Jump to content
We've recently updated our Privacy Statement, available here ×

Restricting Access by Role|ORG not working. V6

xin.zhang

By xin.zhang
in Products

 Share

Recommended Posts

xin.zhang Apprentice

xin.zhang

Posted
Posted

Hi all,

I've tried the docs to implement restriction by Role and ORG but failed.

ref: http://community.jaspersoft.com/documentation/tibco-jasperreports-server-ultimate-guide/v60/restricting-access-role-0

 

I'm running the paid instance v6.0.1 on AWS. I've tried both [js] and [authz] tags. None is working for me.

<js:authorize ifAllGranted="ROLE_USER|kfc">...</js:authorize>[/code]
<authz:authorize ifAllGranted="ROLE_USER|kfc">...</authz:authorize>[/code]

However, if I remove the ORG part and only restrict by Role, that works for me.

Is there anything I did wrong or it's a bug?

 

 

Link to comment
Share on other sites
  • Replies 3
  • Created
  • Last Reply

Top Posters In This Topic

Popular Days

Top Posters In This Topic

Popular Days

Posted Images

marianol Proficient

marianol

Posted
Posted

I will try to replicate this but a couple of questions to see if the problem is not in the Org/role setup.

Is XYZ the Organization ID or the Organization Name? in the autz: tag you need to use OrganizationID not the name.

Do you have a ROLE_USER created under Organization xyz? Remember that in JRS the Roles can be at the top level or ar the ORG level. The ROLE_USER that is already created by default in the repository is a top level role, not an organization level role.

See the screenshot below  (logged in as superuser)..
You can see there that ROLE_NOUSER is an organzation level role (you can see the organization ID next to it); while ROLE_USER is a top level role ( i.e. no organization ID next to it) intherited by that Org

Screenshot2015-04-1618_52_03.png.14f9ef290e3b0f659a717cc49e12d030.png

Link to comment
Share on other sites
xin.zhang Apprentice

xin.zhang

Posted
  • Author
Posted

Hi marianol, Thanks for your inputs. I got it there're two types of roles, one global and the other under certain orgs. Now I just tried create a new role under an org and it seems still not working.

Steps to reproduce/verify:

  1. Create an org called "kfc";
  2. Create a role within "kfc" called "ROLE_USER_KFC";
  3. Put some testing html codes in dashboard within the authorize tags 
  4. Login as jasperadmin under kfc;
  5. Still cannot see the testing codes created in step 3;
  6. Now change the above ifAllGranted value to "ROLE_USER" and I can see the testing codes.

The above happens for both js and authz tags. Any thoughts on this?

Link to comment
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now
 Share
Go to topic listing
×
×
  • Create New...

© 2024 Cloud Software Group,
Inc. All rights reserved.

Products

Explore