laurenthdl Posted September 17, 2012 Share Posted September 17, 2012 Hi,I created a new Role on a Jasper community Edition server ROLE_MYROLE. And added a test user which has that role only.I added one directory and some ressources in this directory and changed the permissions to enable the role ROLE_MYROLE to administer that directory.But when I log in as test, then the server shows Access denied.Are permissions enabled in Jasper Community Edition ? Is there a way to enable that ? Is there something to change in the configuration file in order to add custom permissions ? Should I restart the server in order to update the permission table in memory ? Link to comment Share on other sites More sharing options...
mrmangosir Posted September 17, 2012 Share Posted September 17, 2012 Hi,What current roles does that user now have and when you login as administrator (normally jasperadmin unless changed), can you click on that user and click "login as user". What that will do is to test if you can login as that user. Check that role has rights if the folder is a sub folder?Thanks Link to comment Share on other sites More sharing options...
laurenthdl Posted September 17, 2012 Author Share Posted September 17, 2012 What current roles does that user now have and when you login as administrator (normally jasperadmin unless changed), can you click on that user and click "login as user".It has only : ROLE_MYROLEWhen I click on login as user : I get Access denied.The folder is a sub folder. But user test has READ ONLY access to root directory and I tried administrator or READ ONLY access on a subfolder.Is there something to enable in the configuration files ? If so, what ? Link to comment Share on other sites More sharing options...
laurenthdl Posted September 17, 2012 Author Share Posted September 17, 2012 Hi, I have went through the configuration files and found :jasperserver/WEB-INF/applicationContext-security-web.xmlline 262 contains the code pasted belowThe roles there look quite "hardcoded".Is it there that I should add some other ROLES ?If so, and if I wnated to add a kind of a USER class declined into many subroles, could there be a way to add wildcards for roles ?Code: <value> CONVERT_URL_TO_LOWERCASE_BEFORE_COMPARISON PATTERN_TYPE_APACHE_ANT /login.html=ROLE_ANONYMOUS,ROLE_USER,ROLE_ADMINISTRATOR /logout.html=ROLE_ANONYMOUS,ROLE_USER,ROLE_ADMINISTRATOR,IS_AUTHENTICATED_FULLY /loginerror.html=ROLE_ANONYMOUS,ROLE_USER,ROLE_ADMINISTRATOR /error.html=ROLE_ANONYMOUS,ROLE_USER,ROLE_ADMINISTRATOR /exituser.html=ROLE_ANONYMOUS,ROLE_USER,ROLE_ADMINISTRATOR,IS_AUTHENTICATED_FULLY /home.html=ROLE_USER,ROLE_ADMINISTRATOR /flow.html=ROLE_USER,ROLE_ADMINISTRATOR /loginsuccess.html=ROLE_USER,ROLE_ADMINISTRATOR /listolapviews.html=ROLE_USER,ROLE_ADMINISTRATOR /fillparams.html=ROLE_USER,ROLE_ADMINISTRATOR /j_spring_switch_user*=ROLE_ADMINISTRATOR /fileview/**=ROLE_USER,ROLE_ADMINISTRATOR /olap/**=ROLE_USER,ROLE_ADMINISTRATOR /xmla=ROLE_USER,ROLE_ADMINISTRATOR /services/**=ROLE_USER,ROLE_ADMINISTRATOR /reportimage/**=ROLE_USER,ROLE_ADMINISTRATOR /jrpxml/**=ROLE_USER,ROLE_ADMINISTRATOR /heartbeatinfo.html=ROLE_USER,ROLE_ADMINISTRATOR /rest/**=ROLE_USER,ROLE_ADMINISTRATOR </value> Link to comment Share on other sites More sharing options...
mrmangosir Posted September 17, 2012 Share Posted September 17, 2012 So you have a user called "user", you assigned the role ROLE_MYROLE? If you login in what is the exact message? Like for example does it log in, but then show "Access Denied" or is it "Invalid credentials supplied" and never goes beyond the login? Lastly if you go to where your Jasper Server is installed ie. C:\Program Files\jasperreports-server-cp-4.7.0\ and go to apache-tomcat\logs. The log file stderr<todaysdate>.log, open that and check the last entry. What does it say? Link to comment Share on other sites More sharing options...
laurenthdl Posted September 17, 2012 Author Share Posted September 17, 2012 HiThanks for your answer.When I try, i actually log in.But then, I get "Accès refusé" that is "access denied" or "permission denied" with "Please Contact system administrator or connact with a user with appropriate permissions" (Sorry if translation is fuzzy, but messages are in French).and I have no stderr file.And catalina.out is quiet. maybe i should enable logger properties for acegi in the configuration.properties.But which properties are really important ? Got :log4j.logger.org.acegisecurity.intercept=DEBUG, stdout, fileoutlog4j.logger.org.acegisecurity.intercept.method=DEBUG, stdout, fileoutlog4j.logger.org.acegisecurity.intercept.web=DEBUG, stdout, fileoutlog4j.logger.org.acegisecurity.afterinvocation=DEBUG, stdout, fileoutlog4j.logger.org.acegisecurity.acl=DEBUG, stdout, fileoutlog4j.logger.org.acegisecurity.acl.basic=DEBUG, stdout, fileoutlog4j.logger.org.acegisecurity.taglibs.authz=DEBUG, stdout, fileoutlog4j.logger.org.acegisecurity.ui.basicauth=DEBUG, stdout, fileoutlog4j.logger.org.acegisecurity.ui.rememberme=DEBUG, stdout, fileoutlog4j.logger.org.acegisecurity.ui=DEBUG, stdout, fileoutlog4j.logger.org.acegisecurity.afterinvocation=DEBUG, stdout, fileoutlog4j.logger.org.acegisecurity.ui.rmi=DEBUG, stdout, fileoutlog4j.logger.org.acegisecurity.ui.httpinvoker=DEBUG, stdout, fileoutlog4j.logger.org.acegisecurity.util=DEBUG, stdout, fileoutlog4j.logger.org.acegisecurity.providers.dao=DEBUG, stdout, fileoutWhich are the most important to debug those ?, and where will the information get logged ? (I guess catalina.out file) Link to comment Share on other sites More sharing options...
laurenthdl Posted September 17, 2012 Author Share Posted September 17, 2012 HiI added some debug information.When trying to log in with test user :I get that error in catalina.out : 17 sept. 2012 17:23:24 org.apache.jasper.runtime.JspFactoryImpl internalGetPageContextGRAVE: Exception initializing page contextis there something to setup ? Link to comment Share on other sites More sharing options...
Recommended Posts
Create an account or sign in to comment
You need to be a member in order to leave a comment
Create an account
Sign up for a new account in our community. It's easy!
Register a new accountSign in
Already have an account? Sign in here.
Sign In Now