The security check call is equivalent to a login call. You send the user credentials and you can tell from the response whether they are valid or not on the server. If they are valid, the server creates a user session or if the user has already performed an operation with valid credentials, it accesses the existing user session.
In either case, the successful response contains the JSESSIONID cookie of the user session. As with the login service, once you receive the session cookie, you should return it with future requests and use it to close the session as described in Logout.
|
Method |
URL |
|||
|
GET |
http://<host>:<port>/jasperserver[-pro]//j_spring_security_check?<arguments> |
|||
|
Argument |
Type/Value |
Description |
||
| orgId? | Text | The organization ID or alias. Required for organization admins and users when there is more than one organization defined. Not required for the system admin (superuser by default). | ||
|
j_username |
Text |
The user ID. |
||
|
j_password |
Text |
The user’s password. If the server has login encryption enabled, the password must be encrypted as explained in Login Encryption. |
||
| userLocale? | Java locale string | Set the optional locale for user in this session. | ||
| userTimezone? | Java time zone | Set the optional time zone for the user in this session. | ||
| Options | ||||
| accept: application/json | ||||
|
Return Value on Success |
Typical Return Values on Failure |
|||
|
302 Moved Temporarily – Response HTTP Header "Location" redirects to "/loginsuccess.html" by default, but often depends on the last session operation. See below if you specify JSON. |
302 Moved Temporarily – Response HTTP Header "Location" redirects to /login.html?error=1. |
|||
If you specify accept: application/json in your request, the location of the redirect in case of success is always the file /scripts/bower_components/js-sdk/src/common/auth/loginSuccess.json. The content of this file is:
{
"success":true
} |
You can configure the location of this file. Edit the configuration file applicationContext-security-web.xml and change the constructor value of the following bean:
<bean id="authSuccessJsonRedirectUrl" class="java.lang.String">
<constructor-arg type="java.lang.String"
value="/scripts/bower_components/js-sdk/src/common/auth/loginSuccess.json"/>
</bean> |
Using an SSO Token
If you are using Single Sign-On for authentication, you can use the security check to submit the ticket.
|
Method |
URL |
|||
|
GET |
http://<host>:<port>/jasperserver[-pro]//j_spring_security_check?<arguments> |
|||
|
Argument |
Type/Value |
Description |
||
| ticket | Text | The ticket for your SSO mechanism. The default parameter name for an SSO authentication token is "ticket". This parameter name can be changed in the configuration file applicationContext-externalAuth-<sso>.xml. | ||
| Options | ||||
| accept: application/json | ||||
|
Return Value on Success |
Typical Return Values on Failure |
|||
|
302 Moved Temporarily – Response HTTP Header "Location" redirects to "/loginsuccess.html" by default, but often depends on the last session operation. |
302 Moved Temporarily – Response HTTP Header "Location" redirects to /login.html?error=1. |
|||
For example, if you have configured the server to use CAS as your SSO provider, you can authenticate and receive the session ID with the following request:
GET http://localhost:8080/jasperserver-pro/j_spring_security_check?ticket=ST-40-CZeUUnGPxEqgScNbxh9l-sso-cas.eng.jaspersoft.com
|
The response has the same behavior as the password-based security check, including the use of a JSON file if requested.
Using a Pre-Authentication Token
When using a pre-authentication mechanism, the verification of the credentials is performed at the base URL of the server.
|
Method |
URL |
|||
|
GET |
http://<host>:<port>/jasperserver[-pro]/?<arguments> |
|||
|
Argument |
Type/Value |
Description |
||
| pp | Text | The token for your pre-authentication mechanism. The default parameter name for a pre authentication token is "pp". This parameter name can be changed in the configuration file applicationContext-externalAuth-preAuth.xml. | ||
| Options | ||||
| accept: application/json | ||||
|
Return Value on Success |
Typical Return Values on Failure |
|||
|
302 Moved Temporarily – Response HTTP Header "Location" redirects to "/loginsuccess.html" by default, but often depends on the last session operation. |
302 Moved Temporarily – Response HTTP Header "Location" redirects to /login.html?error=1. |
|||
For example, if you have configured the server to use pre-authentication, you can authenticate and receive the session ID with the following request:
GET http://localhost:8080/jasperserver-pro?pp=u%3DSteve%7Cr%3DExt_User%7Co%3Dorganization_1%7Cpa1%3DUSA%7Cpa2%3D1
|
