To configure the retrieval and mapping for user roles in sample-applicationContext-externalAuth-db-mt.xml file, you need to set the MTExternalJDBCUserDetailsService bean to retrieve user external roles and details from the database and configure externalUserSetupProcessor to map the external information to roles in the JasperReports Server.
To configure MTExternalJDBCUserDetailsService, specify the following:
• | dataSource property – References the externalDataSource bean, which configures the JDBC connection to the database. The externalDataSource bean is defined later in the file. |
• | authoritiesByUsernameQuery property – SQL query returning a list of user roles for the user name. |
To configure the externalUserSetupProcessor bean, set the following properties:
• | defaultInternalRoles property – A list of internal roles assigned to the external user by default. |
• | To map to an internal role at the organization level, append |* to the name of the internal role, for example, ROLE_EXTERNAL_USER|*. Roles mapped at the organization level do not have administrative privileges. |
• | To map to an internal role at the system (null) level, do not modify the internal role name, for example, ROLE_EXTERNAL_ADMINISTRATOR. Roles at the system level are usually reserved for special users such as the system administrator and allow access to the repository folder of all other organizations. |
The following example shows how to configure the organizationRoleMap property:
<property name="organizationRoleMap"> <map> <!-- Example of mapping customer roles to JRS roles --> <entry> <key> <value>ROLE_ADMIN_EXTERNAL_ORGANIZATION</value> </key> <!-- JRS role that the <key> external role is mapped to--> <value>ROLE_ADMINISTRATOR|*</value> </entry> </map> </property> |