Overview of External Database Authentication

This section describes how JasperReports Server integrates the Spring Security mechanisms to authenticate users against an external database.

The following figure shows the general protocol during external database authentication:

General Steps of External Database Authentication

The interaction between the user’s browser, JasperReports Server, and the external database includes these steps:

1. An unauthenticated user requests any page in JasperReports Server.
2. JasperReports Server detects that the user is not logged in and replies with the JasperReports Serverlogin page.
3. The user enters their credentials.
4. The JasperReports Server establishes a connection to the database server to verify the credentials of the user.
5. If the user submitted a valid username and password on the login page, the database server validates the user and authenticates the user to JasperReports Server.
6. JasperReports Server requests user details from the database server using a database query specified in the configuration file.
7. The database server returns the requested details.

JasperReports Server maps the username to a predefined set of roles and an organization ID. The username, roles, and organization are also synchronized with the internal database, where the user account is marked as an external user. (Community editions do not need to synchronize the organization.) For more information, see Synchronization of External Users.

8. As with the default internal authorization, JasperReports Server now sends the requested content to the user. Content that is sent to the user is subject to authorization. For example, the home page has different options for administrators than for regular users.

The only difference between these steps with those in Default Internal Authentication, is that instead of searching for the user in the jasperserver internal database, JasperReports Server makes a JDBC call to the external database and then synchronizes the user details.

Feedback