2. Setting Up Pentaho

  1. Download and install Pentaho from http://www.pentaho.com/download

  2. Stop Pentaho Server and Pentaho Solution Repository background processes in Windows Services or its equivalent.

  3. Change Pentaho default port to 8081.

    • Navigate to $PENTAHO_HOME/server/pentaho-server/tomcat/conf, where $PENTAHO_HOME is the directory where Pentaho is installed.

    • Change default Tomcat port to 8081 in the server.xml:

    <Connector URIEncoding="UTF-8" port="8081" protocol="HTTP/1.1"
               connectionTimeout="20000"
               redirectPort="18443" />
  4. Setup authentication of CUBA users in Pentaho.

    • Download https://dl.bintray.com/cuba-platform/main/com/haulmont/addon/bi/cuba-bi-pentaho/1.1.1/cuba-bi-pentaho-1.1.1.jar and copy it to $PENTAHO_HOME$/server/pentaho-server/tomcat/webapps/pentaho/WEB-INF/lib.

    • Create new cuba-pentaho-authentication.xml file in the $PENTAHO_HOME/server/pentaho-server/pentaho-solutions/system folder with the following content:

      <?xml version="1.0" encoding="UTF-8"?>
      <beans xmlns="http://www.springframework.org/schema/beans"
             xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
             xmlns:util="http://www.springframework.org/schema/util"
             xmlns:sec="http://www.springframework.org/schema/security"
             xmlns:pen="http://www.pentaho.com/schema/pentaho-system"
             xsi:schemaLocation="http://www.springframework.org/schema/beans http://www.springframework.org/schema/beans/spring-beans-4.3.xsd http://www.springframework.org/schema/util http://www.springframework.org/schema/util/spring-util-4.1.xsd http://www.springframework.org/schema/security http://www.springframework.org/schema/security/spring-security-4.1.xsd http://www.pentaho.com/schema/pentaho-system http://www.pentaho.com/schema/pentaho-system.xsd"
             default-lazy-init="true">
      
          <!-- ======================== FILTER CHAIN ======================= -->
          <bean id="filterChainProxy" class="org.springframework.security.web.FilterChainProxy">
              <constructor-arg>
                  <util:list>
                      <!-- You can safely remove the first pattern starting with /content/dashboards/print, if you're not using Enterprise Dashboards or not allowing printing of Dashboards, -->
                      <sec:filter-chain pattern="/api/repos/dashboards/print" filters="securityContextHolderAwareRequestFilter,httpSessionPentahoSessionContextIntegrationFilter,httpSessionContextIntegrationFilter,preAuthenticatedSecurityFilter,httpSessionReuseDetectionFilter,logoutFilter,authenticationProcessingFilter,basicProcessingFilter,requestParameterProcessingFilter,anonymousProcessingFilter,exceptionTranslationFilter,filterInvocationInterceptor" />
                      <sec:filter-chain pattern="/webservices/**" filters="securityContextHolderAwareRequestFilterForWS,httpSessionPentahoSessionContextIntegrationFilter,httpSessionContextIntegrationFilter,cubaAuthenticationFilter,basicProcessingFilter,anonymousProcessingFilter,exceptionTranslationFilterForWS,filterInvocationInterceptorForWS" />
                      <sec:filter-chain pattern="/api/**" filters="securityContextHolderAwareRequestFilterForWS,httpSessionPentahoSessionContextIntegrationFilter,httpSessionContextIntegrationFilter,cubaAuthenticationFilter,basicProcessingFilter,requestParameterProcessingFilter,anonymousProcessingFilter,exceptionTranslationFilterForWS,filterInvocationInterceptorForWS" />
                      <sec:filter-chain pattern="/plugin/**" filters="securityContextHolderAwareRequestFilterForWS,httpSessionPentahoSessionContextIntegrationFilter,httpSessionContextIntegrationFilter,basicProcessingFilter,requestParameterProcessingFilter,anonymousProcessingFilter,exceptionTranslationFilterForWS,filterInvocationInterceptorForWS" />
                      <sec:filter-chain pattern="/**" filters="securityContextHolderAwareRequestFilter,httpSessionPentahoSessionContextIntegrationFilter,httpSessionContextIntegrationFilter,httpSessionReuseDetectionFilter,logoutFilter,authenticationProcessingFilter,basicProcessingFilter,requestParameterProcessingFilter,anonymousProcessingFilter,exceptionTranslationFilter,filterInvocationInterceptor" />
                  </util:list>
              </constructor-arg>
          </bean>
      
          <bean id="cubaAuthenticationProvider" class="com.haulmont.addon.bi.pentaho.CubaAuthenticationProvider"/>
      
          <!-- ======================== AUTHENTICATION ======================= -->
          <bean id="authenticationManager" class="org.springframework.security.authentication.ProviderManager">
              <constructor-arg>
                  <util:list>
                      <ref bean="cubaAuthenticationProvider"/>
                      <pen:bean class="org.springframework.security.authentication.AuthenticationProvider"/>
                      <ref bean="anonymousAuthenticationProvider" />
                  </util:list>
              </constructor-arg>
              <property name="eraseCredentialsAfterAuthentication" value="false" />
          </bean>
      
          <!-- Automatically receives AuthenticationEvent messages -->
          <bean id="loggerListener" class="org.pentaho.platform.engine.security.event.PentahoLoggerListener" />
          <bean id="basicProcessingFilter" class="org.pentaho.platform.web.http.security.PentahoBasicProcessingFilter">
              <constructor-arg ref="authenticationManager" />
              <constructor-arg ref="basicProcessingFilterEntryPoint" />
          </bean>
          <bean id="basicAuthPostFilter"
                class="org.pentaho.platform.web.http.security.PentahoBasicPostProcessingFilter">
          </bean>
      
          <bean id="cubaAuthenticationFilter" class="com.haulmont.addon.bi.pentaho.CubaPentahoAuthenticationFilter">
              <property name="userRoleDao">
                  <ref bean="userRoleDaoTxn" />
              </property>
              <property name="authenticationManager">
                  <ref bean="authenticationManager" />
              </property>
              <property name="extraRoles" ref="extraRoles" />
              <property name="cubaConnectionUrl" value="http://localhost:8080/app"/>
          </bean>
      </beans>
      Tip

      Specify URL of your CUBA application in the cubaConnectionUrl property of the cubaAuthenticationFilter bean.

    • Edit pentaho-spring-beans.xml in pentaho-solutions/system and add the line <import resource="cuba-pentaho-authentication.xml" /> after the <import resource="applicationContext-spring-security.xml" /> line:

      <import resource="applicationContext-spring-security.xml" />
      <import resource="cuba-pentaho-authentication.xml" />
  5. Start Pentaho Server and Pentaho Solution Repository background processes in Windows Services or its equivalent.