Uploaded image for project: 'Pentaho Data Integration - Kettle'
  1. Pentaho Data Integration - Kettle
  2. PDI-6774

As an ETL-Administrator, I want to set some security restrictions by a security level


    • Type: New Feature
    • Status: Open
    • Severity: Medium
    • Resolution: Unresolved
    • Affects Version/s: 4.2.0 GA (4.0.0 GA Suite Release)
    • Fix Version/s: Backlog
    • Component/s: API
    • Labels:
    • Notice:
      When an issue is open, the "Fix Version/s" field conveys a target, not necessarily a commitment. When an issue is closed, the "Fix Version/s" field conveys the version that the issue was fixed in.
    • PM Ranking:


      It is easy to call any API methods within PDI with the scripting steps and it is also easy to add new plugins. With both methods existing passwords can be "un-obfuscated" or decrypted even with more advanced password encryptions.

      We may need a mechanism to set a security level to avoid calling APIs or disable the use of some scripting steps.

      Workaround: Have a white list of steps. That is actually already possible with defining another kettle-steps.xml or kettle-job-entries.xml.

      Another use case could be reading and writing from/to the server based file-system what should be disabled by an option as well.
      Further use cases can be found in the linked cases.


          Issue Links



              • Assignee:
                jbleuel Jens Bleuel
              • Votes:
                1 Vote for this issue
                2 Start watching this issue


                • Created: