Jump to content

Container Security with Community Server 6.0.1?


mboorshtein
Go to solution Solved by mboorshtein,

Recommended Posts

The administration guide (https://community.jaspersoft.com/documentation/tibco-jasperreports-server-administrator-guide/v601/overview-security) mentions that "Container security (Tomcat, Jetty)" is supported but the authentication cookbook makes no mention of this (or siteminder which is also mentioned in the administration guide).  I also can't find a wiki page on this.  Are there any instructions on how to enable Jasper to use getUserPrincipal?  

Thanks

Marc

Link to comment
Share on other sites

  • Replies 2
  • Created
  • Last Reply

Top Posters In This Topic

Popular Days

Top Posters In This Topic

Ok, so after digging through the code and a considerable amount of trial and error I have a configuration that works with the standard spring header filter (I assume it would work with the j2ee filter as well.  Create WEB-INF/applicationContext-externalAuth-preauth.xml with the following:

 

<beans xmlns="http://www.springframework.org/schema/beans"       xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"       xsi:schemaLocation="http://www.springframework.org/schema/beans http://www.springframework.org/schema/beans/spring-beans-3.1.xsd">    <!-- marker disabling JIAuthenticationSynchronizer: pre-5.1 external auth config-->    <alias name="${bean.authenticationProcessingFilter}" alias="proxyAuthenticationProcessingFilter"/>    <bean id="proxyPreAuthenticatedProcessingFilter" class="org.springframework.security.web.authentication.preauth.RequestHeaderAuthenticationFilter">        <property name="principalRequestHeader" value="uid" />        <property name="authenticationManager" ref="preauthenticationManager" />    </bean>   <bean id="preauthenticationManager" class="org.springframework.security.authentication.ProviderManager">        <constructor-arg name="providers">            <list>                <ref bean="preauthAuthProvider"/>            </list>        </constructor-arg>    </bean>  <bean id="preauthAuthProvider" class="org.springframework.security.web.authentication.preauth.PreAuthenticatedAuthenticationProvider">    <property name="preAuthenticatedUserDetailsService">      <bean id="userDetailsServiceWrapper"          class="org.springframework.security.core.userdetails.UserDetailsByNameServiceWrapper">  <property name="userDetailsService"><ref bean="${bean.internalUserAuthorityService}"/></property>      </bean>    </property>    </bean></beans>[/code]

Replace uid with the name of the header that contains the user's id.  NOTE: this only will do SSO and assumes that the user already exists inside of your configuration.  If the user doesn't exist I'm sure you'll get an error.  Also, make sure that your accounts are NOT marked as external.

Link to comment
Share on other sites

  • Solution

Ok, so after digging through the code and a considerable amount of trial and error I have a configuration that works with the standard spring header filter (I assume it would work with the j2ee filter as well.  Create WEB-INF/applicationContext-externalAuth-preauth.xml with the following:

<beans xmlns="http://www.springframework.org/schema/beans"       xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"       xsi:schemaLocation="http://www.springframework.org/schema/beans http://www.springframework.org/schema/beans/spring-beans-3.1.xsd">    <!-- marker disabling JIAuthenticationSynchronizer: pre-5.1 external auth config-->    <alias name="${bean.authenticationProcessingFilter}" alias="proxyAuthenticationProcessingFilter"/>    <bean id="proxyPreAuthenticatedProcessingFilter" class="org.springframework.security.web.authentication.preauth.RequestHeaderAuthenticationFilter">        <property name="principalRequestHeader" value="uid" />        <property name="authenticationManager" ref="preauthenticationManager" />    </bean>   <bean id="preauthenticationManager" class="org.springframework.security.authentication.ProviderManager">        <constructor-arg name="providers">            <list>                <ref bean="preauthAuthProvider"/>            </list>        </constructor-arg>    </bean>  <bean id="preauthAuthProvider" class="org.springframework.security.web.authentication.preauth.PreAuthenticatedAuthenticationProvider">    <property name="preAuthenticatedUserDetailsService">      <bean id="userDetailsServiceWrapper"          class="org.springframework.security.core.userdetails.UserDetailsByNameServiceWrapper">  <property name="userDetailsService"><ref bean="${bean.internalUserAuthorityService}"/></property>      </bean>    </property>    </bean></beans>[/code]

Replace uid with the name of the header that contains the user's id.  NOTE: this only will do SSO and assumes that the user already exists inside of your configuration.  If the user doesn't exist I'm sure you'll get an error.  Also, make sure that your accounts are NOT marked as external.

 

 

Link to comment
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now

×
×
  • Create New...