Jump to content
We've recently updated our Privacy Statement, available here ×

Token Based authentication

emilly

By emilly
in Products

 Share
Go to solution Solved by elizam,

Recommended Posts

emilly Explorer

emilly

Posted
Posted

I am new to jasper. I have my web application(has credentials stored in say webAppDB) where i am planning to integrate Jasper server as Single Sign on(SSO). I am going through
Jasper Authentication cookbook..(http://community.jaspersoft.com/system/files/restricted-docs/jasperreportsserver-auth-cookbook_2.pdf)
and found  Token Based authentication can be a good option.



I have few doubts on this. Here are they :-



A) I will be passing the user name and role as part of request to to jasper server(JS) where it will validate the
credentials. My question is from which source JS will validate the credentials. (I mean as credentials are stored in webAppDB , how jasper server
will them)?


B) As per my understanding i need to create internal role along with predefined permissions at jasper server side where administrator will map the roles coming
from webApp with internal roles. Now when resquest is coming from webapp, jasper will get permissions thru External role >Internal Role > permission.
If valid permission is found, access will be given. Is that correct?
 

Link to comment
Share on other sites
  • Replies 3
  • Created
  • Last Reply

Top Posters In This Topic

Popular Days

Top Posters In This Topic

Popular Days

  • Solution
elizam Proficient

elizam

Posted
  • Solution
Posted

For token-based authentication, JRS does not do any authentication, it just takes the token as-is.  This is why it's important to encrypt and time-stamp the token.

You do not have to create internal roles if you do not want to. If a role does not exist, JRS creates it and flags it so it remembers it is an internal role.  However, if you have roles that are created from the external source, you have to "initialize" them before you can finish setting them - that is, you have to come up with a user that has that role and login for them.  Once someone with an external role has logged in, the administrator can see the role in JRS and set its permissions.  

You do also have the option to map to internal roles.

Once you have roles set up the way you want, then the user gets the permissions associated with whatever roles you assign.

Link to comment
Share on other sites
emilly Explorer

emilly

Posted
  • Author
Posted

You said "JRS does not do any authentication, it just takes the token as-is". I think you meant JRS does not do any authentication with any external system. But yes it does the authentication in way i.e if format of token received does not match with token format configured at jasper side, it does not authenticate the user. So its also a way of authentication.Right?

 

Link to comment
Share on other sites
  • 3 years later...

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now
 Share
Go to topic listing
×
×
  • Create New...

© 2024 Cloud Software Group,
Inc. All rights reserved.

Products

Explore