xin.zhang Posted April 16, 2015 Share Posted April 16, 2015 Hi all,I've tried the docs to implement restriction by Role and ORG but failed.ref: http://community.jaspersoft.com/documentation/tibco-jasperreports-server-ultimate-guide/v60/restricting-access-role-0 I'm running the paid instance v6.0.1 on AWS. I've tried both [js] and [authz] tags. None is working for me.<js:authorize ifAllGranted="ROLE_USER|kfc">...</js:authorize>[/code]<authz:authorize ifAllGranted="ROLE_USER|kfc">...</authz:authorize>[/code]However, if I remove the ORG part and only restrict by Role, that works for me.Is there anything I did wrong or it's a bug? Link to comment Share on other sites More sharing options...
marianol Posted April 16, 2015 Share Posted April 16, 2015 I will try to replicate this but a couple of questions to see if the problem is not in the Org/role setup.Is XYZ the Organization ID or the Organization Name? in the autz: tag you need to use OrganizationID not the name.Do you have a ROLE_USER created under Organization xyz? Remember that in JRS the Roles can be at the top level or ar the ORG level. The ROLE_USER that is already created by default in the repository is a top level role, not an organization level role.See the screenshot below (logged in as superuser)..You can see there that ROLE_NOUSER is an organzation level role (you can see the organization ID next to it); while ROLE_USER is a top level role ( i.e. no organization ID next to it) intherited by that Org Link to comment Share on other sites More sharing options...
xin.zhang Posted April 17, 2015 Author Share Posted April 17, 2015 Hi marianol, Thanks for your inputs. I got it there're two types of roles, one global and the other under certain orgs. Now I just tried create a new role under an org and it seems still not working.Steps to reproduce/verify:Create an org called "kfc";Create a role within "kfc" called "ROLE_USER_KFC";Put some testing html codes in dashboard within the authorize tags Login as jasperadmin under kfc;Still cannot see the testing codes created in step 3;Now change the above ifAllGranted value to "ROLE_USER" and I can see the testing codes.The above happens for both js and authz tags. Any thoughts on this? Link to comment Share on other sites More sharing options...
marianol Posted April 21, 2015 Share Posted April 21, 2015 Let me try to replicate this so i can look into it... it may be a bug. Link to comment Share on other sites More sharing options...
Recommended Posts
Create an account or sign in to comment
You need to be a member in order to leave a comment
Create an account
Sign up for a new account in our community. It's easy!
Register a new accountSign in
Already have an account? Sign in here.
Sign In Now