navkum Posted March 25, 2011 Share Posted March 25, 2011 Hi,I am new to the Jasper world and right now i am trying my hands on secutity in jasper server.I tried to change the file for SuperMart (demo database that comes with Jasper server) as per the example given in JS-Ultimate Guide. Following is the section of the file i changed. (added domain security for rows using Cities attribute)---------------------------------------------------------------------------------------------------------------------------------------------------------------------<securityDefinition xmlns="http://www.jaspersoft.com/2007/SL/XMLSchema" version="1.0" itemGroupDefaultAccess="granted"> <resourceAccessGrants> <!-- Row level security --> <!-- What access do roles/users have to the rows in the resource? --> <resourceAccessGrantList id="sales_join_resource_access_grant" label="aLabel" resourceId="sales_join"> <resourceAccessGrants> <!-- This "join" will always be made when a query includes at least 1 item from this resource, even when the query does not include the related dataSet. <resourceAccessGrant id="sales_join_ROLE_SUPERMART_MANAGER_row_grant"> <principalExpression>authentication.getPrincipal().getRoles().any{ it.getRoleName() in ['ROLE_SUPERMART_MANAGER'] }</principalExpression> <filterExpression>store1.store_country in ('USA') and store1.store_state in ('CA')</filterExpression> </resourceAccessGrant> --><!-- Following is the resourceAccessGrant I added form Ultimate Guide --> <resourceAccessGrant id="Jointree_1_row_access_grant_4"> <principalExpression><![CDATA[authentication.getPrincipal().getAttributes().any{it.getAttrName() in ['Cities']}]]> </principalExpression> <filterExpression>store1.store_city in (groovy('authentication.getPrincipal().getAttributes().find{ it.attrName == "Cities"}.attrValue')) </filterExpression> </resourceAccessGrant>------------------------------------------------------------------------------------------------------------------------------------------------------- But when i try create an adhoc report get message stating : "No data was returned."To create the report i log in as the California User ( User that comes by default when i chose to install demo)California User has attributes : CaliforniaUserCalifornia User Assigned RolesROLE_SUPERMART_MANAGER, ROLE_USERProfile Attributes[state:CA], [Cities:San Francisco, Oakland, San Jose]This user is enabled. *** Can some one please let me know what i am missing here that might be causing the error?. This domins works fine with row level security using Roles e.g. ['ROLE_SUPERMART_MANAGER']*** Is there a way to evaluate principle expressions externally so that i can see there results without actually having to add the whole file and then using the security file... Thanks.Code: Link to comment Share on other sites More sharing options...
Recommended Posts
Create an account or sign in to comment
You need to be a member in order to leave a comment
Create an account
Sign up for a new account in our community. It's easy!
Register a new accountSign in
Already have an account? Sign in here.
Sign In Now