scribd company logo

Pentaho Transparent Autenthication

Download as PPTX, PDF
Francesco Corti
Francesco Corti

Pentaho Transparent Authentication is a plugin for Pentaho BA Server that provides the platform with additional authentication and login capabilities, in the form of a spring security filter and a bunch of support classes. The goal of this project is to provide a transparent authentication and autologin mechanism, to let users switch between a different web application and Pentaho in an “Single Sign On fashion”. For more informations, please take a look at: http://fcorti.com/pentaho-transparent-authentication/

Software
1 of 30
Pentaho 1 Transparent Authentication Alberto Mercati - Francesco Corti
Alberto Mercati Senior Developer 2 #PCM15 London 7 Nov ‘15 P e n t a h o Community M e e t i n g Francesco Corti ECM and BI specialist fcorti.com @FrkCorti github.com/fcorti it.linkedin.com/in/fcorti +FrancescoCorti codevomit.wordpress.com github.com/Rospaccio
The goal Imagine to be a web application3 London 7 Nov ‘15 P e n t a h o Community M e e t i n g #PCM15
The goal and you want to access the resources4 #PCM15 London 7 Nov ‘15 P e n t a h o Community M e e t i n g Reports, Dashboards, Analytics, Ecc.{
The goal Pentaho BA Server manages permits5 #PCM15 London 7 Nov ‘15 P e n t a h o Community M e e t i n g
Accessing to Pentaho resources 6 #PCM15 London 7 Nov ‘15 P e n t a h o Community M e e t i n g Identify a valid user Get a valid session Have access
Otherwise… 7 #PCM15 London 7 Nov ‘15 P e n t a h o Community M e e t i n g Access denied!
The solution 8 #PCM15 London 7 Nov ‘15 P e n t a h o Community M e e t i n g Having a valid key to Pentaho BA Server
How to reach that goal? 9 #PCM15 London 7 Nov ‘15 P e n t a h o Community M e e t i n g Without storing passwords Without exchanging passwords in the URLs
Possibile solutions 10 #PCM15 London 7 Nov ‘15 P e n t a h o Community M e e t i n g Use a C.A.S. => Pentaho can do it! Single user managed by the web application => Less secure and clean, but it works! Probably something else…
Possibile solutions 11 #PCM15 London 7 Nov ‘15 P e n t a h o Community M e e t i n g Use a C.A.S. => Pentaho can do it! Single user managed by the web application => Less secure and clean, but it works! Probably something else… Our solution => Users mapping!
The solution 12 #PCM15 London 7 Nov ‘15 P e n t a h o Community M e e t i n g Web Application Web Application Session Pentaho User Pentaho SessionResources Pentaho Transparent Authentication
Pentaho Transparent Authentication is… 13 #PCM15 London 7 Nov ‘15 P e n t a h o Community M e e t i n g An extension of Pentaho BA Server services A collection of REST services that a web application invokes A mapper of an "external user" to a Pentaho user A creator of valid sessions in Pentaho
Interactions 14 #PCM15 London 7 Nov ‘15 P e n t a h o Community M e e t i n g Web Application + click() get_ticket() ticket target_url redirect() Client (browser)
Interactions 15 #PCM15 London 7 Nov ‘15 P e n t a h o Community M e e t i n g Web Application + click() get_ticket() ticket target_url redirect() 1.Pentaho recognize the ticket. 2.Pentaho creates a session. 3.Direct access to the resource. Client (browser) Compose the REST call 1.The user is mapped in a Pentaho user. 2.A ticket is created.
Interactions 16 #PCM15 London 7 Nov ‘15 P e n t a h o Community M e e t i n g Web Application + click() get_ticket() ticket target_url redirect() Client (browser)
get_ticket() 17 #PCM15 London 7 Nov ‘15 P e n t a h o Community M e e t i n g http://<pentaho>/pentaho/Login?generate-ticket=1&app=test&username=user1 Base url. Tells the login ticket generator to issue a login ticket. Name of the application requesting the login ticket. Web application user name.
User resolution 18 #PCM15 London 7 Nov ‘15 P e n t a h o Community M e e t i n g Web application Username Pentaho Username myApplication user1 admin user2 pat user3 suzy anotherApplication userFromAnotherApp jeff ticket_id: e8617a46-d7d3-4bee-9345-e5fb8fea80fa Valid tickets are stored in a temporary cache per user The duration can be set in a configuration file
Interactions 19 #PCM15 London 7 Nov ‘15 P e n t a h o Community M e e t i n g Web Application + click() get_ticket() ticket target_url redirect() Composing the target url Client (browser)
Composing the target url 20 #PCM15 London 7 Nov ‘15 P e n t a h o Community M e e t i n g https://<pentaho>/pentaho/Home?autologin=true&ticket=e8617a46-d7d3-4bee-9345- e5fb8fea80fa Base url. Autologin request. Ticket.
Interactions 21 #PCM15 London 7 Nov ‘15 P e n t a h o Community M e e t i n g Web Application + click() get_ticket() ticket target_url redirect() The Pentaho autologin Client (browser)
The autologin 22 #PCM15 London 7 Nov ‘15 P e n t a h o Community M e e t i n g Pentaho BA Server receives the autologin request
The autologin 23 #PCM15 London 7 Nov ‘15 P e n t a h o Community M e e t i n g Pentaho BA Server receives the autologin request Pentaho BA Server checks the ticket in the temporary cache
The autologin 24 #PCM15 London 7 Nov ‘15 P e n t a h o Community M e e t i n g Pentaho BA Server receives the autologin request Pentaho BA Server checks the ticket in the temporary cache If succeed the user is logged in the resource is accessed
PentahoTA is in the marketplace 25 #PCM15 London 7 Nov ‘15 P e n t a h o Community M e e t i n g
PentahoTA versions 26 #PCM15 London 7 Nov ‘15 P e n t a h o Community M e e t i n g => v1.0 v5.4 => v1.1 v6.0
Next steps 27 #PCM15 London 7 Nov ‘15 P e n t a h o Community M e e t i n g Storing the mapping in a database instead of a configuration file Developing some admin RESTs to manage the CRUD operations Developing a user interface to manage the mapping
See it in action 28 #PCM15 London 7 Nov ‘15 P e n t a h o Community M e e t i n g
Q&A 29 #PCM15 London 7 Nov ‘15 P e n t a h o Community M e e t i n g Pentaho Transparent Authentication
Pictures by 30 #PCM15 London 7 Nov ‘15 P e n t a h o Community M e e t i n g all rights reserved

Recommended

Explicación cmap
Explicación cmapExplicación cmap
Explicación cmap
JoannaAA13
 
Bitcoin protocol for developers at techfest
Bitcoin protocol for developers at techfestBitcoin protocol for developers at techfest
Bitcoin protocol for developers at techfest
Alberto Gomez Toribio
 
Bitcoin protocol for developerBitcoin Protocol for Developers
Bitcoin protocol for developerBitcoin Protocol for DevelopersBitcoin protocol for developerBitcoin Protocol for Developers
Bitcoin protocol for developerBitcoin Protocol for Developers
Paradigma Digital
 
FIDO Authentication: Its Evolution and Opportunities in Business -FIDO Allian...
FIDO Authentication: Its Evolution and Opportunities in Business -FIDO Allian...FIDO Authentication: Its Evolution and Opportunities in Business -FIDO Allian...
FIDO Authentication: Its Evolution and Opportunities in Business -FIDO Allian...
FIDO Alliance
 
When business meets measurement protocol - atdconf - 2017 - Tel Aviv
When business meets measurement protocol - atdconf - 2017 - Tel AvivWhen business meets measurement protocol - atdconf - 2017 - Tel Aviv
When business meets measurement protocol - atdconf - 2017 - Tel Aviv
Zorin Radovancevic
 
Google Analytics and Tracking Analytics Across Multiple Sites
Google Analytics and Tracking Analytics Across Multiple SitesGoogle Analytics and Tracking Analytics Across Multiple Sites
Google Analytics and Tracking Analytics Across Multiple Sites
Brightfind
 
Products and Services
Products and ServicesProducts and Services
Products and Services
betserviceitalia
 
The Dark Side of Certificate Transparency
The Dark Side of Certificate TransparencyThe Dark Side of Certificate Transparency
The Dark Side of Certificate Transparency
Aan
 

Recommended

Explicación cmap
Explicación cmapExplicación cmap
Explicación cmap
JoannaAA13
 
Bitcoin protocol for developers at techfest
Bitcoin protocol for developers at techfestBitcoin protocol for developers at techfest
Bitcoin protocol for developers at techfest
Alberto Gomez Toribio
 
Bitcoin protocol for developerBitcoin Protocol for Developers
Bitcoin protocol for developerBitcoin Protocol for DevelopersBitcoin protocol for developerBitcoin Protocol for Developers
Bitcoin protocol for developerBitcoin Protocol for Developers
Paradigma Digital
 
FIDO Authentication: Its Evolution and Opportunities in Business -FIDO Allian...
FIDO Authentication: Its Evolution and Opportunities in Business -FIDO Allian...FIDO Authentication: Its Evolution and Opportunities in Business -FIDO Allian...
FIDO Authentication: Its Evolution and Opportunities in Business -FIDO Allian...
FIDO Alliance
 
When business meets measurement protocol - atdconf - 2017 - Tel Aviv
When business meets measurement protocol - atdconf - 2017 - Tel AvivWhen business meets measurement protocol - atdconf - 2017 - Tel Aviv
When business meets measurement protocol - atdconf - 2017 - Tel Aviv
Zorin Radovancevic
 
Google Analytics and Tracking Analytics Across Multiple Sites
Google Analytics and Tracking Analytics Across Multiple SitesGoogle Analytics and Tracking Analytics Across Multiple Sites
Google Analytics and Tracking Analytics Across Multiple Sites
Brightfind
 
Products and Services
Products and ServicesProducts and Services
Products and Services
betserviceitalia
 
The Dark Side of Certificate Transparency
The Dark Side of Certificate TransparencyThe Dark Side of Certificate Transparency
The Dark Side of Certificate Transparency
Aan
 
Implementing Open Banking with ForgeRock
Implementing Open Banking with ForgeRockImplementing Open Banking with ForgeRock
Implementing Open Banking with ForgeRock
ForgeRock Identity Tech Talks
 
Batbwjs36
Batbwjs36Batbwjs36
Batbwjs36
Shannon Gallagher
 
Zorin Radovancevic - All Things DATA 2017
Zorin Radovancevic - All Things DATA 2017Zorin Radovancevic - All Things DATA 2017
Zorin Radovancevic - All Things DATA 2017
Shuki Mann
 
IoT: beyond the coffee machine
IoT: beyond the coffee machineIoT: beyond the coffee machine
IoT: beyond the coffee machine
Eric Favre
 
Quantstamp (qsp)
Quantstamp (qsp)Quantstamp (qsp)
Quantstamp (qsp)
Joseph Wilmouth
 
Gerrit Analytics applied to Android source code
Gerrit Analytics applied to Android source codeGerrit Analytics applied to Android source code
Gerrit Analytics applied to Android source code
Luca Milanesio
 
Understanding Business APIs through statistics
Understanding Business APIs through statisticsUnderstanding Business APIs through statistics
Understanding Business APIs through statistics
WSO2
 
Why I've to waste my time on cryptography? - Andrea Pompili - Codemotion Rome...
Why I've to waste my time on cryptography? - Andrea Pompili - Codemotion Rome...Why I've to waste my time on cryptography? - Andrea Pompili - Codemotion Rome...
Why I've to waste my time on cryptography? - Andrea Pompili - Codemotion Rome...
Codemotion
 
The journey of an innovative and disruptive technology in a big and organized...
The journey of an innovative and disruptive technology in a big and organized...The journey of an innovative and disruptive technology in a big and organized...
The journey of an innovative and disruptive technology in a big and organized...
Codemotion
 
Pcpgh3 Analytics
Pcpgh3 AnalyticsPcpgh3 Analytics
Pcpgh3 Analytics
itpittsburgh
 
DevOps Days Austin 2014 - Vendor DEMO
DevOps Days Austin 2014 - Vendor DEMODevOps Days Austin 2014 - Vendor DEMO
DevOps Days Austin 2014 - Vendor DEMO
stonevil
 
Paris Tech Talk #5: From Pull to Push
Paris Tech Talk #5: From Pull to PushParis Tech Talk #5: From Pull to Push
Paris Tech Talk #5: From Pull to Push
Betclic Everest Group Tech Team
 
PayPal Real Time Analytics
PayPal Real Time AnalyticsPayPal Real Time Analytics
PayPal Real Time Analytics
Anil Madan
 
Analytics, part of my 2014-2015 lectures at the University of Bergamo.
Analytics, part of my 2014-2015 lectures at the University of Bergamo.Analytics, part of my 2014-2015 lectures at the University of Bergamo.
Analytics, part of my 2014-2015 lectures at the University of Bergamo.
Roberto Peretta
 
online marketplace report
online marketplace reportonline marketplace report
online marketplace report
Priyanka Deoghare
 
BizDay: Digital Micro-Lending and Debt Crowd Funding Platform, JVentures
BizDay: Digital Micro-Lending and Debt Crowd Funding Platform, JVenturesBizDay: Digital Micro-Lending and Debt Crowd Funding Platform, JVentures
BizDay: Digital Micro-Lending and Debt Crowd Funding Platform, JVentures
R3
 
PTZOptics® 2016 Partner Webinar
PTZOptics® 2016 Partner WebinarPTZOptics® 2016 Partner Webinar
PTZOptics® 2016 Partner Webinar
Paul Richards
 
How Le Wagon uses Trello
How Le Wagon uses TrelloHow Le Wagon uses Trello
How Le Wagon uses Trello
Sébastien Saunier
 
apidays LIVE Paris 2021 - API Monetization by Marc-Antoine Lacroix (Qonto) & ...
apidays LIVE Paris 2021 - API Monetization by Marc-Antoine Lacroix (Qonto) & ...apidays LIVE Paris 2021 - API Monetization by Marc-Antoine Lacroix (Qonto) & ...
apidays LIVE Paris 2021 - API Monetization by Marc-Antoine Lacroix (Qonto) & ...
apidays
 
In-house OAuth/OIDC Infrastructure as a Competitive Advantage #eic2021
In-house OAuth/OIDC Infrastructure as a Competitive Advantage #eic2021In-house OAuth/OIDC Infrastructure as a Competitive Advantage #eic2021
In-house OAuth/OIDC Infrastructure as a Competitive Advantage #eic2021
Tatsuo Kudo
 
Where developers are challenged, what developers want and where DevEx is going
Where developers are challenged, what developers want and where DevEx is goingWhere developers are challenged, what developers want and where DevEx is going
Where developers are challenged, what developers want and where DevEx is going
Francesco Corti
 
From the origin to the future of Open Source model and business
From the origin to the future of Open Source model and businessFrom the origin to the future of Open Source model and business
From the origin to the future of Open Source model and business
Francesco Corti
 

More Related Content

Similar to Pentaho Transparent Autenthication

Zorin Radovancevic - All Things DATA 2017
Zorin Radovancevic - All Things DATA 2017Zorin Radovancevic - All Things DATA 2017
Zorin Radovancevic - All Things DATA 2017
Shuki Mann
 
Understanding Business APIs through statistics
Understanding Business APIs through statisticsUnderstanding Business APIs through statistics
Understanding Business APIs through statistics
WSO2
 

Similar to Pentaho Transparent Autenthication (20)

Implementing Open Banking with ForgeRock
Implementing Open Banking with ForgeRockImplementing Open Banking with ForgeRock
Implementing Open Banking with ForgeRock
 
Batbwjs36
Batbwjs36Batbwjs36
Batbwjs36
 
Zorin Radovancevic - All Things DATA 2017
Zorin Radovancevic - All Things DATA 2017Zorin Radovancevic - All Things DATA 2017
Zorin Radovancevic - All Things DATA 2017
 
IoT: beyond the coffee machine
IoT: beyond the coffee machineIoT: beyond the coffee machine
IoT: beyond the coffee machine
 
Quantstamp (qsp)
Quantstamp (qsp)Quantstamp (qsp)
Quantstamp (qsp)
 
Gerrit Analytics applied to Android source code
Gerrit Analytics applied to Android source codeGerrit Analytics applied to Android source code
Gerrit Analytics applied to Android source code
 
Understanding Business APIs through statistics
Understanding Business APIs through statisticsUnderstanding Business APIs through statistics
Understanding Business APIs through statistics
 
Why I've to waste my time on cryptography? - Andrea Pompili - Codemotion Rome...
Why I've to waste my time on cryptography? - Andrea Pompili - Codemotion Rome...Why I've to waste my time on cryptography? - Andrea Pompili - Codemotion Rome...
Why I've to waste my time on cryptography? - Andrea Pompili - Codemotion Rome...
 
The journey of an innovative and disruptive technology in a big and organized...
The journey of an innovative and disruptive technology in a big and organized...The journey of an innovative and disruptive technology in a big and organized...
The journey of an innovative and disruptive technology in a big and organized...
 
Pcpgh3 Analytics
Pcpgh3 AnalyticsPcpgh3 Analytics
Pcpgh3 Analytics
 
DevOps Days Austin 2014 - Vendor DEMO
DevOps Days Austin 2014 - Vendor DEMODevOps Days Austin 2014 - Vendor DEMO
DevOps Days Austin 2014 - Vendor DEMO
 
Paris Tech Talk #5: From Pull to Push
Paris Tech Talk #5: From Pull to PushParis Tech Talk #5: From Pull to Push
Paris Tech Talk #5: From Pull to Push
 
PayPal Real Time Analytics
PayPal Real Time AnalyticsPayPal Real Time Analytics
PayPal Real Time Analytics
 
Analytics, part of my 2014-2015 lectures at the University of Bergamo.
Analytics, part of my 2014-2015 lectures at the University of Bergamo.Analytics, part of my 2014-2015 lectures at the University of Bergamo.
Analytics, part of my 2014-2015 lectures at the University of Bergamo.
 
online marketplace report
online marketplace reportonline marketplace report
online marketplace report
 
BizDay: Digital Micro-Lending and Debt Crowd Funding Platform, JVentures
BizDay: Digital Micro-Lending and Debt Crowd Funding Platform, JVenturesBizDay: Digital Micro-Lending and Debt Crowd Funding Platform, JVentures
BizDay: Digital Micro-Lending and Debt Crowd Funding Platform, JVentures
 
PTZOptics® 2016 Partner Webinar
PTZOptics® 2016 Partner WebinarPTZOptics® 2016 Partner Webinar
PTZOptics® 2016 Partner Webinar
 
How Le Wagon uses Trello
How Le Wagon uses TrelloHow Le Wagon uses Trello
How Le Wagon uses Trello
 
apidays LIVE Paris 2021 - API Monetization by Marc-Antoine Lacroix (Qonto) & ...
apidays LIVE Paris 2021 - API Monetization by Marc-Antoine Lacroix (Qonto) & ...apidays LIVE Paris 2021 - API Monetization by Marc-Antoine Lacroix (Qonto) & ...
apidays LIVE Paris 2021 - API Monetization by Marc-Antoine Lacroix (Qonto) & ...
 
In-house OAuth/OIDC Infrastructure as a Competitive Advantage #eic2021
In-house OAuth/OIDC Infrastructure as a Competitive Advantage #eic2021In-house OAuth/OIDC Infrastructure as a Competitive Advantage #eic2021
In-house OAuth/OIDC Infrastructure as a Competitive Advantage #eic2021
 

More from Francesco Corti

Successi (e insuccessi) nel lavoro in team con Product Manager, Engineering, ...
Successi (e insuccessi) nel lavoro in team con Product Manager, Engineering, ...Successi (e insuccessi) nel lavoro in team con Product Manager, Engineering, ...
Successi (e insuccessi) nel lavoro in team con Product Manager, Engineering, ...
Francesco Corti
 
Lessons Learned About The Tension Between Product Manager And Engineering Whi...
Lessons Learned About The Tension Between Product Manager And Engineering Whi...Lessons Learned About The Tension Between Product Manager And Engineering Whi...
Lessons Learned About The Tension Between Product Manager And Engineering Whi...
Francesco Corti
 
Organization and challenges (with best practices) behind a successful open-so...
Organization and challenges (with best practices) behind a successful open-so...Organization and challenges (with best practices) behind a successful open-so...
Organization and challenges (with best practices) behind a successful open-so...
Francesco Corti
 
Alfresco DevCon 2018 - Embedding Pentaho dashboards into an Alfresco ADF appl...
Alfresco DevCon 2018 - Embedding Pentaho dashboards into an Alfresco ADF appl...Alfresco DevCon 2018 - Embedding Pentaho dashboards into an Alfresco ADF appl...
Alfresco DevCon 2018 - Embedding Pentaho dashboards into an Alfresco ADF appl...
Francesco Corti
 
Alfresco Tech Talk n.73 - Business Intelligence for ECM Practitioners
Alfresco Tech Talk n.73 - Business Intelligence for ECM PractitionersAlfresco Tech Talk n.73 - Business Intelligence for ECM Practitioners
Alfresco Tech Talk n.73 - Business Intelligence for ECM Practitioners
Francesco Corti
 

More from Francesco Corti (18)

Where developers are challenged, what developers want and where DevEx is going
Where developers are challenged, what developers want and where DevEx is goingWhere developers are challenged, what developers want and where DevEx is going
Where developers are challenged, what developers want and where DevEx is going
 
From the origin to the future of Open Source model and business
From the origin to the future of Open Source model and businessFrom the origin to the future of Open Source model and business
From the origin to the future of Open Source model and business
 
Successi (e insuccessi) nel lavoro in team con Product Manager, Engineering, ...
Successi (e insuccessi) nel lavoro in team con Product Manager, Engineering, ...Successi (e insuccessi) nel lavoro in team con Product Manager, Engineering, ...
Successi (e insuccessi) nel lavoro in team con Product Manager, Engineering, ...
 
Lessons Learned About The Tension Between Product Manager And Engineering Whi...
Lessons Learned About The Tension Between Product Manager And Engineering Whi...Lessons Learned About The Tension Between Product Manager And Engineering Whi...
Lessons Learned About The Tension Between Product Manager And Engineering Whi...
 
Organization and challenges (with best practices) behind a successful open-so...
Organization and challenges (with best practices) behind a successful open-so...Organization and challenges (with best practices) behind a successful open-so...
Organization and challenges (with best practices) behind a successful open-so...
 
Caring About DevEx & the Impact of Open Source
Caring About DevEx & the Impact of Open SourceCaring About DevEx & the Impact of Open Source
Caring About DevEx & the Impact of Open Source
 
How Spotify reaches the 80%+ of satisfaction of the techies making developers...
How Spotify reaches the 80%+ of satisfaction of the techies making developers...How Spotify reaches the 80%+ of satisfaction of the techies making developers...
How Spotify reaches the 80%+ of satisfaction of the techies making developers...
 
Alfresco DevCon 2019 - Do you know what the Alfresco heartbeat is?
Alfresco DevCon 2019 - Do you know what the Alfresco heartbeat is?Alfresco DevCon 2019 - Do you know what the Alfresco heartbeat is?
Alfresco DevCon 2019 - Do you know what the Alfresco heartbeat is?
 
Alfresco DevCon 2019 - Alfresco Identity Services in Action
Alfresco DevCon 2019 - Alfresco Identity Services in ActionAlfresco DevCon 2019 - Alfresco Identity Services in Action
Alfresco DevCon 2019 - Alfresco Identity Services in Action
 
Alfresco DevCon 2018 - Embedding Pentaho dashboards into an Alfresco ADF appl...
Alfresco DevCon 2018 - Embedding Pentaho dashboards into an Alfresco ADF appl...Alfresco DevCon 2018 - Embedding Pentaho dashboards into an Alfresco ADF appl...
Alfresco DevCon 2018 - Embedding Pentaho dashboards into an Alfresco ADF appl...
 
Pentaho 8 Reporting for Java Developers - Because details matter
Pentaho 8 Reporting for Java Developers - Because details matterPentaho 8 Reporting for Java Developers - Because details matter
Pentaho 8 Reporting for Java Developers - Because details matter
 
Next generation content intelligence (BeeCon 2017)
Next generation content intelligence (BeeCon 2017)Next generation content intelligence (BeeCon 2017)
Next generation content intelligence (BeeCon 2017)
 
Alfresco press in Office Hours (2017-02-24)
Alfresco press in Office Hours (2017-02-24)Alfresco press in Office Hours (2017-02-24)
Alfresco press in Office Hours (2017-02-24)
 
Alfresco press in Office Hours (2017-01-27)
Alfresco press in Office Hours (2017-01-27)Alfresco press in Office Hours (2017-01-27)
Alfresco press in Office Hours (2017-01-27)
 
Alfresco press in Office Hours (2016-12-16)
Alfresco press in Office Hours (2016-12-16)Alfresco press in Office Hours (2016-12-16)
Alfresco press in Office Hours (2016-12-16)
 
Alfresco press in Tech Talk Live #99
Alfresco press in Tech Talk Live #99Alfresco press in Tech Talk Live #99
Alfresco press in Tech Talk Live #99
 
Content Intelligence on Alfresco with A.A.A.R. (BeeCon 2016)
Content Intelligence on Alfresco with A.A.A.R. (BeeCon 2016)Content Intelligence on Alfresco with A.A.A.R. (BeeCon 2016)
Content Intelligence on Alfresco with A.A.A.R. (BeeCon 2016)
 
Alfresco Tech Talk n.73 - Business Intelligence for ECM Practitioners
Alfresco Tech Talk n.73 - Business Intelligence for ECM PractitionersAlfresco Tech Talk n.73 - Business Intelligence for ECM Practitioners
Alfresco Tech Talk n.73 - Business Intelligence for ECM Practitioners
 

Recently uploaded

What Goes Wrong with Language Definitions and How to Improve the Situation
What Goes Wrong with Language Definitions and How to Improve the SituationWhat Goes Wrong with Language Definitions and How to Improve the Situation
What Goes Wrong with Language Definitions and How to Improve the Situation
Juha-Pekka Tolvanen
 
%+27788225528 love spells in Atlanta Psychic Readings, Attraction spells,Brin...
%+27788225528 love spells in Atlanta Psychic Readings, Attraction spells,Brin...%+27788225528 love spells in Atlanta Psychic Readings, Attraction spells,Brin...
%+27788225528 love spells in Atlanta Psychic Readings, Attraction spells,Brin...
masabamasaba
 
Abortion Pills In Pretoria ](+27832195400*)[ 🏥 Women's Abortion Clinic In Pre...
Abortion Pills In Pretoria ](+27832195400*)[ 🏥 Women's Abortion Clinic In Pre...Abortion Pills In Pretoria ](+27832195400*)[ 🏥 Women's Abortion Clinic In Pre...
Abortion Pills In Pretoria ](+27832195400*)[ 🏥 Women's Abortion Clinic In Pre...
Medical / Health Care (+971588192166) Mifepristone and Misoprostol tablets 200mg
 
Large-scale Logging Made Easy: Meetup at Deutsche Bank 2024
Large-scale Logging Made Easy: Meetup at Deutsche Bank 2024Large-scale Logging Made Easy: Meetup at Deutsche Bank 2024
Large-scale Logging Made Easy: Meetup at Deutsche Bank 2024
VictoriaMetrics
 
%+27788225528 love spells in Huntington Beach Psychic Readings, Attraction sp...
%+27788225528 love spells in Huntington Beach Psychic Readings, Attraction sp...%+27788225528 love spells in Huntington Beach Psychic Readings, Attraction sp...
%+27788225528 love spells in Huntington Beach Psychic Readings, Attraction sp...
masabamasaba
 
Love witchcraft +27768521739 Binding love spell in Sandy Springs, GA |psychic...
Love witchcraft +27768521739 Binding love spell in Sandy Springs, GA |psychic...Love witchcraft +27768521739 Binding love spell in Sandy Springs, GA |psychic...
Love witchcraft +27768521739 Binding love spell in Sandy Springs, GA |psychic...
chiefasafspells
 

Recently uploaded (20)

What Goes Wrong with Language Definitions and How to Improve the Situation
What Goes Wrong with Language Definitions and How to Improve the SituationWhat Goes Wrong with Language Definitions and How to Improve the Situation
What Goes Wrong with Language Definitions and How to Improve the Situation
 
%+27788225528 love spells in Atlanta Psychic Readings, Attraction spells,Brin...
%+27788225528 love spells in Atlanta Psychic Readings, Attraction spells,Brin...%+27788225528 love spells in Atlanta Psychic Readings, Attraction spells,Brin...
%+27788225528 love spells in Atlanta Psychic Readings, Attraction spells,Brin...
 
%in ivory park+277-882-255-28 abortion pills for sale in ivory park
%in ivory park+277-882-255-28 abortion pills for sale in ivory park %in ivory park+277-882-255-28 abortion pills for sale in ivory park
%in ivory park+277-882-255-28 abortion pills for sale in ivory park
 
WSO2CON 2024 - Navigating API Complexity: REST, GraphQL, gRPC, Websocket, Web...
WSO2CON 2024 - Navigating API Complexity: REST, GraphQL, gRPC, Websocket, Web...WSO2CON 2024 - Navigating API Complexity: REST, GraphQL, gRPC, Websocket, Web...
WSO2CON 2024 - Navigating API Complexity: REST, GraphQL, gRPC, Websocket, Web...
 
%in Midrand+277-882-255-28 abortion pills for sale in midrand
%in Midrand+277-882-255-28 abortion pills for sale in midrand%in Midrand+277-882-255-28 abortion pills for sale in midrand
%in Midrand+277-882-255-28 abortion pills for sale in midrand
 
Artyushina_Guest lecture_YorkU CS May 2024.pptx
Artyushina_Guest lecture_YorkU CS May 2024.pptxArtyushina_Guest lecture_YorkU CS May 2024.pptx
Artyushina_Guest lecture_YorkU CS May 2024.pptx
 
tonesoftg
tonesoftgtonesoftg
tonesoftg
 
Abortion Pills In Pretoria ](+27832195400*)[ 🏥 Women's Abortion Clinic In Pre...
Abortion Pills In Pretoria ](+27832195400*)[ 🏥 Women's Abortion Clinic In Pre...Abortion Pills In Pretoria ](+27832195400*)[ 🏥 Women's Abortion Clinic In Pre...
Abortion Pills In Pretoria ](+27832195400*)[ 🏥 Women's Abortion Clinic In Pre...
 
Direct Style Effect Systems - The Print[A] Example - A Comprehension Aid
Direct Style Effect Systems - The Print[A] Example - A Comprehension AidDirect Style Effect Systems - The Print[A] Example - A Comprehension Aid
Direct Style Effect Systems - The Print[A] Example - A Comprehension Aid
 
OpenChain - The Ramifications of ISO/IEC 5230 and ISO/IEC 18974 for Legal Pro...
OpenChain - The Ramifications of ISO/IEC 5230 and ISO/IEC 18974 for Legal Pro...OpenChain - The Ramifications of ISO/IEC 5230 and ISO/IEC 18974 for Legal Pro...
OpenChain - The Ramifications of ISO/IEC 5230 and ISO/IEC 18974 for Legal Pro...
 
WSO2CON 2024 Slides - Open Source to SaaS
WSO2CON 2024 Slides - Open Source to SaaSWSO2CON 2024 Slides - Open Source to SaaS
WSO2CON 2024 Slides - Open Source to SaaS
 
Large-scale Logging Made Easy: Meetup at Deutsche Bank 2024
Large-scale Logging Made Easy: Meetup at Deutsche Bank 2024Large-scale Logging Made Easy: Meetup at Deutsche Bank 2024
Large-scale Logging Made Easy: Meetup at Deutsche Bank 2024
 
%+27788225528 love spells in Huntington Beach Psychic Readings, Attraction sp...
%+27788225528 love spells in Huntington Beach Psychic Readings, Attraction sp...%+27788225528 love spells in Huntington Beach Psychic Readings, Attraction sp...
%+27788225528 love spells in Huntington Beach Psychic Readings, Attraction sp...
 
WSO2CON 2024 - Building the API First Enterprise – Running an API Program, fr...
WSO2CON 2024 - Building the API First Enterprise – Running an API Program, fr...WSO2CON 2024 - Building the API First Enterprise – Running an API Program, fr...
WSO2CON 2024 - Building the API First Enterprise – Running an API Program, fr...
 
Love witchcraft +27768521739 Binding love spell in Sandy Springs, GA |psychic...
Love witchcraft +27768521739 Binding love spell in Sandy Springs, GA |psychic...Love witchcraft +27768521739 Binding love spell in Sandy Springs, GA |psychic...
Love witchcraft +27768521739 Binding love spell in Sandy Springs, GA |psychic...
 
MarTech Trend 2024 Book : Marketing Technology Trends (2024 Edition) How Data...
MarTech Trend 2024 Book : Marketing Technology Trends (2024 Edition) How Data...MarTech Trend 2024 Book : Marketing Technology Trends (2024 Edition) How Data...
MarTech Trend 2024 Book : Marketing Technology Trends (2024 Edition) How Data...
 
%in Benoni+277-882-255-28 abortion pills for sale in Benoni
%in Benoni+277-882-255-28 abortion pills for sale in Benoni%in Benoni+277-882-255-28 abortion pills for sale in Benoni
%in Benoni+277-882-255-28 abortion pills for sale in Benoni
 
WSO2Con2024 - WSO2's IAM Vision: Identity-Led Digital Transformation
WSO2Con2024 - WSO2's IAM Vision: Identity-Led Digital TransformationWSO2Con2024 - WSO2's IAM Vision: Identity-Led Digital Transformation
WSO2Con2024 - WSO2's IAM Vision: Identity-Led Digital Transformation
 
%in Stilfontein+277-882-255-28 abortion pills for sale in Stilfontein
%in Stilfontein+277-882-255-28 abortion pills for sale in Stilfontein%in Stilfontein+277-882-255-28 abortion pills for sale in Stilfontein
%in Stilfontein+277-882-255-28 abortion pills for sale in Stilfontein
 
WSO2CON 2024 - Does Open Source Still Matter?
WSO2CON 2024 - Does Open Source Still Matter?WSO2CON 2024 - Does Open Source Still Matter?
WSO2CON 2024 - Does Open Source Still Matter?
 

Pentaho Transparent Autenthication

  • 2. Alberto Mercati Senior Developer 2 #PCM15 London 7 Nov ‘15 P e n t a h o Community M e e t i n g Francesco Corti ECM and BI specialist fcorti.com @FrkCorti github.com/fcorti it.linkedin.com/in/fcorti +FrancescoCorti codevomit.wordpress.com github.com/Rospaccio
  • 3. The goal Imagine to be a web application3 London 7 Nov ‘15 P e n t a h o Community M e e t i n g #PCM15
  • 4. The goal and you want to access the resources4 #PCM15 London 7 Nov ‘15 P e n t a h o Community M e e t i n g Reports, Dashboards, Analytics, Ecc.{
  • 5. The goal Pentaho BA Server manages permits5 #PCM15 London 7 Nov ‘15 P e n t a h o Community M e e t i n g
  • 6. Accessing to Pentaho resources 6 #PCM15 London 7 Nov ‘15 P e n t a h o Community M e e t i n g Identify a valid user Get a valid session Have access
  • 7. Otherwise… 7 #PCM15 London 7 Nov ‘15 P e n t a h o Community M e e t i n g Access denied!
  • 8. The solution 8 #PCM15 London 7 Nov ‘15 P e n t a h o Community M e e t i n g Having a valid key to Pentaho BA Server
  • 9. How to reach that goal? 9 #PCM15 London 7 Nov ‘15 P e n t a h o Community M e e t i n g Without storing passwords Without exchanging passwords in the URLs
  • 10. Possibile solutions 10 #PCM15 London 7 Nov ‘15 P e n t a h o Community M e e t i n g Use a C.A.S. => Pentaho can do it! Single user managed by the web application => Less secure and clean, but it works! Probably something else…
  • 11. Possibile solutions 11 #PCM15 London 7 Nov ‘15 P e n t a h o Community M e e t i n g Use a C.A.S. => Pentaho can do it! Single user managed by the web application => Less secure and clean, but it works! Probably something else… Our solution => Users mapping!
  • 12. The solution 12 #PCM15 London 7 Nov ‘15 P e n t a h o Community M e e t i n g Web Application Web Application Session Pentaho User Pentaho SessionResources Pentaho Transparent Authentication
  • 13. Pentaho Transparent Authentication is… 13 #PCM15 London 7 Nov ‘15 P e n t a h o Community M e e t i n g An extension of Pentaho BA Server services A collection of REST services that a web application invokes A mapper of an "external user" to a Pentaho user A creator of valid sessions in Pentaho
  • 14. Interactions 14 #PCM15 London 7 Nov ‘15 P e n t a h o Community M e e t i n g Web Application + click() get_ticket() ticket target_url redirect() Client (browser)
  • 15. Interactions 15 #PCM15 London 7 Nov ‘15 P e n t a h o Community M e e t i n g Web Application + click() get_ticket() ticket target_url redirect() 1.Pentaho recognize the ticket. 2.Pentaho creates a session. 3.Direct access to the resource. Client (browser) Compose the REST call 1.The user is mapped in a Pentaho user. 2.A ticket is created.
  • 16. Interactions 16 #PCM15 London 7 Nov ‘15 P e n t a h o Community M e e t i n g Web Application + click() get_ticket() ticket target_url redirect() Client (browser)
  • 17. get_ticket() 17 #PCM15 London 7 Nov ‘15 P e n t a h o Community M e e t i n g http://<pentaho>/pentaho/Login?generate-ticket=1&app=test&username=user1 Base url. Tells the login ticket generator to issue a login ticket. Name of the application requesting the login ticket. Web application user name.
  • 18. User resolution 18 #PCM15 London 7 Nov ‘15 P e n t a h o Community M e e t i n g Web application Username Pentaho Username myApplication user1 admin user2 pat user3 suzy anotherApplication userFromAnotherApp jeff ticket_id: e8617a46-d7d3-4bee-9345-e5fb8fea80fa Valid tickets are stored in a temporary cache per user The duration can be set in a configuration file
  • 19. Interactions 19 #PCM15 London 7 Nov ‘15 P e n t a h o Community M e e t i n g Web Application + click() get_ticket() ticket target_url redirect() Composing the target url Client (browser)
  • 20. Composing the target url 20 #PCM15 London 7 Nov ‘15 P e n t a h o Community M e e t i n g https://<pentaho>/pentaho/Home?autologin=true&ticket=e8617a46-d7d3-4bee-9345- e5fb8fea80fa Base url. Autologin request. Ticket.
  • 21. Interactions 21 #PCM15 London 7 Nov ‘15 P e n t a h o Community M e e t i n g Web Application + click() get_ticket() ticket target_url redirect() The Pentaho autologin Client (browser)
  • 22. The autologin 22 #PCM15 London 7 Nov ‘15 P e n t a h o Community M e e t i n g Pentaho BA Server receives the autologin request
  • 23. The autologin 23 #PCM15 London 7 Nov ‘15 P e n t a h o Community M e e t i n g Pentaho BA Server receives the autologin request Pentaho BA Server checks the ticket in the temporary cache
  • 24. The autologin 24 #PCM15 London 7 Nov ‘15 P e n t a h o Community M e e t i n g Pentaho BA Server receives the autologin request Pentaho BA Server checks the ticket in the temporary cache If succeed the user is logged in the resource is accessed
  • 25. PentahoTA is in the marketplace 25 #PCM15 London 7 Nov ‘15 P e n t a h o Community M e e t i n g
  • 26. PentahoTA versions 26 #PCM15 London 7 Nov ‘15 P e n t a h o Community M e e t i n g => v1.0 v5.4 => v1.1 v6.0
  • 27. Next steps 27 #PCM15 London 7 Nov ‘15 P e n t a h o Community M e e t i n g Storing the mapping in a database instead of a configuration file Developing some admin RESTs to manage the CRUD operations Developing a user interface to manage the mapping
  • 28. See it in action 28 #PCM15 London 7 Nov ‘15 P e n t a h o Community M e e t i n g
  • 29. Q&A 29 #PCM15 London 7 Nov ‘15 P e n t a h o Community M e e t i n g Pentaho Transparent Authentication
  • 30. Pictures by 30 #PCM15 London 7 Nov ‘15 P e n t a h o Community M e e t i n g all rights reserved