AbstractExternalSetupProcessor class
Acegi Security. See Spring Security.
administrative user
- mapping statically
- with LDAP
  - Setting Up Multiple Providers
  - Mapping Roles to System Roles
adminUsernames property
- Mapping Roles to System Roles
- Mapping User Roles
- Defining Static Roles
- Token-based Authentication
alwaysRequestOrgIdOnLoginForm property
authentication
- anonymous
- CAS overview
- credentials
- defined
- deployment procedure
- external, defined
- internal
- LDAP overview
- token-based authentication overview
authentication manager
- LDAP
- token-based authentication
authentication provider
- LDAP
- token-based authentication
authenticationManager bean
- with internal authentication
authenticationProcessingFilter bean
- with internal authentication
authoritiesByUsernameQuery property
authorization
- defined
- of external users
CAS
- authentication overview
- beans
- certificates
  - CAS Server for Testing
  - Configuring Java to Trust the CAS Certificate
- hiding Log Out link
- login page
- mapping to multiple organizations
- organizations
- overview
- retrieving roles from an external data source
- setting organizations using a JDBC database
- single sign-on
  - Overview of External CAS Authentication
  - CAS Authentication
- specifying a single organization
- Spring Security customization
  - Configuring JasperReports Server for CAS Authentication
  - Overview of External CAS Authentication
- test server
- Ticket Granting Ticket cookie
- website
casJDBCUserDetailsService bean
- authoritiesByUsernameQuery property
- dataSource property
- detailsQuery property
- usersByUsernameQuery property
casServiceProperties bean
- sendRenew property
- service property
Central Authentication Service. See CAS.
certificates for CAS
- CAS Server for Testing
- Configuring Java to Trust the CAS Certificate
CipherI interface
conflictingExternalInternalRoleNameSuffix property
- Setting Default Roles
- Mapping User Roles
- Setting Default Roles
- Token-based Authentication
cookies with CAS
customAuthenticationProvider bean
- with external authentication
  - External Authentication Beans
  - External Authentication Beans
daoAuthenticationProvider bean
- with internal authentication
- with LDAP
database. See internal database.
dataSource property
debugging
defaultAdminRoles property
- Mapping Roles to System Roles
- Mapping User Roles
- Defining Static Roles
- Token-based Authentication
defaultInternalRoles property
- Mapping Roles to System Roles
- Mapping User Roles
- Mapping User Roles
- Defining Static Roles
- Retrieving User Roles from an External Data Source
- Token-based Authentication
defaultOrganization property
- Setting the User Organization
- Setting the User Organization
- Setting the User Organization
- Mapping the User Organization
- Mapping the User Organization
- Mapping the User Organization
- Setting the User Organization
- Setting the User Organization
- Token-based Authentication
- Token-based Authentication
- Token-based Authentication
delegatingExceptionTranslationFilter bean
- with external authentication
deployment
driverClassName property (external database)
- Setting the Database Connection Parameters
- Setting the Database Connection Parameters
email address
excludeRootDn property
external authentication
- bean API
- customAuthenticationProvider bean
  - External Authentication Beans
  - External Authentication Beans
- externalDataSynchronizer bean
  - External Authentication Beans
  - External Authentication Beans
- proxyAuthenticationProcessingFilter bean
external authentication. See authentication.
external database
- JDBC driver
  - Setting the Database Connection Parameters
  - Setting the Database Connection Parameters
- login page
- Spring Security customization
- with CAS
external.dbPassword property
external.dbUsername property
external.jdbcDriverClass property
external.jdbcUrl property
external.ldapDn property (LDAP)
external.ldapPassword property
external.ldapUrl property
externalAuthProperties
- example
externalAuthProperties bean
- alwaysRequestOrgIdOnLoginForm property
- externalLoginUrl property
- logoutUrl property
- ssoServerLocation property
externalDataSource bean
- driverClassName property
- example
  - Setting the Database Connection Parameters
  - Setting the Database Connection Parameters
- password property
- url property
- username property
externalDataSynchronizer bean
- externalUserProcessors property
  - External Authentication Beans
  - External Authentication Beans
- LDAP
- token-based authentication
- with external authentication
  - External Authentication Beans
  - External Authentication Beans
externalLoginUrl property
externalProfileAttributeProcessor
externalTenantSetupProcessor
externalTenantSetupProcessor bean
- defaultOrganization property
externalUserProcessors property
- External Authentication Beans
- External Authentication Beans
externalUserSetupProcessor bean
- adminUsernames property
- avoiding role collisions example
- conflictingExternalInternalRoleNameSuffix property
- defaultAdminRoles property
- defaultInternalRoles property
- example
  - Retrieving User Roles from an External Data Source
  - Token-based Authentication
- organizationRoleMap property
- static roles example
externalUserTenantDetailsService bean
- usersByUsernameAndTenantNameQuery property
groupRoleAttribute property
groupSearchFilter property
internal authentication. See authentication.
internal database
- described
Internal database
- synchronization
Jaspersoft OLAP prerequisites
JIAuthenticationSynchronizer bean
- with internal authentication
JSBindAuthenticator class
- example
- userDnPatterns property
JSDefaultLdapAuthoritiesPopulator class
- branch DN value
- example
- groupRoleAttribute property
- groupSearchFilter property
- searchSubtree property
JSPreAuthenticatedAuthenticationProvider bean
keytool utility
LDAP
- administrative users
  - Setting Up Multiple Providers
  - Mapping Roles to System Roles
- beans
- bind authentication
  - Performing LDAP User Search
  - Performing LDAP User Search
- login page
- matching RDN patterns
  - Performing LDAP User Search
  - Specifying userDnPatterns Parameters
- Microsoft Active Directory
- organization mapping
- overview
- roles
- searching for usernames
  - Specifying userSearch Parameters
  - Performing LDAP User Search
- setting connection parameters
- single sign-on
- static role assignment
- troubleshooting
- URL
  - Setting the LDAP Connection Parameters
  - Setting the LDAP Connection Parameters
- users with same login name
- with default internal authentication
ldapAuthenticationManager bean
ldapAuthenticationProvider bean
- Mapping the User Roles
- Overview of LDAP Beans
ldapContextSource bean
- constructor-arg value
  - Setting the LDAP Connection Parameters
  - Setting the LDAP Connection Parameters
- example
ldapExternalTenantProcessor bean
- defaultOrganization property
- multiple organizations
- with CAS
ldapExternalUserProcessor bean
- excludeRootDn property
- organizationRDNs property
- rootOrganizationId property
- rootOrganizationRolesMap property
Lightweight Directory Access Protocol. See LDAP.
logging
login page
- external database
  - Configuring the Login Page for a Single-Organization Deployment
  - Overview of External Database Authentication
- hiding Log Out link for CAS
- with CAS
- with LDAP
logoutUrl property
Microsoft Active Directory
- configuring user search
- following referrals
- PartialResultException
- sAMAccountName attribute
- with LDAP
MTAbstractExternalProcessor class
mtExternalUserSetupProcessor
mtExternalUserSetupProcessor bean
- organizationRoleMap property
mtUserAuthorityServiceTarget bean
- with LDAP
organizationRDNs property
organizationRoleMap property
- Mapping Roles to System Roles
- Mapping User Roles
- Retrieving User Roles from an External Data Source
- Token-based Authentication
organizations
- managing external organizations
- overview
- specifying a single organization
- with CAS
- with LDAP
PartialResultException
- Microsoft Active Directory
password property
password property (LDAP)
PasswordComparisonAuthenticator class
preAuthenticatedManager bean
preAuthenticatedUserDetailsService property
prerequisites for Jaspersoft OLAP
principal objects
principalParameter property
processors
- externalTenantSetupProcessor bean
- externalUserSetupProcessor bean
- mtExternalUserSetupProcessor bean
profile attributes
proxyAuthenticationProcessingFilter bean
- LDAP
- with external authentication
proxyPreAuthenticatedProcessingFilter bean
- Token-based Authentication
- Token-based Authentication
roles
- avoiding name collisions
- CAS
- external roles
  - Synchronization of Roles
  - Synchronization of External Users
- internal roles
- managing external roles
- mapping at organization level
  - Retrieving User Roles from an External Data Source
  - Token-based Authentication
- mapping internal
  - Retrieving User Roles from an External Data Source
  - Token-based Authentication
- mapping system roles
  - Retrieving User Roles from an External Data Source
  - Token-based Authentication
- synchronization
- system roles
- with LDAP
  - Mapping Roles to System Roles
  - Mapping the User Roles
rootOrganizationId property
searchSubtree property
sendRenew property
service property
sessions
single sign-on
- defined
- with CAS
  - Overview of External CAS Authentication
  - CAS Authentication
- with LDAP
Spring Security
- with an external database
- with CAS
  - Configuring JasperReports Server for CAS Authentication
  - Overview of External CAS Authentication
ssoServerLocation property
synchronization
- defined
  - Terminology
  - Organizations and Users in JasperReports Server
- of roles
- of users
- with an external database
- with CAS
- with LDAP
- with token-based authentication
token-based authentication
- configuring
- mapping organizations
- mapping user roles
- overview
- token configuration
- token decryption
- token format
- token security
tokenDecryptor
tokenFormatMapping
tokenInRequestParam property
tokenPairSeparator
troubleshooting
- configuring logging
- LDAP
url property
userDn property (LDAP)
userDnPatterns property
username property
users
- defined
- email address
- externally defined
- managing external users
- profile attributes
- same login name in LDAP
- synchronization
- user sessions
usersByUsernameAndTenantNameQuery property
usersByUsernameQuery property
userSearch bean
- branch RDN value
- example
- LDAP filter value
- search subtrees value

Defining Static Roles

If you're mapping all your external users to a single organization, you can assign static roles to users. This lets you specify a list of administrative users and roles, and a list of roles for non-administrative users. To define static roles, use the externalUserSetupProcessor or mtExternalUserSetupProcessor bean. To set up static roles, locate the version of the bean used in your sample file and configure the following properties:

•

adminUserNames property — A list of usernames granted internal administrator privileges in JasperReports Server. The username values must exactly match the usernames authenticated and returned by the external authority.

•

defaultAdminRoles property — A list of JasperReports Server internal roles. These are assigned to every user in the list of administrators.

•

defaultInternalRoles property — A list of JasperReports Server roles assigned to every user not in the list of administrators.

The following example shows how to use the mtExternalUserSetupProcessor bean to define static roles. The configuration for externalUserSetupProcessor is similar:

<bean id="mtExternalUserSetupProcessor" class="com.jaspersoft.jasperserver.multipleTenancy.security.
    externalAuth.processors.MTExternalUserSetupProcessor" 
    parent="abstractExternalProcessor">
	...
  <property name="adminUsernames">
    <list>
      <value>myorgadmin</value>
    </list>
  </property>

  <property name="defaultAdminRoles">
    <list>
      <value>ROLE_USER</value>
      <value>ROLE_ADMINISTRATOR</value>
    </list>
  </property>

  <property name="defaultInternalRoles">
    <list>
      <value>ROLE_USER</value>
    </list>
  </property>

...

Version:

v7.9.0

Main menu

You are here

Defining Static Roles