User accounts and role membership provide authentication and authorization for access control in JasperReports Server. When logging in, users enter their username and password to access the server. Administrators assign named roles to users and then create role-based permissions to further control access to the repository.
Administrators define permissions directly on the resources and folders in the repository. You can define a level of access, such as read-write, read-only, or no access, and assign each permission based on either a username or a role.
Administering Users and Roles
Administrators perform the following actions to manage users:
| • | Create, modify, and delete users. |
| • | Set user account properties such as name, email, and attributes. |
| • | Reset a user password. However, no administrator can ever view a user's existing password. |
| • | Login as any user to test permissions. |
| • | Create, modify, and delete roles. |
| • | Set access permissions on repository folders and resources. |
Delegated Administration
JasperReports Server enables two levels of delegated administration:
| • | The Administer permission allows a user to view and set permissions on a folder or resource. This can allow a power-user to manage a section of the repository, but not to create or manage users. |
| • | Granting ROLE_ADMINISTRATOR allows a user to see the management interface and create users and roles. This is true delegated administration, whereby a user other than jasperadmin has administration abilities. |
Recommended Comments
There are no comments to display.