lvgmuellst Posted January 17, 2008 Share Posted January 17, 2008 Hi, I'm trying get a report direct by url the Url:http://myserver/jasperserver/flow.html?_flowId=viewReportFlow&reportUnit=/reports/myFolder/MyReport&j_acegi_security_check?&j_username=reader&j_password=a but it works only if i logged in before. If not an exception (see end) is thrown. Anonymous reques works not too. Permissons are set to read only to both, ROLE_USER and ROLE_ANONYMOUS, starting at root (!). applicationContext-security.xml contains: /flow.html=ROLE_ANONYMOUS,ROLE_USER,ROLE_ADMINISTRATOR JasperServer version 2.1 Could anybody help? Thanks very much!Stefan The Exception:Code:org.acegisecurity.AccessDeniedException: Access is denied at org.acegisecurity.vote.AffirmativeBased.decide(AffirmativeBased.java:68) at org.acegisecurity.intercept.AbstractSecurityInterceptor.beforeInvocation(AbstractSecurityInterceptor.java:275) at org.acegisecurity.intercept.method.aopalliance.MethodSecurityInterceptor.invoke(MethodSecurityInterceptor.java:63) at org.springframework.aop.framework.ReflectiveMethodInvocation.proceed(ReflectiveMethodInvocation.java:176) at org.springframework.aop.framework.JdkDynamicAopProxy.invoke(JdkDynamicAopProxy.java:210) at $Proxy13.launch(Unknown Source) at org.springframework.webflow.executor.support.FlowRequestHandler.handleFlowRequest(FlowRequestHandler.java:131) at org.springframework.webflow.executor.mvc.FlowController.handleRequestInternal(FlowController.java:170) at org.springframework.web.servlet.mvc.AbstractController.handleRequest(AbstractController.java:153) at org.springframework.web.servlet.mvc.SimpleControllerHandlerAdapter.handle(SimpleControllerHandlerAdapter.java:45) at org.springframework.web.servlet.DispatcherServlet.doDispatch(DispatcherServlet.java:820) at org.springframework.web.servlet.DispatcherServlet.doService(DispatcherServlet.java:755) at org.springframework.web.servlet.FrameworkServlet.processRequest(FrameworkServlet.java:396) at org.springframework.web.servlet.FrameworkServlet.doGet(FrameworkServlet.java:350) at javax.servlet.http.HttpServlet.service(HttpServlet.java:689) at javax.servlet.http.HttpServlet.service(HttpServlet.java:802) at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:252) at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:173) at com.jaspersoft.jasperserver.war.common.UploadMultipartFilter.doFilter(UploadMultipartFilter.java:86) at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:202) at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:173) at org.acegisecurity.util.FilterChainProxy$VirtualFilterChain.doFilter(FilterChainProxy.java:264) at org.acegisecurity.ui.switchuser.SwitchUserProcessingFilter.doFilter(SwitchUserProcessingFilter.java:335) at org.acegisecurity.util.FilterChainProxy$VirtualFilterChain.doFilter(FilterChainProxy.java:274) at org.acegisecurity.intercept.web.FilterSecurityInterceptor.invoke(FilterSecurityInterceptor.java:107) at org.acegisecurity.intercept.web.FilterSecurityInterceptor.doFilter(FilterSecurityInterceptor.java:72) at org.acegisecurity.util.FilterChainProxy$VirtualFilterChain.doFilter(FilterChainProxy.java:274) at org.acegisecurity.ui.ExceptionTranslationFilter.doFilter(ExceptionTranslationFilter.java:110) at org.acegisecurity.util.FilterChainProxy$VirtualFilterChain.doFilter(FilterChainProxy.java:274) at org.acegisecurity.providers.anonymous.AnonymousProcessingFilter.doFilter(AnonymousProcessingFilter.java:125) at org.acegisecurity.util.FilterChainProxy$VirtualFilterChain.doFilter(FilterChainProxy.java:274) at com.jaspersoft.jasperserver.api.metadata.user.service.impl.MetadataAuthenticationProcessingFilter.doFilter(MetadataAuthenticationProcessingFilter.java:136) at org.acegisecurity.util.FilterChainProxy$VirtualFilterChain.doFilter(FilterChainProxy.java:274) at org.acegisecurity.ui.basicauth.BasicProcessingFilter.doFilter(BasicProcessingFilter.java:181) at org.acegisecurity.util.FilterChainProxy$VirtualFilterChain.doFilter(FilterChainProxy.java:274) at com.jaspersoft.jasperserver.war.UserPreferencesFilter.doFilter(UserPreferencesFilter.java:131) at org.acegisecurity.util.FilterChainProxy$VirtualFilterChain.doFilter(FilterChainProxy.java:274) at org.acegisecurity.ui.AbstractProcessingFilter.doFilter(AbstractProcessingFilter.java:217) at org.acegisecurity.util.FilterChainProxy$VirtualFilterChain.doFilter(FilterChainProxy.java:274) at com.jaspersoft.jasperserver.war.UserPreferencesFilter.doFilter(UserPreferencesFilter.java:131) at org.acegisecurity.util.FilterChainProxy$VirtualFilterChain.doFilter(FilterChainProxy.java:274) at org.acegisecurity.context.HttpSessionContextIntegrationFilter.doFilter(HttpSessionContextIntegrationFilter.java:191) at org.acegisecurity.util.FilterChainProxy$VirtualFilterChain.doFilter(FilterChainProxy.java:274) at org.acegisecurity.util.FilterChainProxy.doFilter(FilterChainProxy.java:148) at org.acegisecurity.util.FilterToBeanProxy.doFilter(FilterToBeanProxy.java:90) at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:202) at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:173) at com.jaspersoft.jasperserver.war.util.CharacterEncodingFilter.doFilter(CharacterEncodingFilter.java:70) at org.springframework.web.filter.DelegatingFilterProxy.doFilter(DelegatingFilterProxy.java:138) at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:202) at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:173) at org.apache.catalina.core.StandardWrapperValve.invoke(StandardWrapperValve.java:213) at org.apache.catalina.core.StandardContextValve.invoke(StandardContextValve.java:178) at org.apache.catalina.core.StandardHostValve.invoke(StandardHostValve.java:126) at org.apache.catalina.valves.ErrorReportValve.invoke(ErrorReportValve.java:105) at org.apache.catalina.core.StandardEngineValve.invoke(StandardEngineValve.java:107) at org.apache.catalina.connector.CoyoteAdapter.service(CoyoteAdapter.java:148) at org.apache.coyote.http11.Http11AprProcessor.process(Http11AprProcessor.java:833) at org.apache.coyote.http11.Http11AprProtocol$Http11ConnectionHandler.process(Http11AprProtocol.java:639) at org.apache.tomcat.util.net.AprEndpoint$Worker.run(AprEndpoint.java:1285) at java.lang.Thread.run(Unknown Source) Post edited by: lvgmuellst, at: 2008/01/17 10:51Post edited by: lvgmuellst, at: 2008/01/17 10:51 Link to comment Share on other sites More sharing options...
ssadmn Posted January 23, 2008 Share Posted January 23, 2008 from forum (this help to me): "Hi, Server RunningJasperServer 1.2.1Apache Tomcat 5.5.23MySQL 5.1.11Windows XP Professional I am trying to give anonymous access to a report, but I am getting the error message: org.springframework.webflow.engine.ActionExecutionException: Exception thrown executing [AnnotatedAction@64dfeb targetAction = com.jaspersoft.jasperserver.war.action.ViewReportAction@c5575, attributes = map[[empty]]] in state 'checkForParams' of flow 'viewReportFlow' -- action execution attributes were 'map[[empty]]'; nested exception is org.acegisecurity.AccessDeniedException: Access is denied I have followed these steps: Within the flowVoter bean, under the the flowDefinitionSource property, I added the value:viewReportFlow=ROLE_USER,ROLE_ADMINISTRATOR,ROLE_ANONYMOUS I then changed the line: *=ROLE_USER,ROLE_ADMINISTRATOR to be *=ROLE_USER,ROLE_ADMINISTRATOR,ROLE_ANONYMOUS Within the filterInvocationInterceptor bean, under the objectDefinitionSource property, I changed the value: /flow.html=ROLE_USER,ROLE_ADMINISTRATOR to /flow.html=ROLE_ANONYMOUS,ROLE_USER,ROLE_ADMINISTRATOR Within the JasperServer UI, I changed the rights for ROLE_ANONYMOUS to be Read for Root "/". I then changed the rights for ROLE_ANONYMOUS to be Read for the "/Reports" folder. I attempt to access the URL; http://localhost:8080/jasperserver/flow.html?_flowId=viewReportFlow&reportUnit=/Reports/<reportname>&output=pdf&<param>=<value> " and give access to repozitory jasperserver...:) Link to comment Share on other sites More sharing options...
lvgmuellst Posted January 24, 2008 Author Share Posted January 24, 2008 Hi ssadmn, thank you very much for your help! This works fine! I just had to modify the following line of the definition of the bean filterInvocationInterceptor, property objectDefinitionSource:FROM:/reportimage/**=ROLE_USER,ROLE_ADMINISTRATORTO:/reportimage/**=ROLE_ANONYMOUS,ROLE_USER,ROLE_ADMINISTRATOR then the Report can be viewed perfect. Thank you very much! Stefan Link to comment Share on other sites More sharing options...
Recommended Posts
Create an account or sign in to comment
You need to be a member in order to leave a comment
Create an account
Sign up for a new account in our community. It's easy!
Register a new accountSign in
Already have an account? Sign in here.
Sign In Now