2.3.2 Selecting a Security Provider
The following sections provide guidance on using the various security options.
Default File-Based Security Provider
The default security provider is provided as part of the Style Intelligence installation. It makes use of the following XML files located in the SREE Home directory (webapps/sree/WEB-INF/classes):
• password.xml: Stores users and groups.
• role.xml: Stores roles.
• acl.xml: Stores security permissions.
Use the default file-based security provider in the following circumstances:
1. You do not have any existing security data store that you want to reuse for your reporting application.
2. You have an existing security data store, but it is not feasible to connect to this store via the InetSoft custom security interface.
In this case, you will need to duplicate all your users, groups, and roles for use within Style Intelligence, and set corresponding permissions. You can do this via Enterprise Manager and/or security API calls. You will be responsible for keeping your existing data store and the Style Intelligence security provider in sync.
3. You have implemented complete session-based SSO (see Request Filter Example), and your security is predominantly defined at the group/role level.
In this case you do not need to define any users in the security provider. Simply define your groups/roles and set corresponding permissions. You can do this via Enterprise Manager and/or security API calls.
Next Step: Security API: Configuring the File Security Provider.
LDAP Security
Use the LDAP File Security Provider if you have an LDAP data store (such as Active Directory), irrespective of the SSO mechanism that you select.
Next Step: Configuring an LDAP Security Provider in Administration Reference.
Custom DB-based or API-Based Security Provider
Implement a custom security provider if your setup requires the security provider to perform authentication of user credentials or user role/group mappings against an external source.
For example, if your security data store is a database or another security framework and you have form-based or partial session-based SSO, use a custom security provider. The best approach is the composite security provider, which splits the responsibility for authentication and authorization tasks. To do this, implement your own authentication provider and use the built-in file-based authorization provider.
Next Step: Custom Security Integration in Administration Reference.
See Also
Security, in Administration Reference, for information on configuring security in Enterprise Manager.
| << 2.3.1 Security Provider Functions | © 1996-2013 InetSoft Technology Corporation (v11.4) | 3 Java API Utility Applications >> |