After you create your new domain, we are going to secure some information depending on users' roles. Business CaseHere are your company employees:
Create the above users and roles. Don't forget to assign roles to users. | [toc] |
![]() | ||
![]() | ![]() | ![]() |
Security Context
A domain security file contains item and resource access grants that specify the access to grant based on certain aspects of a user, such as roles. There are 2 types of domain security: row-level security and column-level security. A domain security file can contain both types.
Row-level security | Jasper and Repsaj are two store managers. Jasper is responsible of Los Angeles store and Repsaj is responsible of San Diego store. A row-level security displays users own rows, based on a profile attribute value. For this example, the profile attribute is the store city. |
Column-level security | Boss is a human ressources manager. Unlike store managers, Boss has access to personal datas of all employees. A column-level security grants access to some specific columns (eg: hire_date, salary) only for HR managers. |
Now let's create the domain security file for this business case.
Create the Security File
Here is the structure of a security file:
<securitydefinition itemgroupdefaultaccess="granted" version="1.0" xmlns="http://www.jaspersoft.com/2007/SL/XMLSchema"> <resourceaccessgrants> <!-- Row-Level Security rules --> </resourceaccessgrants> <itemgroupaccessgrants> <!-- Column-Level Security rules --> </itemgroupaccessgrants> </securitydefinition>
- A security file is just a simple XML document. You can use any text/XML editor (eg: notepad++ or XMLBuddy).
- It relies on the schema of your domain. Therefore, when creating the security file, it is useful to have your schema structure visible as a reference.
Row level security
- Row level security is defined in tags.
- This type of rule is mapped to or tags of a domain schema.
- Precisely, resourceId="JoinTree_1"> (security file) should match with id="JoinTree_1" ...> (domain schema). See Figure 5.
How to set up a Row-Level security
Column level security
- Column level security is defined in tags.
- This type of rule is mapped to tags of a domain schema.
- Precisely, itemGroupId="employee" ...> (security file) should match with id="employee" ...> (domain schema).
How to set up a Column-Level security
More On Domains
Creating A Domain
Domain Security
- Basic Domain Security File Example
- Defining a Domain Security File
Domain Designer
Search URL: Keywords: Domains
Recommended Comments
There are no comments to display.