ae3

We also had the error "Connection refused" on our Linux system, so that dashboards could not be exported either directly or via scheduling. In our case, only the entry for localhost was missing in /etc/hosts. After we added the entry, the export of the dashboards is working. # # Syntax: # # IP-Address Full-Qualified-Hostname Short-Hostname # 127.0.0.1 localhost

It's an older question, but in case someone else is looking for it ... The documentation at Hiding Stack Trace Messages describes how error messages should be issued based on user roles. In the example given here, the error is likely to have been caused by a standard user who, according to the configuration, does not have permission to see the error contents, e.g. applicationContext-security.xml <bean name="exceptionOutputManager" class="com.jaspersoft.jasperserver.api.common.error.handling.ExceptionOutputManagerImpl"> <property name="outputControlMap"> <map> <entry key="ERROR_UID"> <list> <value>ROLE_USER</value> </list> </entry> <entry key="STACKTRACE"> <list> <value>ROLE_SUPERUSER</value> </list> </entry> <entry key="MESSAGE"> <list> <value>ROLE_SUPERUSER</value> </list> </entry> </map> </property> </bean>[/code]In our case, an error occurred while running a report. The cause was a faulty template that caused an "Input controls validation failure". However, this error message was not written to the log file but only the error UID. We determined the cause by debugging. So I wonder how an administrator in this case should analyze the problem using log files. Probably it would be helpful, the output of an error message (without stacktrace): applicationContext-security.xml <bean name="exceptionOutputManager" class="com.jaspersoft.jasperserver.api.common.error.handling.ExceptionOutputManagerImpl"> <property name="outputControlMap"> <map> <entry key="ERROR_UID"> <list> <!--<value>ROLE_USER</value>--> </list> </entry> <entry key="STACKTRACE"> <list> <value>ROLE_SUPERUSER</value> </list> </entry> <entry key="MESSAGE"> <list> <value>ROLE_USER</value> <value>ROLE_SUPERUSER</value> </list> </entry> </map> </property> </bean>[/code]

We had similiar problems and found a solution that works for our deployment: Apache2 with mod_proxy and SSL. Configuration in httpd.conf (SLES11):[...]Listen 443NameVirtualHost *:443<Virtual Host *:443> SSLEngine On SSLCertificateFile /path/to/cert SSLCertificateKeyFile /path/to/key ProxyRequests Off ProxyPreserveHost On ProxyVia On <Proxy *> Order deny,allow Deny from all Allow from all </Proxy> ProxyPass /jasperserver http://192.168.xxx.xxx:8080/jasperserver ProxyPassReverse /jasperserver http://192.168.xxx.xxx:8080/jasperserver</VirtualHost> JasperServer 4.5.1, Tomcat server.xml configuration: The solution was to add "scheme" and "proxyPort" attributes <Connector port="8888" protocol="HTTP/1.1" connectionTimeout="20000" redirectPort="8443" URIEncoding="UTF-8" scheme="https" proxyPort="443"/>

removed

Not yet. I've opened a support case and it's still in process.

I've tried to set up an example security xml for the supermart domain as described in the tutorials. It does only work if I use static values in the filter expression. If I try to use groovy expressions for dynamic filtering I get following exception: java.lang.ClassCastException: com.jaspersoft.commons.dataset.expr.GenericFunction at com.jaspersoft.commons.groovy.GroovyGenerator.outputList(GroovyGenerator.java:392) at com.jaspersoft.commons.groovy.GroovyGenerator.in(GroovyGenerator.java:334) at com.jaspersoft.commons.dataset.expr.ExpressionWalker.operator(ExpressionWalker.java:111) at com.jaspersoft.commons.groovy.GroovyGenerator.operator(GroovyGenerator.java:499) at com.jaspersoft.commons.dataset.expr.ExpressionWalker.walk(ExpressionWalker.java:50) at com.jaspersoft.commons.groovy.GroovyGenerator.getColumn(GroovyGenerator.java:110) at com.jaspersoft.commons.datarator.WorkingDataSet.getGroovyColumn(WorkingDataSet.java:166) at com.jaspersoft.commons.datarator.WorkingDataSet.applyFilterSortMax(WorkingDataSet.java:317) at com.jaspersoft.commons.datarator.WorkingDataSet.getIterator(WorkingDataSet.java:254) at com.jaspersoft.commons.datarator.jr.DataratorJRDataSource.<init>(DataratorJRDataSource.java:20) The principalExpression works: 2010-02-03 09:37:45,506 DEBUG SemanticLayerSecurityResolverImpl,http-8888-6:521 - Evaluating JoinTree_1_List for resourceId: JoinTree_12010-02-03 09:37:45,553 DEBUG SemanticLayerSecurityResolverImpl,http-8888-6:528 - Evaluating authentication.getPrincipal().getAttributes().any{ it.getAttrName() in ['StoreNr'] }. got: true2010-02-03 09:37:45,553 DEBUG SemanticLayerSecurityResolverImpl,http-8888-6:534 - For new Created base grant list for : JoinTree_1_List - JoinTree_12010-02-03 09:37:45,553 DEBUG SemanticLayerSecurityResolverImpl,http-8888-6:536 - Adding grant: Jointree_1_row_access_grant_12010-02-03 09:37:45,553 DEBUG SemanticLayerSecurityResolverImpl,http-8888-6:542 - Setting grants for resourceId: JoinTree_1 Below is a snippet of the security xml file. Code: Any suggestions to solve this problem? Do I anything wrong or is it a bug? Thanks, Andreas Post Edited by ae3 at 02/03/2010 08:43

We're using an evaluation copy of JasperServer 3.0. Though the ad-hoc menu item is visable, if an user with the ROLE_USER is logged in, it is not usable ! Clicking on it throws an org.acegisecurity.AccessDeniedException. This happened also with the demo user joeuser. I've tried to figure out the problem in applicationContext-security.xml but I was not successful. Did anyone have a similar problem and ideas how to solve it? Thanks in advance Andreas