Starting in version 1.6, security is a feature of the Pentaho BI Platform. Prior to this version, security was only available in the Pentaho Professional BI Platform (now called the Subscription Edition).
Furthermore, this document is relevant only to the Pentaho Professional BI Platform version 1.2.1 or later or the Pentaho BI Platform version 1.6 or later. See the Pentaho Professional BI Platform version 1.2.0 security documentation if you're using Pentaho Professional BI Platform version 1.2.0. (You can find the version you are running in several ways: (1) look at the log when the Pentaho BI Platform starts or (2) look at the bottom right of any page within the Pentaho BI Platform.)
In the shipping implementation of the Pentaho BI Platform there is an implementation of a login page. This page is defined in the form of a java server page located your applications server deployment directory in
pentaho.war/jsp/Login.jsp. For instance, in the pre-configured install it would be located at
As currently shipped the login JSP is branded for Pentaho and contains a drop down menu with default users and passwords. These items (and others) can be changed by editing the
Removing the "Valid Users" Drop Down
From the JSP interface:
pentaho.war/jsp/Login.jsp, comment out or remove the following HTML and code.
From the portal interface (JBoss):
server/default/deploy/jboss-portal.sar/portal-server.war/login.jsp, comment out or remove the following HTML and code.
This removes the drop down menu and its title text in the login area.
Removing the Pentaho Branding
Login.jsp, comment out or remove the following HTML and code. Note that formatting may be slightly different.
This will remove the Pentaho branding from the left side of the login page.
All strings in
Login.jsp have been localized. Open
com.pentaho.locale.messages*.properties to edit the strings. Strings used in the login page generally are named
Other Login Customizations
Implementors are free to change the
Login.jsp as they see fit. The heart of the currently implemented
Login.jsp is in the
<form> tag. It is recommended that users examine this code in order to make their own replacement
Login.jsp work correctly.