Setting Up Logging and Testing

Before creating a security file, CZS prepares for the implementation by:

Enabling Logging
Creating a Test Report

Enabling Logging

To assist in the iterative creation of their security file, CZS enables more verbose logging to help troubleshoot problems with the Sales Domain and security file. Such logging features are disabled by default to minimize the size of logs. They should be enabled in test environments when defining security.

To enable Domain security logging:

1. Locate and open the file and scroll to the bottom of the file.

This file is found in the WEB-INF folder; if you use Tomcat as your application server, the default path to this location is:


2. Add the following lines after the last line in the file:
  SemanticLayerSecurityResolverImpl=debug, stdout, 
  stdout, fileout
3. Save the file.
4. Restart JasperReports Server.

Information about Domains and their security will now be written to the log and to the console.

The additional information written to the log can be very verbose, and your log files will grow more quickly with these properties enabled. You can manage your logs in the file system; they are found in the WEB-INF/logs folder under your JasperReports Server installation. For more information, refer to the log4j documentation, which is available at:

Because these options are so verbose, Jaspersoft recommends that they only be used during debugging; these options should be disabled in production environments.

Creating a Test Report

CZS creates an Ad Hoc crosstab based on the Sales Domain to assist in testing the security file as they create each access grant.The report displays store sales amount, store sales cost, and store units sold for all cities and departments.

Administrator’s View When Creating CZS Ad Hoc Crosstab

Each user’s limited view of this report is shown in Verifying Domain Security.