You can design standard reports to use column based security with the following features:
| [toc] |
Run-Time Examples using TIBCO JasperReports® Server
In the example below, four text fields and labels are configured to display only when the logged-in user's roles include ROLE_ADMINISTRATOR:
Here is the same report run by a user whose roles do not include ROLE_ADMINISTRATOR:
Quick View of the Layout in iReport
This is a brief look at a some of the field attributes in the iReport Designer. Column based security will be enforced at runtime when JasperServer matches the logged-in user's credentials with the LoggedInUsername and/or LoggedInUserRoles parameters.
Define the Parameter(s)
TIBCO JasperReports Server 3.7 and above include parameters that reference the logged-in user's credentials. The two most commonly used for column based security are:
- LoggedInUsername (class = java.lang.String)
- LoggedInUserRoles(class = java.util.Collection)
These parameters are built-in and known to JasperServer at runtime. However, you need to define them in the JRXML using iReport) in order to reference them in expressions.Note that case is important: the n is lower case in LoggedInUsername and the R is uppercase in LoggedInUserRoles.
Set Print When Expression Elements
Position the field you want to optionally display onto the report layout. With the field select click the ... button to the right of the Print When Expression element in the Properties box. Enter an expression that tests for a match on username or role. If the expression results in "true" the field will display; otherwise it will not display. Here are two examples:
Security based on user name (these are for Groovy as the report language):
($P{LoggedInUsername}.contains("jasperadmin"))
Security based on role:
$P{LoggedInUserRoles}.contains("ROLE_ADMINISTRATOR")
Do this for every field you wish to protect.
Removing Blank Space
Removing blank space only eliminates vertical space. Refer to "Removing Blank Space" in the JasperReports Ultimate Guide for specifics. To take advantage of this feature, select the field and click Remove Line When Blank in the Properties panel.
Report JRXML
- JasperReports Server Ultimate Guide - this is the finished JRXML file for this tutorial
See Also
- Designing Row-Based Security into Standard Reports - similar concept but using Attributes vs Roles and Rows vs Columns
- Built-in_Parameters_for_Logged_In_User - A list of all built-in paramters for Logged in Users
- Accessing_the_Logged_In_User_within_a_ Query-based_Input_Control - Query Based input controls with LoggedInUser
- Section 4.11.4 of the JasperReports Server Ultimate Guide: Built-in Parameters for Query-based Input Controls (pp 63-64, version 0311-JUG40-8)
Recommended Comments
There are no comments to display.
Create an account or sign in to comment
You need to be a member in order to leave a comment
Create an account
Sign up for a new account in our community. It's easy!
Register a new accountSign in
Already have an account? Sign in here.
Sign In Now