hussainian Posted December 19, 2009 Share Posted December 19, 2009 Hi!Currently I've an application where my own parameter form takes the interacts with the user and the values provided by the user are added to a url which redirects to jasperServer and the report is opened. I send the user name and password in the url in order to prevent the login screen and so that the url go directly to the report. But this thing seriously disturbs my own application's checks. Anyone can access any report by changing the url. The thing I want is that this login activity should be performed in my application and and once the report window, which is a popup, is closed, the session is closed from with in my application.The JavaScript call I make in order to call the report is like this:JavascriptContext.addJavascriptCall(FacesContext.getCurrentInstance(), "window.open('" + url + "', 'ReportWindow', " + "'scrollbars=yes,location=no,height=600,width=800,resizable=yes');");Any solutions/ideas please.Thanks. Link to comment Share on other sites More sharing options...
swood Posted December 20, 2009 Share Posted December 20, 2009 You need single sign on between your app and JasperServer, which can be done a variety of ways, including CAS. Or you could control the JasperServer screen in your app, intercepting and rewriting the HTML etc to stop users directly accessing JasperServer. ShermanJaspersoft Link to comment Share on other sites More sharing options...
hussainian Posted December 22, 2009 Author Share Posted December 22, 2009 Thanks Sherman.Can you please explain the second approach a bit more? Link to comment Share on other sites More sharing options...
swood Posted December 31, 2009 Share Posted December 31, 2009 With the second approach, you have logic in your application that does a HTTP request (with user and password) to JasperServer, to get the report content, and then you process the HTML that comes back to strip out elements you don't want and present the results to the user. Or you could use a web services call from your app to JasperServer and does essentially the same thing - send the request, process the result. In either case, your app controls the interaction. Also be aware that you can have security/permissions defined for reports in JasperServer so that users are restricted to a well defined set. ShermanJaspersoft Link to comment Share on other sites More sharing options...
Recommended Posts
Create an account or sign in to comment
You need to be a member in order to leave a comment
Create an account
Sign up for a new account in our community. It's easy!
Register a new accountSign in
Already have an account? Sign in here.
Sign In Now