[#9731] - Access deny over proxy

Category:
Bug report
Priority:
Normal
Status:
New
Project: Severity:
Minor
Resolution:
Open
Component: Reproducibility:
Always
Assigned to:
0

I use jasperreport serveur on tomcat6 (and 8) with ldap auth over local apache proxy on http with http://environnement.domain.local/jasperserver/

The proxy is on the localhost:8080 and all work well with http://environnement.domain.local:8080

I want to add internet gateway with https to give exeternal acces to jasperserveur. The domaine is external.domain.com.

The proxy is on an other server with Apache. the proxy url is https://external.domain.com/jasperserveur/ ==> http://environnement.domain.local:8080

I can open all report from url :
- http://environnement.domain.local/jasperserver/
- http://localhost:8080

But when is use https://external.domain.com/jasperserveur/
- login : work
- navigate on the tree : Work
- open, edit, create report : Access is denied

on the log i have an permission issue. But i don't understand why this permissions issue is not in the other access way?

2017-08-01 15:59:08,572 DEBUG MethodSecurityInterceptor,http-8080-14:194 - Secure object: ReflectiveMethodInvocation: public abstract com.jaspersoft.jasperserver.api.metadata.common.domain.Resource com.jaspersoft.jasperserver.api.metada$
2017-08-01 15:59:08,573 DEBUG MethodSecurityInterceptor,http-8080-14:310 - Previously Authenticated: org.springframework.security.authentication.UsernamePasswordAuthenticationToken@a988eed3: Principal: MetadataUserDetails: tlegay; Crede$
2017-08-01 15:59:08,574 DEBUG AffirmativeBased,http-8080-14:65 - Voter: org.springframework.security.access.vote.RoleVoter@3c9466c0, returned: 0
2017-08-01 15:59:08,575 DEBUG AffirmativeBased,http-8080-14:65 - Voter: org.springframework.security.acls.AclEntryVoter@74274d5, returned: 0
2017-08-01 15:59:08,576 DEBUG AffirmativeBased,http-8080-14:65 - Voter: org.springframework.security.acls.AclEntryVoter@379366fd, returned: 0
2017-08-01 15:59:08,577 DEBUG AffirmativeBased,http-8080-14:65 - Voter: org.springframework.security.acls.AclEntryVoter@25e6b714, returned: 0
2017-08-01 15:59:08,577 DEBUG ContextSensitiveAclEntryVoter,http-8080-14:102 - looked up perms for execute: [Lorg.springframework.security.acls.model.Permission;@1c4f4a10
2017-08-01 15:59:08,578 DEBUG ContextSensitiveAclEntryVoter,http-8080-14:112 - Effective permissions: [Lorg.springframework.security.acls.model.Permission;@1c4f4a10
2017-08-01 15:59:08,579 DEBUG ContextSensitiveAclEntryVoter,http-8080-14:114 - JasperServerPermission[...............................A=1]
2017-08-01 15:59:08,580 DEBUG ContextSensitiveAclEntryVoter,http-8080-14:114 - JasperServerPermission[..............................R.=2]
2017-08-01 15:59:08,581 DEBUG ContextSensitiveAclEntryVoter,http-8080-14:114 - JasperServerPermission[..........................X.....=32]
2017-08-01 15:59:08,582 DEBUG ContextSensitiveAclEntryVoter,http-8080-14:135 - calling getResource on %2FEtats_et_rapports%2FQualite%2FDashBoard_Qualit%C3%A9
2017-08-01 15:59:08,583 DEBUG Cache,http-8080-14:1973 - Cache: aclCache store hit for repo:%2FEtats_et_rapports%2FQualite%2FDashBoard_Qualit%C3%A9
2017-08-01 15:59:08,584 DEBUG ContextSensitiveAclEntryVoter,http-8080-14:184 - Voting to deny access - ACLs returned, but insufficient permissions for this principal
2017-08-01 15:59:08,585 DEBUG AffirmativeBased,http-8080-14:65 - Voter: com.jaspersoft.jasperserver.api.metadata.security.ContextSensitiveAclEntryVoter@5b4125ab, returned: -1

error web navigator :

org.springframework.security.access.AccessDeniedException: Access is denied at org.springframework.security.access.vote.AffirmativeBased.decide(AffirmativeBased.java:83) at org.springframework.security.access.intercept.AbstractSecurityInterceptor.beforeInvocation(AbstractSecurityInterceptor.java:206) at org.springframework.security.access.intercept.aopalliance.MethodSecurityInterceptor.invoke(MethodSecurityInterceptor.java:60) at org.springframework.aop.framework.ReflectiveMethodInvocation.proceed(ReflectiveMethodInvocation.java:172) at org.springframework.aop.framework.JdkDynamicAopProxy.invoke(JdkDynamicAopProxy.java:204) at com.sun.proxy.$Proxy586.getResource(Unknown Source) at com.jaspersoft.jasperserver.war.action.ResourceTypeMappingAction.doPreExecute(ResourceTypeMappingAction.java:61) at

v6.3
thomas_11's picture
Joined: Feb 24 2014 - 3:09am
Last seen: 3 years 9 months ago
Feedback