gustafsf

Check out these files ..apache-tomcat/webapps/jasperserver/WEB-INF/jsp/modules/viewReport/ViewReport.jsp (input controls on-page form section) ..apache-tomcat/webapps/jasperserver/scripts/controls.report.js (applyInputValues function)

Robi, If you only need to customize the parameters, start off by making a copy of the DefaultParametersForm.jsp. Make the changes as needed, rename the file (you don't want to overwrite the DefaultParametersForm because all other reports will use this!) then copy to the WEB-INF/modules/inputControls (or another folder you designate). Now you can reference it in the optional jsp field under the edit controls and resources page from the server. Here is a very basic example of the code that was changed in the copy of the jsp, in order to display masked input for a specified input control. Note that the input control to be changed is refered to by name (not ideal if you want to reuse the custom jsp for other reports) and there are only a few changes required, such as changing the input type='password' . Take a look at the original DefaultParametersForm.jsp and you'll be able to compare the differences. Good luck! Code:<%-- ########## SINGLE_VALUE - CUSTOM PARAMETER ########## --%> <c:when test="${inputName == 'pass'}"> <%-- Single value : InputControl.TYPE_SINGLE_VALUE --%> <li class="leaf" id="jsCtrl_pass"> <c:choose> <c:when test="${control.dataType.localResource.type == 3 or control.dataType.localResource.type == 4}"> <c:set var="controlClass" value="picker"/> </c:when> <c:otherwise> <c:set var="controlClass" value="text"/> </c:otherwise> </c:choose> <label class="control input password" for="pass" title="Filter value"> <span class="wrap"> <js:inputControlLabel control="${wrapper}" messageSource="${messageSource}"/>: </span> <input type="password" name="<c:out value="${inputName}"/>" id="<c:out value="${inputName}"/>" value="<c:out value="${wrapper.formattedValue}"/>" <c:if test="${readOnly}">disabled</c:if> onchange="fireCascade('${requestScope.reportUnitObject.URI}','${wrapper.resourceUriPrefix}','${inputName}', ${control.type}, ${readOnly});"/> <c:if test="${wrapper.errorMessage != null}"> <c:set var="hasValueError" value="true"/> </c:if> <div id="error_${inputName}"></div> <span class="message warning"><c:out value="${wrapper.errorMessage}"/></span> </label> </li> <c:set var="initAggregate_2"> initAggregate('${wrapper.resourceUriPrefix}' ,'${inputName}', ${control.type}, ${readOnly}, '<spring:escapeBody javaScriptEscape="true">${wrapper.formattedValue}</spring:escapeBody>'); </c:set> <script> ${initAggregate_2} </script> <textarea name="_evalScript" class="hidden" style="display:none"> ${initAggregate_2} </textarea> </c:when> <%-- end custom parameters --%>

Have you given ROLE_ANONYMOUS access to the root folder?

Oops - you will need to add ROLE_ANONYMOUS to the /flow.html in the filterInvocationInterceptor bean in applicationContext-security.xml for the direct URL access to work.

If you do not want to pass in the userid/password in the URL I found with the CE 3.7.1 you do not need to change the anonymousProcessingFilter bean (if you do you will get a blank page when trying to access the server) just leave the setting as <property name="userAttribute"><value>anonymousUser,ROLE_ANONYMOUS</value></property> Other things to change to allow direct URL access include: adding ROLE_ANONYMOUS to the *= line in the flowVoter bean <bean id="flowVoter" class="com.jaspersoft.jasperserver.war.security.FlowRoleAccessVoter"> <property name="flowAccessAttribute" value="FLOW_ACCESS"/> <property name="flowDefinitionSource"> <value> repoAdminFlow=ROLE_ADMINISTRATOR userListFlow=ROLE_ADMINISTRATOR roleListFlow=ROLE_ADMINISTRATOR reportUnitFlow=ROLE_ADMINISTRATOR olapUnitFlow=ROLE_ADMINISTRATOR olapClientConnectionFlow=ROLE_ADMINISTRATOR mondrianXmlaSourceFlow=ROLE_ADMINISTRATOR editFolderFlow=ROLE_ADMINISTRATOR fileResourceFlow=ROLE_ADMINISTRATOR dataTypeFlow=ROLE_ADMINISTRATOR listOfValuesFlow=ROLE_ADMINISTRATOR queryFlow=ROLE_ADMINISTRATOR reportDataSourceFlow=ROLE_ADMINISTRATOR inputControlsFlow=ROLE_ADMINISTRATOR <!--objectPermissionToRoleFlow=ROLE_ADMINISTRATOR--> userEditFlow=ROLE_ADMINISTRATOR roleEditFlow=ROLE_ADMINISTRATOR queryReferenceFlow=ROLE_ADMINISTRATOR <!--objectPermissionToUserFlow=ROLE_ADMINISTRATOR--> searchFlow=ROLE_USER,ROLE_ADMINISTRATOR *=ROLE_ANONYMOUS,ROLE_USER,ROLE_ADMINISTRATOR </value> </property> Adding a value to the accessContext bean in applicationContext-events-logging.xml as described in this post jasperforge.org/plugins/espforum/view.php?group_id=112&forumid=102&topicid=71124 And finally granting Read Only privileges on the root folder for ROLE_ANONYMOUS.That should do it!

The fix is listed in another post, a simple change to the applicationContext-events-logging.xml file (if you have already made changes to the applicationContext-security.xml file as suggested earlier in this post). http://jasperforge.org/plugins/espforum/view.php?group_id=112&forumid=102&topicid=71124 As an aside, I was able to allow anonymousUser access to run reports through a direct URL by simply adding the userAuthorityService property to the applicationContext-events-logging.xml accessContext bean, giving read privileges on the root folder and only adding ROLE_ANONYMOUS (line 735) to the flowVoter bean in applicationContext-security.xml. No changes were needed to the anonymousProcessingFilter bean (lines 88-91) or the filterInvocationInterceptor bean (lines 337-364) in applicationContext-security.xml to get this to work with jasperserver 3.7.1.

You can easily create a variable with the Variable Expression field set to: Code:$P{JASPER_REPORT}.getName()