mboorshtein Posted March 30, 2015 Share Posted March 30, 2015 The administration guide (https://community.jaspersoft.com/documentation/tibco-jasperreports-server-administrator-guide/v601/overview-security) mentions that "Container security (Tomcat, Jetty)" is supported but the authentication cookbook makes no mention of this (or siteminder which is also mentioned in the administration guide). I also can't find a wiki page on this. Are there any instructions on how to enable Jasper to use getUserPrincipal? ThanksMarc Link to comment Share on other sites More sharing options...
mboorshtein Posted March 30, 2015 Author Share Posted March 30, 2015 Ok, so after digging through the code and a considerable amount of trial and error I have a configuration that works with the standard spring header filter (I assume it would work with the j2ee filter as well. Create WEB-INF/applicationContext-externalAuth-preauth.xml with the following: <beans xmlns="http://www.springframework.org/schema/beans" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xsi:schemaLocation="http://www.springframework.org/schema/beans http://www.springframework.org/schema/beans/spring-beans-3.1.xsd"> <!-- marker disabling JIAuthenticationSynchronizer: pre-5.1 external auth config--> <alias name="${bean.authenticationProcessingFilter}" alias="proxyAuthenticationProcessingFilter"/> <bean id="proxyPreAuthenticatedProcessingFilter" class="org.springframework.security.web.authentication.preauth.RequestHeaderAuthenticationFilter"> <property name="principalRequestHeader" value="uid" /> <property name="authenticationManager" ref="preauthenticationManager" /> </bean> <bean id="preauthenticationManager" class="org.springframework.security.authentication.ProviderManager"> <constructor-arg name="providers"> <list> <ref bean="preauthAuthProvider"/> </list> </constructor-arg> </bean> <bean id="preauthAuthProvider" class="org.springframework.security.web.authentication.preauth.PreAuthenticatedAuthenticationProvider"> <property name="preAuthenticatedUserDetailsService"> <bean id="userDetailsServiceWrapper" class="org.springframework.security.core.userdetails.UserDetailsByNameServiceWrapper"> <property name="userDetailsService"><ref bean="${bean.internalUserAuthorityService}"/></property> </bean> </property> </bean></beans>[/code]Replace uid with the name of the header that contains the user's id. NOTE: this only will do SSO and assumes that the user already exists inside of your configuration. If the user doesn't exist I'm sure you'll get an error. Also, make sure that your accounts are NOT marked as external. Link to comment Share on other sites More sharing options...
Solution mboorshtein Posted March 30, 2015 Author Solution Share Posted March 30, 2015 Ok, so after digging through the code and a considerable amount of trial and error I have a configuration that works with the standard spring header filter (I assume it would work with the j2ee filter as well. Create WEB-INF/applicationContext-externalAuth-preauth.xml with the following:<beans xmlns="http://www.springframework.org/schema/beans" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xsi:schemaLocation="http://www.springframework.org/schema/beans http://www.springframework.org/schema/beans/spring-beans-3.1.xsd"> <!-- marker disabling JIAuthenticationSynchronizer: pre-5.1 external auth config--> <alias name="${bean.authenticationProcessingFilter}" alias="proxyAuthenticationProcessingFilter"/> <bean id="proxyPreAuthenticatedProcessingFilter" class="org.springframework.security.web.authentication.preauth.RequestHeaderAuthenticationFilter"> <property name="principalRequestHeader" value="uid" /> <property name="authenticationManager" ref="preauthenticationManager" /> </bean> <bean id="preauthenticationManager" class="org.springframework.security.authentication.ProviderManager"> <constructor-arg name="providers"> <list> <ref bean="preauthAuthProvider"/> </list> </constructor-arg> </bean> <bean id="preauthAuthProvider" class="org.springframework.security.web.authentication.preauth.PreAuthenticatedAuthenticationProvider"> <property name="preAuthenticatedUserDetailsService"> <bean id="userDetailsServiceWrapper" class="org.springframework.security.core.userdetails.UserDetailsByNameServiceWrapper"> <property name="userDetailsService"><ref bean="${bean.internalUserAuthorityService}"/></property> </bean> </property> </bean></beans>[/code]Replace uid with the name of the header that contains the user's id. NOTE: this only will do SSO and assumes that the user already exists inside of your configuration. If the user doesn't exist I'm sure you'll get an error. Also, make sure that your accounts are NOT marked as external. Link to comment Share on other sites More sharing options...
Recommended Posts
Create an account or sign in to comment
You need to be a member in order to leave a comment
Create an account
Sign up for a new account in our community. It's easy!
Register a new accountSign in
Already have an account? Sign in here.
Sign In Now