Jump to content
Changes to the Jaspersoft community edition download ×

  • Guest
    • Features: JasperReports Server, User Authorization Version: v5.2

    Overview

    This guide will allow anonymous access to the Standard Charts Report ( /reports/samples/StandardChartsReport ). This report is included with the samples that ship with the product . Unauthenticated users will be able to see this report without needing to enter any credentials or pass them in the URL in the form of j_username & j_password.

    The steps below are slightly different depending on version.  3.7.1 and below are unique, as are 4.x thru 5.2, and everything between 5.5 and 6.0. Users of 6.x have reported problems with the approach 

    Modify Spring Configuration Files

    • Edit js-install/WEB-INF/applicationContext-security-web.xml

      Find bean id="filterInvocationInterceptor"

      NOTE: (in JasperReports Server Version 3.7.1 and below edit js-install/WEB-INF/applicationContext-security.xml instead).

      (!) - Lines marked with this sign may not be present in old versions, so do not add them if they're not there.

      Find these lines:

      /flow.html=ROLE_USER,ROLE_ADMINISTRATOR
      /reportimage/**=ROLE_USER,ROLE_ADMINISTRATOR
      (!) /viewreportpageupdatecheck.html=ROLE_USER,ROLE_ADMINISTRATOR
      (!) /viewreportasynccancel.html=ROLE_USER,ROLE_ADMINISTRATOR
      (!) /viewreportcancel.html=ROLE_USER,ROLE_ADMINISTRATOR
      </pre>
      </pre>
      

      Modify them like this:

      /flow.html=ROLE_ANONYMOUS,ROLE_USER,ROLE_ADMINISTRATOR
      /reportimage/**=ROLE_ANONYMOUS,ROLE_USER,ROLE_ADMINISTRATOR
      (!) /viewreportpageupdatecheck.html=ROLE_ANONYMOUS,ROLE_USER,ROLE_ADMINISTRATOR
      (!) /viewreportasynccancel.html=ROLE_ANONYMOUS,ROLE_USER,ROLE_ADMINISTRATOR
      (!) /viewreportcancel.html=ROLE_ANONYMOUS,ROLE_USER,ROLE_ADMINISTRATOR
      

    • Edit js-install/WEB-INF/applicationContext-security.xml

      Find bean id="flowVoter"

      Add this line above the repoAdminFlow:

      viewReportFlow=ROLE_USER,ROLE_ADMINISTRATOR,ROLE_ANONYMOUS

    • In Pro versions of 5.2, also edit js-install/WEB-INF/applicationContext-security-pro-web.xml

       

      Modify the following line

      FROM:

      /reportexecutioncountmessage.html=ROLE_USER,ROLE_ADMINISTRATOR

       

      TO:

      /reportexecutioncountmessage.html=ROLE_USER,ROLE_ADMINISTRATOR,ROLE_ANONYMOUS

    • Restart your application server

    Community Edition/JasperReports Server Professional 3.7.1 Only

    • Edit js-install/WEB-INF/applicationContext-events-logging.xml

      Find bean id="accessContext Modify it to look like this:

      <bean class="com.jaspersoft.jasperserver.api.logging.access.context.impl.AccessContextImpl" id="accessContext">
          <property name="clientClassFactory" ref="mappingResourceFactory" />
          <property name="loggingContextProvider" ref="${bean.loggingContextProvider}" />
          <property name="userAuthorityService" ref="${bean.userAuthorityService}" />
      </bean>
      

    JasperReports Server Professional 5.5 and above, additional steps

    • Edit js-install/WEB-INF/applicationContext-security-web.xml

      In the same filterInvocationInterceptor bean mentioned above , again find the property named "securityMetadataSource", ensure the following paths exist and now contain ROLE_ANONYMOUS, like:

      /dashboard/viewer.html"access="ROLE_ANONYMOUS,ROLE_USER,ROLE_ADMINISTRATOR" 
      /viewreportcancel.html"access="ROLE_ANONYMOUS,ROLE_USER,ROLE_ADMINISTRATOR"
      /viewreportasynccancel.html"access="ROLE_ANONYMOUS,ROLE_USER,ROLE_ADMINISTRATOR"
      /viewreportpageupdatecheck.html"access="ROLE_ANONYMOUS,ROLE_USER,ROLE_ADMINISTRATOR"
      /getreportcomponents.html"access="ROLE_ANONYMOUS,ROLE_USER,ROLE_ADMINISTRATOR"
      /getrequirejsconfig.html"access="ROLE_ANONYMOUS,ROLE_USER,ROLE_ADMINISTRATOR"
      /runreportaction.html"access="ROLE_ANONYMOUS,ROLE_USER,ROLE_ADMINISTRATOR"
      /rest_v2/reports/**"access="ROLE_ANONYMOUS,ROLE_USER,ROLE_ADMINISTRATOR" 
      /rest_v2/resources/**"access="ROLE_ANONYMOUS,ROLE_USER,ROLE_ADMINISTRATOR"
      /reportimage/**"access="ROLE_ANONYMOUS,ROLE_USER,ROLE_ADMINISTRATOR"
      /flow.html"access="ROLE_ANONYMOUS,ROLE_USER,ROLE_ADMINISTRATOR"

    Set Permissions

    Set the appropriate permissions (ROLE_ANONYMOUS) for the report and for all of the peripheral objects of the report such as datasources, input controls, queries, and images.

    • Login to JasperReports Server as jasperadmin and grant "Read Only" permission to ROLE_ANONYMOUS on these resources:
      • Report Unit: /reports/samples/StandardChartsReport
      • Datasource: /datasources/JServerJNDIDS
      • Theme: Themes have permisssions too, make sure your theme is allowed!

    The anonymous user doesn't belong to any organization, so you'll need to use the full path to a report ( e.g. organizations/organization_1/reports/samples&reportUnit=/organizations/organization_1/reports/samples/StandardChartsReport ).

    View the Report

    Since we don't want the user to see the JasperReports Server decorations, you will need to add &decorate=no to the URL. '''Here's the URL for this example:'''

    http://localhost:8080/jasperserver-pro/flow.html?_flowId=viewReportFlow&standAlone=true&_flowId=viewReportFlow&ParentFolderUri=/organizations/organization_1/reports/samples&reportUnit=/organizations/organization_1/reports/samples/StandardChartsReport&decorate=no

    And here's the result, without having to authenticate:

    Anonymous_report(1).png.fcdbf5ee9feb934febe6e7b7975ce928.png

    Disclaimer

    This is only an example guide and not an exhaustive list of the possible ways that this impacts the security of your installation. This may not work with Dashboards.

    Dashboards

    Anonymous_report.png.edec1d59c9a48ae231ab4c9514e8f08a.png


    User Feedback

    Recommended Comments

    I had this working then upgraded to version 8.0 and now I get authentication errors in a continus loop while trying to display any of my public reports. Can you tell me what has changed and how to fix it?

    Link to comment
    Share on other sites



    Guest
    This is now closed for further comments

×
×
  • Create New...