| Category: | Bug report |
Priority: | Normal |
Status: | New |
| Project: | Severity: | Minor |
Resolution: | Open |
|
| Component: | Reproducibility: | Always |
Assigned to: |
I use jasperreport serveur on tomcat6 (and 8) with ldap auth over local apache proxy on http with http://environnement.domain.local/jasperserver/
The proxy is on the localhost:8080 and all work well with http://environnement.domain.local:8080
I want to add internet gateway with https to give exeternal acces to jasperserveur. The domaine is external.domain.com.
The proxy is on an other server with Apache. the proxy url is https://external.domain.com/jasperserveur/ ==> http://environnement.domain.local:8080
I can open all report from url :
- http://environnement.domain.local/jasperserver/
- http://localhost:8080
But when is use https://external.domain.com/jasperserveur/
- login : work
- navigate on the tree : Work
- open, edit, create report : Access is denied
on the log i have an permission issue. But i don't understand why this permissions issue is not in the other access way?
2017-08-01 15:59:08,572 DEBUG MethodSecurityInterceptor,http-8080-14:194 - Secure object: ReflectiveMethodInvocation: public abstract com.jaspersoft.jasperserver.api.metadata.common.domain.Resource com.jaspersoft.jasperserver.api.metada$
2017-08-01 15:59:08,573 DEBUG MethodSecurityInterceptor,http-8080-14:310 - Previously Authenticated: org.springframework.security.authentication.UsernamePasswordAuthenticationToken@a988eed3: Principal: MetadataUserDetails: tlegay; Crede$
2017-08-01 15:59:08,574 DEBUG AffirmativeBased,http-8080-14:65 - Voter: org.springframework.security.access.vote.RoleVoter@3c9466c0, returned: 0
2017-08-01 15:59:08,575 DEBUG AffirmativeBased,http-8080-14:65 - Voter: org.springframework.security.acls.AclEntryVoter@74274d5, returned: 0
2017-08-01 15:59:08,576 DEBUG AffirmativeBased,http-8080-14:65 - Voter: org.springframework.security.acls.AclEntryVoter@379366fd, returned: 0
2017-08-01 15:59:08,577 DEBUG AffirmativeBased,http-8080-14:65 - Voter: org.springframework.security.acls.AclEntryVoter@25e6b714, returned: 0
2017-08-01 15:59:08,577 DEBUG ContextSensitiveAclEntryVoter,http-8080-14:102 - looked up perms for execute: [Lorg.springframework.security.acls.model.Permission;@1c4f4a10
2017-08-01 15:59:08,578 DEBUG ContextSensitiveAclEntryVoter,http-8080-14:112 - Effective permissions: [Lorg.springframework.security.acls.model.Permission;@1c4f4a10
2017-08-01 15:59:08,579 DEBUG ContextSensitiveAclEntryVoter,http-8080-14:114 - JasperServerPermission[...............................A=1]
2017-08-01 15:59:08,580 DEBUG ContextSensitiveAclEntryVoter,http-8080-14:114 - JasperServerPermission[..............................R.=2]
2017-08-01 15:59:08,581 DEBUG ContextSensitiveAclEntryVoter,http-8080-14:114 - JasperServerPermission[..........................X.....=32]
2017-08-01 15:59:08,582 DEBUG ContextSensitiveAclEntryVoter,http-8080-14:135 - calling getResource on %2FEtats_et_rapports%2FQualite%2FDashBoard_Qualit%C3%A9
2017-08-01 15:59:08,583 DEBUG Cache,http-8080-14:1973 - Cache: aclCache store hit for repo:%2FEtats_et_rapports%2FQualite%2FDashBoard_Qualit%C3%A9
2017-08-01 15:59:08,584 DEBUG ContextSensitiveAclEntryVoter,http-8080-14:184 - Voting to deny access - ACLs returned, but insufficient permissions for this principal
2017-08-01 15:59:08,585 DEBUG AffirmativeBased,http-8080-14:65 - Voter: com.jaspersoft.jasperserver.api.metadata.security.ContextSensitiveAclEntryVoter@5b4125ab, returned: -1
error web navigator :
org.springframework.security.access.AccessDeniedException: Access is denied at org.springframework.security.access.vote.AffirmativeBased.decide(AffirmativeBased.java:83) at org.springframework.security.access.intercept.AbstractSecurityInterceptor.beforeInvocation(AbstractSecurityInterceptor.java:206) at org.springframework.security.access.intercept.aopalliance.MethodSecurityInterceptor.invoke(MethodSecurityInterceptor.java:60) at org.springframework.aop.framework.ReflectiveMethodInvocation.proceed(ReflectiveMethodInvocation.java:172) at org.springframework.aop.framework.JdkDynamicAopProxy.invoke(JdkDynamicAopProxy.java:204) at com.sun.proxy.$Proxy586.getResource(Unknown Source) at com.jaspersoft.jasperserver.war.action.ResourceTypeMappingAction.doPreExecute(ResourceTypeMappingAction.java:61) at
