Administration Console

Contents:

The Administration Console is a Web application that allows GUI configuration of the Pentaho BI Server. It comes bundled with the Community Edition, and is a minimal version of the Enterprise Console that comes with the Enterprise Edition.

Unless otherwise stated, all of the information here pertains to both the Administration and Enterprise versions of the console.

The Console's location depends on the edition you are using:

  • ${Pentaho}/biserver-ce/administration-console/
  • ${Pentaho}/biserver-ee/enterprise-console/
As an independent application, it requires its own JDBC drivers to be installed (place them in the jdbc/ directory). Settings are stored in the Hibernate database in the Pentaho BI server. By default, the backend database type used is MySQL for the Enterprise Edition and HSQLDB for the Community Edition.

The tables are:

TableFunction
datasourcedetails on the jndi data connections
usersuser accounts
authoritiesdefinitions of roles
granted_authoritiesusers mapped to roles

Logging

Console logs are explained here.

Trusted proxy

Some features of the Console require you to establish a trusted proxy. This also applies if the Console resides on the same host as the BI Server.

Resources:

Security

Enabling SSL

You can enable SSL for encrypted connections between your Web browser and the Console.

Console users

The default username and password for the console are 'admin' and 'password' respectively. We strongly suggest that you change these for a production deployment.

To add or change a password:

  1. Generate the password from the command line (note: might need to change version numbers in the file names) 
    $ java -cp lib/jetty-6.1.2rc1.jar:lib/jetty-util-6.1.2rc1.jar org.mortbay.jetty.security.Password username password
		password
		OBF:1v2j1uum1xtv1zej1zer1xtn1uvk1v1v
		MD5:5f4dcc3b5aa765d61d8327deb882cf99
		CRYPT:usjRS48E8ZADM
  2. Edit ${Pentaho}/administration-console/resource/config/login.properties
    Format: 
    <username>: OBF:<obf_password>,<role1>,<role2>,<role3>,...
    You might prefer to use another hash type (e.g. MD5) instead of OBF

BI server users and roles

The users, authorities and granted_authorities tables are almost identical to their counterparts in Pentaho 1. The differences are:

  • the tables are now in the hibernate database rather than being in their own 'users' database
  • the users table has an extra column called Description, where you can place notes
  • passwords are encoded in Base64 (presumably for LDAP compatibility/consistency)
Note: There is no security associated with Base64, other than simple obfuscation. It is a type of encoding, not encryption or hashing.

To encode/decode a password, you can use the command line tool 'base64':

$ echo password | base64
cGFzc3dvcmQK

$ echo "cGFzc3dvcmQ=" | base64 -d
password

Adding data sources

You can define a new data source under Administration -> Database Connections. Click 'test' to test the connection and then 'ok' to add.

If clicking on the 'OK' button gives you the error:

'error creating database connection'

you need to define a 'Validation Query' under 'Advanced'. You can define any valid query for that data base connection.

For a HSQLDB (Hypersonic) data source (e.g. SampleData), use this validation query: 

select count(*) from INFORMATION_SCHEMA.SYSTEM_SEQUENCES

For MySQL and PostgreSQL, use this: 

select 1

For Oracle, use this: 

select 1 from dual

Resources

Creator: Sridhar Dhanapalan on 2009/03/25 10:45
XWiki Enterprise 1.7.2.16857 - Documentation