This document is relevant only to the Pentaho BI Platform version 1.2.0 or earlier. See the Pentaho BI Platform version 1.2.1 or later security documentation if you're using version 1.2.1 or later. (You can find the version you are running in several ways: (1) look at the log when the Pentaho BI Platform starts or (2) look at the bottom right of any page within the Pentaho BI Platform.)
In the Pentaho Professional BI Platform, security is based on the infrastructure provided by the Acegi Security open source project. Pentaho has extended the Acegi Security offering to add needed capabilities. Before diving straight into our enhancements to Acegi Security, it is suggested that the basic Acegi Security documentation be examined thoroughly. Please review the Acegi Security Reference Guide before continuing. This release of the Pentaho Professional BI Platform is based on Acegi Security 1.0.0-RC2.
Acegi Security is written to take advantage of the Spring Framework so we have leveraged the Spring Framework's "dependency injection" capabilities to declaratively configure security in the Pentaho Professional BI Platform. This release of the Pentaho Professional BI Platform is based on Spring Framework 2.0-m3.