In a single-organization deployment, the administrator needs to create only the users and roles. In deployments with multiple organizations, administrators need to create organizations, populate them with users, and create the roles they use afterward to set access permissions.
This section describes functionality that can be restricted by the software license for JasperReports Server. If you don’t see some of the options described in this section, your license may prohibit you from using them. To find out what you're licensed to use, or to upgrade your license, contact Jaspersoft.
In a deployment with multiple organizations, there can be administrators at every level of the hierarchy, as described in Delegated Administration. Part of any large deployment is to designate the administrators responsible for every task. For example, system administrators might set up the top-level organizations and default roles, but each organization’s admin would then create and manage the users of their particular organization.
The interface in JasperReports Server for managing organizations (commercial edition users), users, and roles (both commercial and community editions) accommodates all levels of administrators and makes it easy for them to search among hundreds of users and roles, whether in a single organization or spread across many. The interface also enforces the scope of administrative privileges. For example, it ensures that an organization administrator cannot see roles and users from parent organizations.
Attributes are name-value pairs that can be defined on users, organizations, and at the server level. These values can provide flexibilty, for example allowing each organization to access a different database when using the same data source. At the user level, attributes can provide data-level security when combined with the features of Domains and OLAP.
This chapter contains the following sections: