Jump to content

Go to solution Solved by elizam,

Recommended Posts

Hi all,

I recently upgraded from 5.5 to 6.0.1 (Community Edition), and now my role mappings don't work for externally authenticated users :-(.

The problem is not with the LDAP search - I can see the external roles in the user infromation pane - they are simply not mapping to the system roles.  In particular I have an external role - ROLE_REPORTING_ADMIN that I want to map to the ROLE_ADMINISTRATOR role in Jasper.  This worked fine under 5.5, but now in 6.0.1 it's broken.  If anyone has any ideas what's wrong with this config I'd be delighted to hear :-):

    <bean id="externalUserSetupProcessor" class="com.jaspersoft.jasperserver.api.security.externalAuth.processors.ExternalUserSetupProcessor" parent="abstractExternalProcessor">        <property name="userAuthorityService">            <ref bean="${bean.internalUserAuthorityService}"/>        </property>        <property name="defaultInternalRoles">            <list>                <value>ROLE_USER</value>            </list>        </property>        <property name="organizationRoleMap">            <map>                <entry>                    <key>                        <value>ROLE_REPORTING_ADMIN</value>                    </key>                    <value>ROLE_ADMINISTRATOR</value>                </entry>            </map>        </property>    </bean>[/code]

As a temporary workaround I've had to comment out the organizationRoleMap property entirely; this at least lets me set the ROLE_ADMINISTRATOR on the relevant user's statically from within JR.  (If I leave the organizationRoleMap config in place, every time the user logs in they lose ROLE_ADMINISTRATOR.)

Link to comment
Share on other sites

  • Replies 4
  • Created
  • Last Reply

Top Posters In This Topic

Top Posters In This Topic

  • Solution

I see a different class for the bean in the multi-tenant LDAP config sample file.  It looks like you may be using the single tenant config. This difference has been there for a while as far as I know, so I don't know if it will help.

 <bean id="mtExternalUserSetupProcessor" class="com.jaspersoft.jasperserver.multipleTenancy.security.externalAuth.processors.MTExternalUserSetupProcessor" parent="abstractExternalProcessor">
Link to comment
Share on other sites

  • 3 months later...

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now

  • Create New...