In a single-organization deployment, the administrator needs to create only the users and roles. In deployments with multiple organizations, administrators need to create organizations, populate them with users, and create the roles they use afterward to set access permissions. Optionally, administrators can also define attributes to control access to data.
In a deployment with multiple organizations, there can be administrators at every level of the hierarchy, as described in Delegated Administration. Part of any large deployment is to designate the administrators responsible for every task. For example, system administrators might set up the top-level organizations and default roles, but each organization's admin would then create and manage the users of their particular organization.
The interface in JasperReports Server for managing organizations, users, and roles accommodates all levels of administrators and makes it easy for them to search among hundreds of users and roles, whether in a single organization or spread across many. The interface also enforces the scope of administrative privileges. For example, it ensures that an organization administrator cannot see roles and users from parent organizations.
Attributes are name-value pairs that can be defined on users
This chapter contains the following sections: