JasperReports Server relies on Spring Security 2.0.x to provide the mechanisms that authenticate and authorize users. More generally, JasperReports Server embeds the Spring Security functionality to perform actions such as maintaining user sessions, restricting access to pages, and enforcing role-based permissions. JasperReports Server also extends Spring Security to implement certain features, for example the organization architecture in commercial editions.
Like all of the Spring Framework, Spring Security is configured through Java beans defined in XML files. To implement external authentication, you need to create a custom application context file using the JasperReports Server bean API. Sample files for a number of common implementations, including LDAP and CAS, are included in the JasperReports Server installation. The configuration for each protocol is given in the chapter devoted to that protocol.
If you plan to make extensive customizations, JasperReports Server recommends that you delve more deeply into Spring Security by visiting its project pages and participating in its community. For more information, see the Spring Security website (http://static.springsource.org/spring-security/site/index.html) and refer to the documentation for Spring Security 2.0.x:
http://static.springsource.org/spring-security/site/docs/2.0.x/reference/html/springsecurity.html
Recommended Comments
There are no comments to display.