huwtrimet.org Posted August 19, 2008 Share Posted August 19, 2008 Hi there, I figured out that menu option is controlled by JI-menu.xml, object level security could be set by the administrator using the GUI property. What about the screen access, where do I set that? Thanks in advance.Menu optionsMenu options appear depending on the user's roles. Normal users do not have access to administrativefunctions. This can be modified through reconfiguration. See the Developer's Guide for details.· Screen accessIndividual screens can be blocked for access by people with given roles. For example, the defaultsecurity framework only allows administrators access to repository maintenance screens. Thisconfiguration of what screens are available for what roles is done in configuration files. Assigningappropriate roles to individual users through the administrative user interface configures the precisescreen access for users.· Object level securityObjects in the repository and folders can have permissions set on them so that users without sufficientrights cannot see and access those resources. For example, you may have management reports thatare not for all users. Permissions can be set to block access for only users with a management role.This filtering capability is used regardless of whether the user is going through the Web user interface orWeb Services. See Setting Permissions below. Link to comment Share on other sites More sharing options...
swood Posted August 19, 2008 Share Posted August 19, 2008 Have a look at WEB-INF/applicationContext-security.xml. In there are two bean defintions - filterInvocationInterceptor and flowVoter.filterInvocationInterceptor allows you to lock down whole screens with full URLs to users with given roles. You probably don't need to touch this. flowVoter secures JasperServer's Spring Web Flow screens. This is probably what you want to configure. You will see the flow names in the URLs - the "_flow" parameter. ShermanJaspersoft Link to comment Share on other sites More sharing options...
huwtrimet.org Posted August 19, 2008 Author Share Posted August 19, 2008 I have created a brand new role called ROLE_REPORTSONLY.I wanted to lock down the menu to Home, View->Reports, Logout only. I was able to accomplish this by modifying the ji-menu.xml file.I tried to give the /loginsuccess.html=ROLE_REPORTSONLY access in the filterInvocationInterceptor, but instead I got a unsupported argument error message when trying to start the Tomcat.org.springframework.beans.factory.BeanCreationException: Error creating bean with name 'filterInvocationInterceptor' defined in ServletContext resource [/WEB-INF/applicationContext-security.xml]: Invocation of init method failed; nested exception is java.lang.IllegalArgumentException: Unsupported configuration attributes: [role_reportsonly]Caused by: java.lang.IllegalArgumentException: Unsupported configuration attributes: [role_reportsonly] at org.acegisecurity.intercept.AbstractSecurityInterceptor.afterPropertiesSet(AbstractSecurityInterceptor.java:213) at org.springframework.beans.factory.support.AbstractAutowireCapableBeanFactory.invokeInitMethods(AbstractAutowireCapableBeanFactory.java:1118) at org.springframework.beans.factory.support.AbstractAutowireCapableBeanFactory.initializeBean(AbstractAutowireCapableBeanFactory.java:1085) at org.springframework.beans.factory.support.AbstractAutowireCapableBeanFactory.createBean(AbstractAutowireCapableBeanFactory.java:429) at org.springframework.beans.factory.support.AbstractBeanFactory$1.getObject(AbstractBeanFactory.java:250) at org.springframework.beans.factory.support.DefaultSingletonBeanRegistry.getSingleton(DefaultSingletonBeanRegistry.java:141) at org.springframework.beans.factory.support.AbstractBeanFactory.getBean(AbstractBeanFactory.java:247) at org.springframework.beans.factory.support.AbstractBeanFactory.getBean(AbstractBeanFactory.java:161) at org.springframework.beans.factory.support.DefaultListableBeanFactory.preInstantiateSingletons(DefaultListableBeanFactory.java:273) at org.springframework.context.support.AbstractApplicationContext.refresh(AbstractApplicationContext.java:346) at org.springframework.web.context.support.AbstractRefreshableWebApplicationContext.refresh(AbstractRefreshableWebApplicationContext.java:156) at org.springframework.web.context.ContextLoader.createWebApplicationContext(ContextLoader.java:246) at org.springframework.web.context.ContextLoader.initWebApplicationContext(ContextLoader.java:184) at org.springframework.web.context.ContextLoaderListener.contextInitialized(ContextLoaderListener.java:49) at org.apache.catalina.core.StandardContext.listenerStart(StandardContext.java:3763) at org.apache.catalina.core.StandardContext.start(StandardContext.java:4211) at org.apache.catalina.core.ContainerBase.addChildInternal(ContainerBase.java:759) at org.apache.catalina.core.ContainerBase.addChild(ContainerBase.java:739) at org.apache.catalina.core.StandardHost.addChild(StandardHost.java:524) at org.apache.catalina.startup.HostConfig.deployDirectory(HostConfig.java:904) at org.apache.catalina.startup.HostConfig.deployDirectories(HostConfig.java:867) at org.apache.catalina.startup.HostConfig.deployApps(HostConfig.java:474) at org.apache.catalina.startup.HostConfig.start(HostConfig.java:1122) at org.apache.catalina.startup.HostConfig.lifecycleEvent(HostConfig.java:310) at org.apache.catalina.util.LifecycleSupport.fireLifecycleEvent(LifecycleSupport.java:119) at org.apache.catalina.core.ContainerBase.start(ContainerBase.java:1021) at org.apache.catalina.core.StandardHost.start(StandardHost.java:718) at org.apache.catalina.core.ContainerBase.start(ContainerBase.java:1013) at org.apache.catalina.core.StandardEngine.start(StandardEngine.java:442) at org.apache.catalina.core.StandardService.start(StandardService.java:450) at org.apache.catalina.core.StandardServer.start(StandardServer.java:709) at org.apache.catalina.startup.Catalina.start(Catalina.java:551) at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method) at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:39) at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:25) at java.lang.reflect.Method.invoke(Method.java:585) at org.apache.catalina.startup.Bootstrap.start(Bootstrap.java:294) at org.apache.catalina.startup.Bootstrap.main(Bootstrap.java:432) Link to comment Share on other sites More sharing options...
swood Posted October 1, 2008 Share Posted October 1, 2008 This is an Acegi Security level issue.Can you show us your applicationContext-security.xml? ShermanJaspersoft Link to comment Share on other sites More sharing options...
Recommended Posts
Create an account or sign in to comment
You need to be a member in order to leave a comment
Create an account
Sign up for a new account in our community. It's easy!
Register a new accountSign in
Already have an account? Sign in here.
Sign In Now