Retrieving Roles from the External Database

To configure the retrieval and mapping for user roles in sample-applicationContext-externalAuth-db-mt.xml file, you need to set the MTExternalJDBCUserDetailsService bean to retrieve user external roles and details from the database and configure externalUserSetupProcessor to map the external information to roles in the JasperReports Server.

To configure MTExternalJDBCUserDetailsService, specify the following:

dataSource property – References the externalDataSource bean, which configures the JDBC connection to the database. The externalDataSource bean is defined later in the file.
usersByUsernameQuery property – SQL query returning a list of user properties for the user name to be processed by externalUserSetupProcessor. The result is returned as a map where keys are the column names in the query.
authoritiesByUsernameQuery property – SQL query returning a list of user roles for the user name.

To configure the externalUserSetupProcessor bean, set the following properties:

defaultInternalRoles property – A list of internal roles assigned to the external user by default.
organizationRoleMap property – A list of key/value pairs that maps external role names to internal ones. For commercial JasperReports Server deployments, you need to choose the level at which the role is assigned:
     To map to an internal role at the organization level, append |* to the name of the internal role, for example, ROLE_EXTERNAL_USER|*. Roles mapped at the organization level do not have administrative privileges.
     To map to an internal role at the system (null) level, do not modify the internal role name, for example, ROLE_EXTERNAL_ADMINISTRATOR. Roles at the system level are usually reserved for special users such as the system administrator and allow access to the repository folder of all other organizations.

The following example shows how to configure the organizationRoleMap property:

<property name="organizationRoleMap">
  <!-- Example of mapping customer roles to JRS roles -->
      <!-- JRS role that the <key> external role is mapped to-->