Securing Data Sources


By default, authenticated users have view-only permissions to data sources in the Pentaho User Console. Users with administrative permissions can create, delete, and view data sources. If you want to fine tune permissions associated with data sources, you must edit the appropriate settings.xml file. Follow the instructions below to edit the file.

  1. Go to …\biserver-ee\pentaho-solutions\system\data-accessand open settings.xml.
  2. Edit the settings.xml file as needed. The default values are shown in the sample below. You can assign permissions by individual user or by user role. If you are using LDAP, you can define the correct ACLs value for view permissions; the default value is “31.”
  3. Save your changes to the settings.xml file.
  4. Refresh the Admin Console.

The typical file is as below

<?xml version=”1.0″ encoding=”UTF-8″?>
<settings>
<!– roles with data access permissions –>
<data-access-roles>Admin</data-access-roles>
<!– users with data access permissions –>
<!–
<data-access-users></data-access-users>
–>
<!– roles with datasource view permissions –>
<data-access-view-roles>Authenticated,Admin</data-access-view-roles>
<!– users with datasource view permissions –>
<data-access-view-users>suzy</data-access-view-users>
<!– default view acls for user or role –>
<data-access-default-view-acls>31</data-access-default-view-acls>

<!– settings for Agile Data Access –>
<data-access-staging-jndi>Hibernate</data-access-staging-jndi>

<data-access-datasource-solution-storage>admin</data-access-datasource-solution-storage>
<data-access-csv-sample-rows>500</data-access-csv-sample-rows>

</settings>

Advertisements

3 Comments on “Securing Data Sources”

  1. saurabh says:

    Hi,

    How to prevent one user to see other users’ data using data source

    Please consider following case.

    – I’ve BI server 3.7 CE stable version
    – There is one table say ‘UserInfo’, having User information with user id as primary key.
    – All user,existing in ‘UserInfo’ table have access to create Data Source
    – Please provide steps so that one user can not see other users’ data i.e. how can I use user id implicitly in Data Source so that user will be restricted to only his data.

    -Thanks in advance,
    Saurabh


Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s