Automatically login via POST/GET parameters j_username and j_password

[ee.ashley]

I know that it is possible to automatically log into the Jasper Reports Server using a URL such as: http://hostname/jasperserver-pro/j_spring_security_check?j_username=username&j_password=password

This usually takes me directly to the flow.html?_flowId=searchFlow page. However, is it possible to specify a specific page to load in the URL? For example, if I want to embed an automatically generated report into another page, is it possible to be redirected to an arbitrary page after completing the j_spring_security check login?

If I'm embedding this into an iframe, for example, I don't want to have the user navigate to the report manually - I want the page to load directly to the relevant report.

[olivfsk]

Hi,

For access to a specific report try with autologin :

http://hostname/jasperserver-pro/flow.html?_flowId=viewReportFlow&standAlone=true&ParentFolderUri=%2FParentFolderID&reportUnit=%2FParentFolderID%2FReportID&j_username=Login&j_password=password

[ee.ashley]

Thanks olvifsk, when I try this, for some reason, it doesn't log me in. Rather, I just get an error on the login screen: "Invalid credentials supplied. Could not login to JasperReports server." If I use the same j_username and j_password using just the j_spring_security_check URL, it works though.

 

Is there any configuration in JapserServer that may be preventing this from working?

[ee.ashley]

When I try to use the j_username and j_password, I get a debug error message like this in the jasperserver.log:

2014-06-02 14:09:21,470 DEBUG RequestParameterAuthenticationFilter,http-80-6:78 - User [uSERNAME] failed to authenticate: com.jaspersoft.jasperserver.api.metadata.user.service.impl.UserIsNotInternalException: User needs to be internal to be authenticated by class com.jaspersoft.jasperserver.multipleTenancy.MTDaoAuthenticationProvider

[olivfsk]

Do you have a LDAP or some AD connexion ?

[ee.ashley]

The users are being authenticated via a proprietary back-end system from a vendor. The logins work through the main login screen, or if I use the j_username/j_password on the j_spring_security_check URL, but not against arbitrary JasperServer URLs. Is there any configuration that would use different authentication methods depending on the login method used?

[ee.ashley]

I noticed this other question here: http://community.jaspersoft.com/questions/816716/how-pass-login-external-users

 

This sounds similar to what I am experiencing, but the build of JasperServer we have appears to be 5.2 already.

 

Looking through the server logs, logging in via the regular login page appears to go through the vendor's external JAAS authentication provider. However, trying to use the URL parameters on an arbitrary page results in it trying to use the InternalDaoAuthenticationProvider instead.