Anyone done JasperServer and CAS?

[tonyg]

Hi,

I have an existing CAS installation I would like to use with JasperSoft. I see it supports it, but there does not seem to be any docs on that...anyone done this? Willing to share configs?

 

thanks

[swood]

We are using Acegi Security for this. I don't know of anyone who was done this with JasperServer yet, but it would be a standard Acegi configuration exercise. The Acegi documentation and examples are excellent - check out acegisecurity.org.

 

 

Sherman

JasperSoft

[alauddinctgbd]

Hi,

We successfully integrate jasperserver with CAS.

Follow the following file's under WEB-INF/

**********applicationContext-cas-security.xml********

 

<?xml version="1.0" encoding="UTF-8"?>

<!DOCTYPE beans PUBLIC "-//SPRING//DTD BEAN//EN"

"http://www.springframework.org/dtd/spring-beans.dtd">

<beans>

<bean id="casAuthenticationProvider" class="org.acegisecurity.providers.cas.CasAuthenticationProvider">

<property name="casAuthoritiesPopulator"><ref local="casAuthoritiesPopulator"/></property>

<property name="casProxyDecider"><ref local="casProxyDecider"/></property>

<property name="ticketValidator"><ref local="casProxyTicketValidator"/></property>

<property name="statelessTicketCache"><ref local="statelessTicketCache"/></property>

<property name="key"><value>my_password_for_this_auth_provider_only</value></property>

</bean>

 

<bean id="casProxyTicketValidator" class="org.acegisecurity.providers.cas.ticketvalidator.CasProxyTicketValidator">

<property name="casValidate"><value>https://${tomcat.host}:${tomcat.https.port}/cas/proxyValidate</value></property>

<property name="proxyCallbackUrl"><value>https://${tomcat.host}:${tomcat.https.port}/jasperserver/casProxy/receptor</value></property>

<property name="serviceProperties"><ref local="serviceProperties"/></property>

<!-- <property name="trustStore"><value>/some/path/to/your/lib/security/cacerts</value></property> -->

</bean>

 

<bean id="cacheManager" class="org.springframework.cache.ehcache.EhCacheManagerFactoryBean"/>

 

<bean id="ticketCacheBackend" class="org.springframework.cache.ehcache.EhCacheFactoryBean">

<property name="cacheManager">

<ref local="cacheManager"/>

</property>

<property name="cacheName">

<value>ticketCache</value>

</property>

</bean>

 

<bean id="statelessTicketCache" class="org.acegisecurity.providers.cas.cache.EhCacheBasedTicketCache">

<property name="cache"><ref local="ticketCacheBackend"/></property>

</bean>

 

<bean id="casAuthoritiesPopulator" class="org.acegisecurity.providers.cas.populator.DaoCasAuthoritiesPopulator">

<property name="userDetailsService"><ref bean="userAuthorityService"/></property>

</bean>

 

<bean id="casProxyDecider" class="org.acegisecurity.providers.cas.proxy.RejectProxyTickets">

</bean>

 

<bean id="serviceProperties" class="org.acegisecurity.ui.cas.ServiceProperties">

<property name="service"><value>https://${tomcat.host}:${tomcat.https.port}/jasperserver/j_acegi_cas_security_check</value></property>

<property name="sendRenew"><value>false</value></property>

</bean>

 

<bean id="casProcessingFilter" class="org.acegisecurity.ui.cas.CasProcessingFilter">

<property name="authenticationManager"><ref bean="authenticationManager"/></property>

<property name="authenticationFailureUrl"><value>/casfailed.jsp</value></property>

<property name="defaultTargetUrl"><value>/</value></property>

<property name="filterProcessesUrl"><value>/j_acegi_cas_security_check</value></property>

</bean>

 

<bean id="casProcessingFilterEntryPoint" class="org.acegisecurity.ui.cas.CasProcessingFilterEntryPoint">

<property name="loginUrl"><value>https://${tomcat.host}:${tomcat.https.port}/cas/login</value></property>

<property name="serviceProperties"><ref local="serviceProperties"/></property>

</bean>

 

 

<!-- ===================== HTTP CHANNEL REQUIREMENTS ==================== -->

<bean id="channelProcessingFilter"

class="org.acegisecurity.securechannel.ChannelProcessingFilter">

<property name="channelDecisionManager">

<ref bean="channelDecisionManager" />

</property>

<property name="filterInvocationDefinitionSource">

<value>

CONVERT_URL_TO_LOWERCASE_BEFORE_COMPARISON

A/login.jsp.*Z=REQUIRES_SECURE_CHANNEL

A/j_acegi_cas_security_check.*Z=REQUIRES_SECURE_CHANNEL

A.*Z=REQUIRES_INSECURE_CHANNEL

</value>

</property>

</bean>

<!-- BASIC Regular Expression Syntax (for beginners):

 

A means the start of the string (ie the beginning of the URL)

Z means the end of the string (ie the end of the URL)

. means any single character

* means null or any number of repetitions of the last expression (so .* means zero or more characters)

 

Some examples:

 

Expression: A/my/directory/.*Z

Would match: /my/directory/

/my/directory/hello.html

 

Expression: A/.*Z

Would match: /hello.html

/

 

Expression: A/.*/secret.htmlZ

Would match: /some/directory/secret.html

/another/secret.html

Not match: /anothersecret.html (missing required /)

-->

 

<bean id="channelDecisionManager"

class="org.acegisecurity.securechannel.ChannelDecisionManagerImpl">

<property name="channelProcessors">

<list>

<ref bean="secureChannelProcessor" />

<ref bean="insecureChannelProcessor" />

</list>

</property>

</bean>

<bean id="secureChannelProcessor"

class="org.acegisecurity.securechannel.SecureChannelProcessor" />

<bean id="insecureChannelProcessor"

class="org.acegisecurity.securechannel.InsecureChannelProcessor" />

 

<!-- ===================== HTTP REQUEST SECURITY ==================== -->

<bean id="exceptionTranslationFilter" class="org.acegisecurity.ui.ExceptionTranslationFilter">

<property name="authenticationEntryPoint"><ref bean="casProcessingFilterEntryPoint"/></property>

</bean>

</beans>

#####################END###########################

************applicationContext-security.xml*******

 

<?xml version="1.0" encoding="UTF-8"?>

<!DOCTYPE beans PUBLIC "-//SPRING//DTD BEAN//EN"

"http://www.springframework.org/dtd/spring-beans.dtd">

 

<beans>

<!-- ======================== FILTER CHAIN =======================

ACLs later: requestMethodsFilter

Not in 1.0-RC1: exceptionTranslationFilter,

Later: ,rememberMeProcessingFilter

 

Web services currently can't use the filter chain because Axis instantiates

the web service handler classes, not Spring. However, we can do the context integration

filter, which associates a security context with the http session, and call

into the Acegi beans from the service handler

-->

<bean id="filterChainProxy" class="org.acegisecurity.util.FilterChainProxy">

<property name="filterInvocationDefinitionSource">

<value>

CONVERT_URL_TO_LOWERCASE_BEFORE_COMPARISON

PATTERN_TYPE_APACHE_ANT

/xmla=httpSessionContextIntegrationFilter,casProcessingFilter,basicProcessingFilter,JIAuthenticationSynchronizer,anonymousProcessingFilter,basicAuthExceptionTranslationFilter,filterInvocationInterceptor

/services/**=httpSessionContextIntegrationFilter,casProcessingFilter,basicProcessingFilter,JIAuthenticationSynchronizer,anonymousProcessingFilter,basicAuthExceptionTranslationFilter,filterInvocationInterceptor

/**=httpSessionContextIntegrationFilter,casProcessingFilter,authenticationProcessingFilter,basicProcessingFilter,JIAuthenticationSynchronizer,anonymousProcessingFilter,exceptionTranslationFilter,filterInvocationInterceptor

</value>

</property>

</bean>

 

<!-- ======================== AUTHENTICATION ======================= -->

<bean id="authenticationManager" class="org.acegisecurity.providers.ProviderManager">

<property name="providers">

<list>

<!-- not on by default <ref local="ldapAuthenticationProvider"/> -->

<!--ref local="daoAuthenticationProvider"/-->

<ref bean="casAuthenticationProvider"/>

<ref local="anonymousAuthenticationProvider"/>

<!--ref local="jaasAuthenticationProvider"/-->

</list>

</property>

</bean>

 

<bean id="daoAuthenticationProvider" class="org.acegisecurity.providers.dao.DaoAuthenticationProvider">

<!-- jdbcDaoImpl -->

<!-- <property name="userDetailsService"><ref bean="inMemoryDaoImpl"/></property> -->

<property name="userDetailsService"><ref bean="userAuthorityService"/></property>

<!-- <property name="passwordEncoder"><ref local="passwordEncoder"/></property> -->

</bean>

 

<bean id="passwordEncoder" class="org.acegisecurity.providers.encoding.ShaPasswordEncoder"/>

 

<!--

<bean id="jaasAuthenticationProvider" class="org.acegisecurity.providers.jaas.JaasAuthenticationProvider">

<property name="loginConfig">

<value>/WEB-INF/login.conf</value>

</property>

<property name="loginContextName">

<value>FileLogin</value>

</property>

<property name="callbackHandlers">

<list>

<bean class="org.acegisecurity.providers.jaas.JaasNameCallbackHandler"/>

<bean class="org.acegisecurity.providers.jaas.JaasPasswordCallbackHandler"/>

</list>

</property>

<property name="authorityGranters">

<list>

<bean class="org.appfuse.web.JaasAuthorityGranter"/>

</list>

</property>

</bean>

-->

<bean id="anonymousProcessingFilter" class="org.acegisecurity.providers.anonymous.AnonymousProcessingFilter">

<property name="key"><value>foobar</value></property>

<property name="userAttribute"><value>anonymousUser,ROLE_ANONYMOUS</value></property>

</bean>

 

<bean id="anonymousAuthenticationProvider" class="org.acegisecurity.providers.anonymous.AnonymousAuthenticationProvider">

<property name="key"><value>foobar</value></property>

</bean>

 

<!--

<bean id="inMemoryDaoImpl" class="org.acegisecurity.userdetails.memory.InMemoryDaoImpl">

<property name="userMap">

<value>

tomcat=536c0b339345616c1b33caf454454d8b8a190d6c,ROLE_USER

springlive=2a9152cff1d25b5bbaa3e5fbc7acdc6905c9f251,ROLE_USER

</value>

</property>

</bean>

-->

 

<!--

 

For LDAP authentication

 

<bean id="initialDirContextFactory" class="org.acegisecurity.ldap.DefaultInitialDirContextFactory">

<constructor-arg value="ldap://scopeserv1:389/dc=panscopic,dc=com"/>

-->

<!--

You may not need the next properties

<property name="managerDn"><value>cn=manager,dc=acegisecurity,dc=org</value></property>

<property name="managerPassword"><value>acegisecurity</value></property>

-->

<!--

</bean>

-->

 

<!--

For LDAP authentication

This bean is not used by default

 

<bean id="userSearch"

class="org.acegisecurity.ldap.search.FilterBasedLdapUserSearch">

<constructor-arg index="0">

<value></value>

</constructor-arg>

<constructor-arg index="1">

<value>(uid={0})</value>

</constructor-arg>

<constructor-arg index="2">

<ref local="initialDirContextFactory" />

</constructor-arg>

<property name="searchSubtree">

<value>true</value>

</property>

</bean>

 

-->

 

<!--

For LDAP authentication

 

<bean id="ldapAuthenticationProvider" class="org.acegisecurity.providers.ldap.LdapAuthenticationProvider">

<constructor-arg>

<bean class="org.acegisecurity.providers.ldap.authenticator.BindAuthenticator">

<constructor-arg><ref local="initialDirContextFactory"/></constructor-arg>

<property name="userDnPatterns"><list><value>uid={0}</value></list></property>

</bean>

</constructor-arg>

<constructor-arg>

<bean class="org.acegisecurity.providers.ldap.populator.DefaultLdapAuthoritiesPopulator">

<constructor-arg index="0"><ref local="initialDirContextFactory"/></constructor-arg>

<constructor-arg index="1"><value></value></constructor-arg>

<property name="groupRoleAttribute"><value>cn</value></property>

<property name="groupSearchFilter"><value>(&(uniqueMember={0})(objectclass=groupofuniquenames))</value></property>

</bean>

</constructor-arg>

</bean>

-->

 

<bean id="JIAuthenticationSynchronizer" class="com.jaspersoft.jasperserver.api.metadata.user.service.impl.MetadataAuthenticationProcessingFilter">

<property name="externalUserService"><ref bean="userAuthorityService"/></property>

</bean>

 

 

<!-- Automatically receives AuthenticationEvent messages -->

<bean id="loggerListener" class="org.acegisecurity.event.authentication.LoggerListener"/>

 

<!--

<bean id="rememberMeProcessingFilter" class="org.acegisecurity.ui.rememberme.RememberMeProcessingFilter">

<property name="authenticationManager"><ref local="authenticationManager"/></property>

<property name="rememberMeServices"><ref local="rememberMeServices"/></property>

</bean>

 

<bean id="rememberMeServices" class="org.acegisecurity.ui.rememberme.TokenBasedRememberMeServices">

<property name="userDetailsService"><ref local="inMemoryDaoImpl"/></property>

<property name="key"><value>springRocks</value></property>

</bean>

 

<bean id="rememberMeAuthenticationProvider" class="org.acegisecurity.providers.rememberme.RememberMeAuthenticationProvider">

<property name="key"><value>springRocks</value></property>

</bean>

-->

<!-- Basic Authentication -->

<bean id="basicProcessingFilter" class="org.acegisecurity.ui.basicauth.BasicProcessingFilter">

<property name="authenticationManager"><ref local="authenticationManager"/></property>

<property name="authenticationEntryPoint"><ref local="basicProcessingFilterEntryPoint"/></property>

</bean>

 

<!-- if there is no BASIC auth header, this filter will display a 401 error thanks to the entry point -->

<bean id="basicAuthExceptionTranslationFilter" class="org.acegisecurity.ui.ExceptionTranslationFilter">

<property name="authenticationEntryPoint"><ref bean="basicProcessingFilterEntryPoint"/></property>

</bean>

 

<bean id="basicProcessingFilterEntryPoint" class="org.acegisecurity.ui.basicauth.BasicProcessingFilterEntryPoint">

<property name="realmName"><value>Protected Area</value></property>

</bean>

 

<!-- Form-based Authentication

 

<bean id="exceptionTranslationFilter" class="org.acegisecurity.ui.ExceptionTranslationFilter">

<property name="authenticationEntryPoint"><ref local="authenticationProcessingFilterEntryPoint"/></property>

</bean>

 

-->

 

<bean id="authenticationProcessingFilter" class="org.acegisecurity.ui.webapp.AuthenticationProcessingFilter">

<property name="authenticationManager"><ref local="authenticationManager"/></property>

<property name="authenticationFailureUrl"><value>/loginerror.html</value></property>

<property name="defaultTargetUrl"><value>/loginsuccess.html</value></property>

<property name="filterProcessesUrl"><value>/j_acegi_security_check</value></property>

</bean>

 

<bean id="authenticationProcessingFilterEntryPoint" class="org.acegisecurity.ui.webapp.AuthenticationProcessingFilterEntryPoint">

<property name="loginFormUrl"><value>/login.html</value></property>

<property name="forceHttps"><value>false</value></property>

</bean>

 

<!-- ===================== HTTP REQUEST SECURITY ====================

<bean id="httpSessionContextIntegrationFilter" class="org.acegisecurity.context.HttpSessionContextIntegrationFilter">

<property name="context"><value>org.acegisecurity.context.security.SecureContextImpl</value></property>

</bean>

-->

<bean id="httpSessionContextIntegrationFilter" class="org.acegisecurity.context.HttpSessionContextIntegrationFilter"/>

 

<bean id="exceptionTranslationFilter" class="org.acegisecurity.ui.ExceptionTranslationFilter">

<property name="authenticationEntryPoint"><ref local="authenticationProcessingFilterEntryPoint"/></property>

</bean>

 

<bean id="httpRequestAccessDecisionManager" class="org.acegisecurity.vote.AffirmativeBased">

<property name="allowIfAllAbstainDecisions"><value>false</value></property>

<property name="decisionVoters">

<list>

<ref bean="roleVoter"/>

</list>

</property>

</bean>

 

<!--

<bean id="runAsManager" class="org.acegisecurity.runas.RunAsImplAuthenticationProvider">

<property name="key"><value>my_run_as_password</value></property>

</bean>

-->

 

<bean id="requestMethodsFilter" class="org.acegisecurity.wrapper.SecurityContextHolderAwareRequestFilter"/>

 

<!-- Optionally, you can specify a "rolePrefix" property to change

(or remove) the ROLE_ prefix for role names. -->

<bean id="roleVoter" class="org.acegisecurity.vote.RoleVoter"/>

 

<!--

Note the order that entries are placed against the objectDefinitionSource is critical.

The FilterSecurityInterceptor will work from the top of the list down to the FIRST pattern that matches the request URL.

Accordingly, you should place MOST SPECIFIC (ie a/b/c/d.*) expressions first, with LEAST SPECIFIC (ie a/.*) expressions last

 

========= JasperServer Note ==============

There are currently three roles:

ROLE_ANONYMOUS (i.e. not logged in)

ROLE_USER

ROLE_ADMINISTRATOR

Any page accessible by a non-admin user (or by someone not logged in)

must be added explicitly. Any other pages are assumed to require the admin role

 

-->

<bean id="filterInvocationInterceptor" class="org.acegisecurity.intercept.web.FilterSecurityInterceptor">

<property name="authenticationManager"><ref bean="authenticationManager"/></property>

<property name="accessDecisionManager"><ref local="httpRequestAccessDecisionManager"/></property>

<!-- <property name="runAsManager"><ref bean="runAsManager"/></property> -->

<property name="objectDefinitionSource">

<value>

CONVERT_URL_TO_LOWERCASE_BEFORE_COMPARISON

PATTERN_TYPE_APACHE_ANT

/login.html=ROLE_ANONYMOUS,ROLE_USER

/logout.html=ROLE_ANONYMOUS,ROLE_USER

/loginerror.html=ROLE_ANONYMOUS,ROLE_USER

/home.html=ROLE_USER

/flow.html=ROLE_USER

/loginsuccess.html=ROLE_USER

/listolapviews.html=ROLE_USER

/fillparams.html=ROLE_USER

/fileview/**=ROLE_USER

/xmla=ROLE_USER

/services/**=ROLE_USER

/*.html=ROLE_ADMINISTRATOR

/*.jsp=ROLE_ADMINISTRATOR

</value>

</property>

</bean>

 

<!-- ===================== ACL-BASED SECURITY ==================== -->

 

<!-- ACL permission masks used by this application -->

<bean id="SimpleAclEntry.ADMINISTRATION" class="org.springframework.beans.factory.config.FieldRetrievingFactoryBean">

<property name="staticField">

<value>org.acegisecurity.acl.basic.SimpleAclEntry.ADMINISTRATION</value>

</property>

</bean>

 

<bean id="SimpleAclEntry.READ_WRITE" class="org.springframework.beans.factory.config.FieldRetrievingFactoryBean">

<property name="staticField">

<value>org.acegisecurity.acl.basic.SimpleAclEntry.READ_WRITE</value>

</property>

</bean>

 

<bean id="SimpleAclEntry.READ" class="org.springframework.beans.factory.config.FieldRetrievingFactoryBean">

<property name="staticField">

<value>org.acegisecurity.acl.basic.SimpleAclEntry.READ</value>

</property>

</bean>

 

<bean id="SimpleAclEntry.DELETE" class="org.springframework.beans.factory.config.FieldRetrievingFactoryBean">

<property name="staticField">

<value>org.acegisecurity.acl.basic.SimpleAclEntry.DELETE</value>

</property>

</bean>

 

<!-- An access decision voter that reads ACL_USER_ADMIN settings -->

<bean id="aclUserAdminVoter" class="org.acegisecurity.vote.BasicAclEntryVoter">

<property name="aclManager"><ref local="aclManager"/></property>

<property name="processConfigAttribute">

<value>ACL_USER_ADMIN</value>

</property>

<property name="processDomainObjectClass">

<value>com.jaspersoft.jasperserver.api.metadata.common.domain.Resource</value>

</property>

<property name="requirePermission">

<list>

<ref local="SimpleAclEntry.ADMINISTRATION"/>

</list>

</property>

</bean>

 

<!-- An access decision voter that reads ACL_USER_UPDATE settings -->

<bean id="aclUserUpdateVoter" class="org.acegisecurity.vote.BasicAclEntryVoter">

<property name="aclManager"><ref local="aclManager"/></property>

<property name="processConfigAttribute">

<value>ACL_USER_UPDATE</value>

</property>

<property name="processDomainObjectClass">

<value>com.jaspersoft.jasperserver.api.metadata.common.domain.Resource</value>

</property>

<property name="requirePermission">

<list>

<ref local="SimpleAclEntry.ADMINISTRATION"/>

<ref local="SimpleAclEntry.READ_WRITE"/>

</list>

</property>

</bean>

 

 

<!-- An access decision voter that reads ACL_USER_READ settings -->

<bean id="aclUserReadVoter" class="org.acegisecurity.vote.BasicAclEntryVoter">

<property name="aclManager"><ref local="aclManager"/></property>

<property name="processConfigAttribute">

<value>ACL_USER_READ</value>

</property>

<property name="processDomainObjectClass">

<value>com.jaspersoft.jasperserver.api.metadata.common.domain.Resource</value>

</property>

<property name="requirePermission">

<list>

<ref local="SimpleAclEntry.ADMINISTRATION"/>

<ref local="SimpleAclEntry.READ"/>

</list>

</property>

</bean>

 

 

<!-- An access decision manager used by the business objects -->

<bean id="aclAccessDecisionManager" class="org.acegisecurity.vote.AffirmativeBased">

<property name="allowIfAllAbstainDecisions"><value>true</value></property>

<property name="decisionVoters">

<list>

<ref local="roleVoter"/>

<ref local="aclUserAdminVoter"/>

<ref local="aclUserUpdateVoter"/>

<ref local="aclUserReadVoter"/>

</list>

</property>

</bean>

 

 

<!-- ========= ACCESS CONTROL LIST MANAGER DEFINITIONS ========= -->

 

<bean id="aclManager" class="org.acegisecurity.acl.AclProviderManager">

<property name="providers">

<list>

<ref bean="objectPermissionService"/>

</list>

</property>

</bean>

 

<!-- ===================== METHOD-LEVEL SECURITY ==================== -->

 

 

<bean id="hibernateRepoServiceSecurity"

class="org.acegisecurity.intercept.method.aopalliance.MethodSecurityInterceptor">

<property name="authenticationManager"><ref local="authenticationManager"/></property>

<property name="accessDecisionManager"><ref local="aclAccessDecisionManager"/></property>

<property name="afterInvocationManager"><ref local="afterInvocationManager"/></property>

<property name="objectDefinitionSource">

<value>

com.jaspersoft.jasperserver.api.metadata.common.service.RepositoryService.loadResourcesList=AFTER_ACL_COLLECTION_READ

com.jaspersoft.jasperserver.api.metadata.common.service.RepositoryService.loadClientResources=AFTER_ACL_COLLECTION_READ

com.jaspersoft.jasperserver.api.metadata.common.service.RepositoryService.getAllFolders=AFTER_ACL_COLLECTION_READ

com.jaspersoft.jasperserver.api.metadata.common.service.RepositoryService.getSubFolders=AFTER_ACL_COLLECTION_READ

</value>

</property>

</bean>

 

 

<!--

 

Not used

 

<bean id="hibernateRepoServiceSecurity"

class="org.acegisecurity.intercept.method.aspectj.AspectJSecurityInterceptor">

<property name="authenticationManager"><ref local="authenticationManager"/></property>

<property name="accessDecisionManager"><ref local="aclAccessDecisionManager"/></property>

<property name="afterInvocationManager"><ref local="afterInvocationManager"/></property>

<property name="objectDefinitionSource">

<value>

com.jaspersoft.jasperserver.api.metadata.common.service.impl.hibernate.HibernateRepositoryService.getRepoResource=ROLE_PermissionTestRoleAgain,AFTER_ACL_READ

com.jaspersoft.jasperserver.api.metadata.common.service.impl.hibernate.HibernateRepositoryService.loadResourcesList=ROLE_PermissionTestRole,ROLE_PermissionTestRoleAgain,AFTER_ACL_COLLECTION_READ

</value>

</property>

</bean>

 

<bean id="domainObjectInstanceSecurityAspect"

class="com.jaspersoft.jasperserver.api.metadata.user.service.impl.ObjectSecurityAspect"

factory-method="aspectOf">

<property name="securityInterceptor"><ref local="hibernateRepoServiceSecurity"/></property>

</bean>

-->

 

<!-- ============== "AFTER INTERCEPTION" AUTHORIZATION =========== -->

 

<bean id="afterInvocationManager" class="org.acegisecurity.afterinvocation.AfterInvocationProviderManager">

<property name="providers">

<list>

<ref local="afterAclRead"/>

<ref local="afterAclCollectionRead"/>

</list>

</property>

</bean>

 

<!-- Processes AFTER_ACL_COLLECTION_READ configuration settings -->

 

<bean id="afterAclCollectionRead"

class="org.acegisecurity.afterinvocation.BasicAclEntryAfterInvocationCollectionFilteringProvider">

<property name="aclManager"><ref local="aclManager"/></property>

<property name="requirePermission">

<list>

<ref local="SimpleAclEntry.ADMINISTRATION"/>

<ref local="SimpleAclEntry.READ"/>

</list>

</property>

</bean>

 

<!-- Processes AFTER_ACL_READ configuration settings -->

 

<bean id="afterAclRead" class="org.acegisecurity.afterinvocation.BasicAclEntryAfterInvocationProvider">

<property name="aclManager"><ref local="aclManager"/></property>

<property name="requirePermission">

<list>

<ref local="SimpleAclEntry.ADMINISTRATION"/>

<ref local="SimpleAclEntry.READ"/>

</list>

</property>

</bean>

</beans>

[tonyg]

wow, thanks a ton!!! i will look this over....thanks again

[bklawans]

Hi All,

 

JasperSoft is an active participant in the Open Solutions Alliance, and the OSA interoperability working group (which I chair :-) ) is currently working on an integration project with includes (among other things) a standard authentication and single-sign on mechanism. We are leaning to CAS as the recommended auth mechanism, and assuming that gets approved by the working group you can expect that we will start shipping example configs to work with CAS out of the box.

 

-Barry

[tonyg]

hi, i am trying to implement your config and I am getting this error on startup, any ideas?

 

00:13:35,200 ERROR ContextLoader,Thread-2:199 - Context initialization failed

org.springframework.beans.factory.BeanDefinitionStoreException: Error registering bean with name 'JIAuthenticationSynchronizer' defined in ServletContext resource [/WEB-INF/applicationContext-security.xml]: Bean class [ com.jaspersoft.jasperserver.api.metadata.user.service.impl.MetadataAuthenticationProcessingFilter] not found; nested exception is java.lang.ClassNotFoundException: com.jaspersoft.jasperserver.api.metadata.user.service.impl.MetadataAuthenticationProcessingFilter

java.lang.ClassNotFoundException: com.jaspersoft.jasperserver.api.metadata.user.service.impl.MetadataAuthenticationProcessingFilter

[rockstar]

Hello Everybody,

I too have similar issue while integrating JasperServer with CAS. I am having CAS Server 3.3.4 set up in a tomcat server. Its configured with my local LDAP. Its working fine as I have integrated other applications with this. I am using jasper server 3.5.0. For Acegi CAS integration I am using acegi-security-cas-1.0.7.jar, casclient-2.1.1.jar. I followed the tips mentioned on http://www.acegisecurity.org/guide/springsecurity.html#cas to get the CAS integrated with Acegi Security. Here I am attaching the web.xml, applicationContext.xml, and applicationContext-security.xml(Though there is no modification at all). While accessing the application I can see I am redirected to the home.html page but I see an empty screen with error as mentioned below on the log file.

I am a beginner with Acegi Security, and CAS as well. I ahve also tried the solution provided in this thread. But unfortunately its not working. Please guide me.

 

Thanks a lot!

Keep Rocking

 

Code:

18:27:27,986 ERROR [jsp],http-9443-Processor25:704 - Servlet.service() for servlet jsp threw exceptionjava.lang.NullPointerException	at com.jaspersoft.jasperserver.api.metadata.user.service.impl.UserAuthorityServiceImpl.getSourceAuthentication(UserAuthorityServiceImpl.java:829)	at com.jaspersoft.jasperserver.api.metadata.user.service.impl.UserAuthorityServiceImpl.isUserSwitched(UserAuthorityServiceImpl.java:843)	at org.apache.jsp.WEB_002dINF.decorators.main_jsp._jspService(main_jsp.java:306)	at org.apache.jasper.runtime.HttpJspBase.service(HttpJspBase.java:97)	at javax.servlet.http.HttpServlet.service(HttpServlet.java:802)	at org.apache.jasper.servlet.JspServletWrapper.service(JspServletWrapper.java:334)	at org.apache.jasper.servlet.JspServlet.serviceJspFile(JspServlet.java:314)	at org.apache.jasper.servlet.JspServlet.service(JspServlet.java:264)	at javax.servlet.http.HttpServlet.service(HttpServlet.java:802)	at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:252)	at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:173)	at org.apache.catalina.core.ApplicationDispatcher.invoke(ApplicationDispatcher.java:672)	at org.apache.catalina.core.ApplicationDispatcher.doInclude(ApplicationDispatcher.java:574)	at org.apache.catalina.core.ApplicationDispatcher.include(ApplicationDispatcher.java:499)	at com.opensymphony.module.sitemesh.filter.PageFilter.applyDecorator(PageFilter.java:165)	at com.opensymphony.module.sitemesh.filter.PageFilter.doFilter(PageFilter.java:63)	at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:202)	at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:173)	at org.apache.catalina.core.ApplicationDispatcher.invoke(ApplicationDispatcher.java:672)	at org.apache.catalina.core.ApplicationDispatcher.processRequest(ApplicationDispatcher.java:463)	at org.apache.catalina.core.ApplicationDispatcher.doForward(ApplicationDispatcher.java:398)	at org.apache.catalina.core.ApplicationDispatcher.forward(ApplicationDispatcher.java:301)	at org.springframework.web.servlet.view.InternalResourceView.renderMergedOutputModel(InternalResourceView.java:142)	at org.springframework.web.servlet.view.AbstractView.render(AbstractView.java:247)	at org.springframework.web.servlet.DispatcherServlet.render(DispatcherServlet.java:1105)	at org.springframework.web.servlet.DispatcherServlet.doDispatch(DispatcherServlet.java:841)	at org.springframework.web.servlet.DispatcherServlet.doService(DispatcherServlet.java:755)	at org.springframework.web.servlet.FrameworkServlet.processRequest(FrameworkServlet.java:396)	at org.springframework.web.servlet.FrameworkServlet.doGet(FrameworkServlet.java:350)	at javax.servlet.http.HttpServlet.service(HttpServlet.java:689)	at javax.servlet.http.HttpServlet.service(HttpServlet.java:802)	at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:252)	at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:173)	at com.jaspersoft.jasperserver.war.common.UploadMultipartFilter.doFilter(UploadMultipartFilter.java:86)	at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:202)	at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:173)	at com.jaspersoft.jasperserver.war.util.CharacterEncodingFilter.doFilter(CharacterEncodingFilter.java:70)	at org.springframework.web.filter.DelegatingFilterProxy.doFilter(DelegatingFilterProxy.java:138)	at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:202)	at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:173)	at org.acegisecurity.ui.AbstractProcessingFilter.doFilter(AbstractProcessingFilter.java:217)	at org.acegisecurity.util.FilterToBeanProxy.doFilter(FilterToBeanProxy.java:90)	at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:202)	at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:173)	at org.apache.catalina.core.StandardWrapperValve.invoke(StandardWrapperValve.java:213)	at org.apache.catalina.core.StandardContextValve.invoke(StandardContextValve.java:178)	at org.apache.catalina.core.StandardHostValve.invoke(StandardHostValve.java:126)	at org.apache.catalina.valves.ErrorReportValve.invoke(ErrorReportValve.java:105)	at org.apache.catalina.core.StandardEngineValve.invoke(StandardEngineValve.java:107)	at org.apache.catalina.connector.CoyoteAdapter.service(CoyoteAdapter.java:148)	at org.apache.coyote.http11.Http11Processor.process(Http11Processor.java:869)	at org.apache.coyote.http11.Http11BaseProtocol$Http11ConnectionHandler.processConnection(Http11BaseProtocol.java:664)	at org.apache.tomcat.util.net.PoolTcpEndpoint.processSocket(PoolTcpEndpoint.java:527)	at org.apache.tomcat.util.net.LeaderFollowerWorkerThread.runIt(LeaderFollowerWorkerThread.java:80)	at org.apache.tomcat.util.threads.ThreadPool$ControlRunnable.run(ThreadPool.java:684)	at java.lang.Thread.run(Thread.java:595)18:27:27,995 ERROR [jsp],http-9443-Processor25:704 - Servlet.service() for servlet jsp threw exceptionjava.lang.NullPointerException	at com.jaspersoft.jasperserver.api.metadata.user.service.impl.UserAuthorityServiceImpl.getSourceAuthentication(UserAuthorityServiceImpl.java:829)	at com.jaspersoft.jasperserver.api.metadata.user.service.impl.UserAuthorityServiceImpl.isUserSwitched(UserAuthorityServiceImpl.java:843)	at org.apache.jsp.WEB_002dINF.decorators.main_jsp._jspService(main_jsp.java:306)	at org.apache.jasper.runtime.HttpJspBase.service(HttpJspBase.java:97)	at javax.servlet.http.HttpServlet.service(HttpServlet.java:802)	at org.apache.jasper.servlet.JspServletWrapper.service(JspServletWrapper.java:334)	at org.apache.jasper.servlet.JspServlet.serviceJspFile(JspServlet.java:314)	at org.apache.jasper.servlet.JspServlet.service(JspServlet.java:264)	at javax.servlet.http.HttpServlet.service(HttpServlet.java:802)	at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:252)	at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:173)	at org.apache.catalina.core.ApplicationDispatcher.invoke(ApplicationDispatcher.java:672)	at org.apache.catalina.core.ApplicationDispatcher.doInclude(ApplicationDispatcher.java:574)	at org.apache.catalina.core.ApplicationDispatcher.include(ApplicationDispatcher.java:499)	at com.opensymphony.module.sitemesh.filter.PageFilter.applyDecorator(PageFilter.java:165)	at com.opensymphony.module.sitemesh.filter.PageFilter.doFilter(PageFilter.java:63)	at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:202)	at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:173)	at org.apache.catalina.core.ApplicationDispatcher.invoke(ApplicationDispatcher.java:672)	at org.apache.catalina.core.ApplicationDispatcher.processRequest(ApplicationDispatcher.java:463)	at org.apache.catalina.core.ApplicationDispatcher.doForward(ApplicationDispatcher.java:398)	at org.apache.catalina.core.ApplicationDispatcher.forward(ApplicationDispatcher.java:301)	at org.springframework.web.servlet.view.InternalResourceView.renderMergedOutputModel(InternalResourceView.java:142)	at org.springframework.web.servlet.view.AbstractView.render(AbstractView.java:247)	at org.springframework.web.servlet.DispatcherServlet.render(DispatcherServlet.java:1105)	at org.springframework.web.servlet.DispatcherServlet.doDispatch(DispatcherServlet.java:841)	at org.springframework.web.servlet.DispatcherServlet.doService(DispatcherServlet.java:755)	at org.springframework.web.servlet.FrameworkServlet.processRequest(FrameworkServlet.java:396)	at org.springframework.web.servlet.FrameworkServlet.doGet(FrameworkServlet.java:350)	at javax.servlet.http.HttpServlet.service(HttpServlet.java:689)	at javax.servlet.http.HttpServlet.service(HttpServlet.java:802)	at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:252)	at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:173)	at com.jaspersoft.jasperserver.war.common.UploadMultipartFilter.doFilter(UploadMultipartFilter.java:86)	at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:202)	at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:173)	at com.jaspersoft.jasperserver.war.util.CharacterEncodingFilter.doFilter(CharacterEncodingFilter.java:70)	at org.springframework.web.filter.DelegatingFilterProxy.doFilter(DelegatingFilterProxy.java:138)	at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:202)	at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:173)	at org.acegisecurity.ui.AbstractProcessingFilter.doFilter(AbstractProcessingFilter.java:217)	at org.acegisecurity.util.FilterToBeanProxy.doFilter(FilterToBeanProxy.java:90)	at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:202)	at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:173)	at org.apache.catalina.core.StandardWrapperValve.invoke(StandardWrapperValve.java:213)	at org.apache.catalina.core.StandardContextValve.invoke(StandardContextValve.java:178)	at org.apache.catalina.core.StandardHostValve.invoke(StandardHostValve.java:126)	at org.apache.catalina.valves.ErrorReportValve.invoke(ErrorReportValve.java:105)	at org.apache.catalina.core.StandardEngineValve.invoke(StandardEngineValve.java:107)	at org.apache.catalina.connector.CoyoteAdapter.service(CoyoteAdapter.java:148)	at org.apache.coyote.http11.Http11Processor.process(Http11Processor.java:869)	at org.apache.coyote.http11.Http11BaseProtocol$Http11ConnectionHandler.processConnection(Http11BaseProtocol.java:664)	at org.apache.tomcat.util.net.PoolTcpEndpoint.processSocket(PoolTcpEndpoint.java:527)	at org.apache.tomcat.util.net.LeaderFollowerWorkerThread.runIt(LeaderFollowerWorkerThread.java:80)	at org.apache.tomcat.util.threads.ThreadPool$ControlRunnable.run(ThreadPool.java:684)	at java.lang.Thread.run(Thread.java:595)18:27:27,997 ERROR [jasperserver],http-9443-Processor25:253 - Servlet.service() for servlet jasperserver threw exceptionjava.lang.NullPointerException	at com.jaspersoft.jasperserver.api.metadata.user.service.impl.UserAuthorityServiceImpl.getSourceAuthentication(UserAuthorityServiceImpl.java:829)	at com.jaspersoft.jasperserver.api.metadata.user.service.impl.UserAuthorityServiceImpl.isUserSwitched(UserAuthorityServiceImpl.java:843)	at org.apache.jsp.WEB_002dINF.decorators.main_jsp._jspService(main_jsp.java:306)	at org.apache.jasper.runtime.HttpJspBase.service(HttpJspBase.java:97)	at javax.servlet.http.HttpServlet.service(HttpServlet.java:802)	at org.apache.jasper.servlet.JspServletWrapper.service(JspServletWrapper.java:334)	at org.apache.jasper.servlet.JspServlet.serviceJspFile(JspServlet.java:314)	at org.apache.jasper.servlet.JspServlet.service(JspServlet.java:264)	at javax.servlet.http.HttpServlet.service(HttpServlet.java:802)	at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:252)	at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:173)	at org.apache.catalina.core.ApplicationDispatcher.invoke(ApplicationDispatcher.java:672)	at org.apache.catalina.core.ApplicationDispatcher.doInclude(ApplicationDispatcher.java:574)	at org.apache.catalina.core.ApplicationDispatcher.include(ApplicationDispatcher.java:499)	at com.opensymphony.module.sitemesh.filter.PageFilter.applyDecorator(PageFilter.java:165)	at com.opensymphony.module.sitemesh.filter.PageFilter.doFilter(PageFilter.java:63)	at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:202)	at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:173)	at org.apache.catalina.core.ApplicationDispatcher.invoke(ApplicationDispatcher.java:672)	at org.apache.catalina.core.ApplicationDispatcher.processRequest(ApplicationDispatcher.java:463)	at org.apache.catalina.core.ApplicationDispatcher.doForward(ApplicationDispatcher.java:398)	at org.apache.catalina.core.ApplicationDispatcher.forward(ApplicationDispatcher.java:301)	at org.springframework.web.servlet.view.InternalResourceView.renderMergedOutputModel(InternalResourceView.java:142)	at org.springframework.web.servlet.view.AbstractView.render(AbstractView.java:247)	at org.springframework.web.servlet.DispatcherServlet.render(DispatcherServlet.java:1105)	at org.springframework.web.servlet.DispatcherServlet.doDispatch(DispatcherServlet.java:841)	at org.springframework.web.servlet.DispatcherServlet.doService(DispatcherServlet.java:755)	at org.springframework.web.servlet.FrameworkServlet.processRequest(FrameworkServlet.java:396)	at org.springframework.web.servlet.FrameworkServlet.doGet(FrameworkServlet.java:350)	at javax.servlet.http.HttpServlet.service(HttpServlet.java:689)	at javax.servlet.http.HttpServlet.service(HttpServlet.java:802)	at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:252)	at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:173)	at com.jaspersoft.jasperserver.war.common.UploadMultipartFilter.doFilter(UploadMultipartFilter.java:86)	at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:202)	at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:173)	at com.jaspersoft.jasperserver.war.util.CharacterEncodingFilter.doFilter(CharacterEncodingFilter.java:70)	at org.springframework.web.filter.DelegatingFilterProxy.doFilter(DelegatingFilterProxy.java:138)	at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:202)	at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:173)	at org.acegisecurity.ui.AbstractProcessingFilter.doFilter(AbstractProcessingFilter.java:217)	at org.acegisecurity.util.FilterToBeanProxy.doFilter(FilterToBeanProxy.java:90)	at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:202)	at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:173)	at org.apache.catalina.core.StandardWrapperValve.invoke(StandardWrapperValve.java:213)	at org.apache.catalina.core.StandardContextValve.invoke(StandardContextValve.java:178)	at org.apache.catalina.core.StandardHostValve.invoke(StandardHostValve.java:126)	at org.apache.catalina.valves.ErrorReportValve.invoke(ErrorReportValve.java:105)	at org.apache.catalina.core.StandardEngineValve.invoke(StandardEngineValve.java:107)	at org.apache.catalina.connector.CoyoteAdapter.service(CoyoteAdapter.java:148)	at org.apache.coyote.http11.Http11Processor.process(Http11Processor.java:869)	at org.apache.coyote.http11.Http11BaseProtocol$Http11ConnectionHandler.processConnection(Http11BaseProtocol.java:664)	at org.apache.tomcat.util.net.PoolTcpEndpoint.processSocket(PoolTcpEndpoint.java:527)	at org.apache.tomcat.util.net.LeaderFollowerWorkerThread.runIt(LeaderFollowerWorkerThread.java:80)	at org.apache.tomcat.util.threads.ThreadPool$ControlRunnable.run(ThreadPool.java:684)	at java.lang.Thread.run(Thread.java:595)

[andre.erasmus]

Is there a applicationContext-cas-security.xml file in Clean (Default) Jasperserver ?

I Can't seem to find it...