emilly Posted January 22, 2015 Posted January 22, 2015 I am new to jasper. I have my web application(has credentials stored in say webAppDB) where i am planning to integrate Jasper server as Single Sign on(SSO). I am going throughJasper Authentication cookbook..(http://community.jaspersoft.com/system/files/restricted-docs/jasperreportsserver-auth-cookbook_2.pdf)and found Token Based authentication can be a good option.I have few doubts on this. Here are they :-A) I will be passing the user name and role as part of request to to jasper server(JS) where it will validate thecredentials. My question is from which source JS will validate the credentials. (I mean as credentials are stored in webAppDB , how jasper serverwill them)?B) As per my understanding i need to create internal role along with predefined permissions at jasper server side where administrator will map the roles comingfrom webApp with internal roles. Now when resquest is coming from webapp, jasper will get permissions thru External role >Internal Role > permission.If valid permission is found, access will be given. Is that correct?
Solution elizam Posted January 23, 2015 Solution Posted January 23, 2015 For token-based authentication, JRS does not do any authentication, it just takes the token as-is. This is why it's important to encrypt and time-stamp the token.You do not have to create internal roles if you do not want to. If a role does not exist, JRS creates it and flags it so it remembers it is an internal role. However, if you have roles that are created from the external source, you have to "initialize" them before you can finish setting them - that is, you have to come up with a user that has that role and login for them. Once someone with an external role has logged in, the administrator can see the role in JRS and set its permissions. You do also have the option to map to internal roles.Once you have roles set up the way you want, then the user gets the permissions associated with whatever roles you assign.
emilly Posted January 24, 2015 Author Posted January 24, 2015 You said "JRS does not do any authentication, it just takes the token as-is". I think you meant JRS does not do any authentication with any external system. But yes it does the authentication in way i.e if format of token received does not match with token format configured at jasper side, it does not authenticate the user. So its also a way of authentication.Right?
mehulkatara Posted March 3, 2018 Posted March 3, 2018 Follow this link for Jasper Token Based Authenticationhttps://github.com/mehulkatara/Jasper-Token-based-Authentication
Recommended Posts
Create an account or sign in to comment
You need to be a member in order to leave a comment
Create an account
Sign up for a new account in our community. It's easy!
Register a new accountSign in
Already have an account? Sign in here.
Sign In Now