mboorshtein Posted May 22, 2013 Share Posted May 22, 2013 I am trying to deploy a 5.1 Jasper CP with an SSO system that generates a header that I want jasper to blindly accept. I want to use all of the internal users and roles, i just want to externalize authentication. In previous versions I configured the RequestHeaderPreAuthenticatedProcessingFilter from Spring, but the examples don't have this anymore. Any help would be greatly appreciated. ThanksMarc Link to comment Share on other sites More sharing options...
elizam Posted May 24, 2013 Share Posted May 24, 2013 The file samples/externalAuth-sample-config/sample-applicationContext-externalAuth-template.xml shows a simple configuration that authenticates using information in the header. You need to write your own customAuthenticationProvider and return a Spring Security userDetails class upon successful authentication. Link to comment Share on other sites More sharing options...
mboorshtein Posted May 24, 2013 Author Share Posted May 24, 2013 Thank you for the response, however I don't know how you can call a 141 line xml file with few comments AND having to write multiple java classes to trust a header (or getUserPrincipal) "simple". I'll try tackling this but "simple" isn't the word I'd use. I read the authentication "cookbook" as well, I didn't find it that much more useful to be honest. Thanks Marc Link to comment Share on other sites More sharing options...
marcos.ramos Posted June 3, 2013 Share Posted June 3, 2013 I agree. There's nothing simple about that. Plus, I believe there's a lack of documentation on that matter. The template is just that, a template. Not much information on how to implement authentication using the passed headers. The cookbook should go deeper with detailed examples on how to accomplish that. Regards, M Link to comment Share on other sites More sharing options...
marcos.ramos Posted June 5, 2013 Share Posted June 5, 2013 Hi. I'm having the same problem and I'll like to share with you what I've tried to try to get some pointers to solve the problem.I'm trying to integrate authentication with JasperServer (v5.1 here). There's an HTTP Header that contains the username.The username contained in the header must match the local jasperserver's username. Here are the files that I've modified. All in the /WEB-INF/ path inside /apache-tomcat/webapps/jasperserver/ applicationContext-security.xml +? + (...)[/code] js.sprint.properties+ bean.myAuthenticationFilter=myAuthenticationFilter+ bean.myPreAuthProvider=myPreAuthProvider[/code] my.auth.MyUserDetailsService.java package my.auth; import org.springframework.dao.DataAccessException; import org.springframework.security.GrantedAuthority; import org.springframework.security.GrantedAuthorityImpl; import org.springframework.security.userdetails.User; import org.springframework.security.userdetails.UserDetails; import org.springframework.security.userdetails.UserDetailsService; import org.springframework.security.userdetails.UsernameNotFoundException; public class MyUserDetailsService implements UserDetailsService { @Override public UserDetails loadUserByUsername(String username) throws UsernameNotFoundException, DataAccessException { final String DEFAULT_ROLE = "ROLE_USER"; // default user's role on jasperserver final String DEFAULT_PASSWORD = "ThisIsATest"; // default user's password on jasperserver UserDetails user = new User(username, // username DEFAULT_PASSWORD, // password true, // enabled? true, // accountNonExpired? true, // credentialsNonExpired? true, // accountNonLocked? new GrantedAuthority[]{ // granted authority new GrantedAuthorityImpl(DEFAULT_ROLE) } ); return user; } }[/code] Link to comment Share on other sites More sharing options...
Recommended Posts
Create an account or sign in to comment
You need to be a member in order to leave a comment
Create an account
Sign up for a new account in our community. It's easy!
Register a new accountSign in
Already have an account? Sign in here.
Sign In Now