![](http://content.invisioncic.com/i328763/set_resources_3/84c1e40ea0e759e3f1505eb1788ddf3c_pattern.png)
ae3
-
Posts
7 -
Joined
-
Last visited
Content Type
Forum
Downloads
Featured Visualizations
Knowledge Base
Documentation (PDF Downloads)
Blog
Documentation (Test Area)
Documentation
Dr. Jaspersoft Webinar Series
Security Advisories
Events
Profiles
Posts posted by ae3
-
-
We had similiar problems and found a solution that works for our deployment:Apache2 with mod_proxy and SSL. Configuration in httpd.conf (SLES11):[...]Listen 443NameVirtualHost *:443<Virtual Host *:443>SSLEngine OnSSLCertificateFile /path/to/certSSLCertificateKeyFile /path/to/keyProxyRequests OffProxyPreserveHost OnProxyVia On<Proxy *>Order deny,allowDeny from allAllow from all</Proxy>ProxyPass /jasperserver http://192.168.xxx.xxx:8080/jasperserverProxyPassReverse /jasperserver http://192.168.xxx.xxx:8080/jasperserver</VirtualHost>JasperServer 4.5.1, Tomcat server.xml configuration:The solution was to add "scheme" and "proxyPort" attributes<Connector port="8888" protocol="HTTP/1.1"connectionTimeout="20000"redirectPort="8443"URIEncoding="UTF-8" scheme="https" proxyPort="443"/>
-
-
Not yet. I've opened a support case and it's still in process.
-
I've tried to set up an example security xml for the supermart domain as described in the tutorials. It does only work if I use static values in the filter expression. If I try to use groovy expressions for dynamic filtering I get following exception:
java.lang.ClassCastException: com.jaspersoft.commons.dataset.expr.GenericFunction at com.jaspersoft.commons.groovy.GroovyGenerator.outputList(GroovyGenerator.java:392) at com.jaspersoft.commons.groovy.GroovyGenerator.in(GroovyGenerator.java:334) at com.jaspersoft.commons.dataset.expr.ExpressionWalker.operator(ExpressionWalker.java:111) at com.jaspersoft.commons.groovy.GroovyGenerator.operator(GroovyGenerator.java:499) at com.jaspersoft.commons.dataset.expr.ExpressionWalker.walk(ExpressionWalker.java:50) at com.jaspersoft.commons.groovy.GroovyGenerator.getColumn(GroovyGenerator.java:110) at com.jaspersoft.commons.datarator.WorkingDataSet.getGroovyColumn(WorkingDataSet.java:166) at com.jaspersoft.commons.datarator.WorkingDataSet.applyFilterSortMax(WorkingDataSet.java:317) at com.jaspersoft.commons.datarator.WorkingDataSet.getIterator(WorkingDataSet.java:254) at com.jaspersoft.commons.datarator.jr.DataratorJRDataSource.<init>(DataratorJRDataSource.java:20)
The principalExpression works:
2010-02-03 09:37:45,506 DEBUG SemanticLayerSecurityResolverImpl,http-8888-6:521 - Evaluating JoinTree_1_List for resourceId: JoinTree_12010-02-03 09:37:45,553 DEBUG SemanticLayerSecurityResolverImpl,http-8888-6:528 - Evaluating authentication.getPrincipal().getAttributes().any{ it.getAttrName() in ['StoreNr'] }. got: true2010-02-03 09:37:45,553 DEBUG SemanticLayerSecurityResolverImpl,http-8888-6:534 - For new Created base grant list for : JoinTree_1_List - JoinTree_12010-02-03 09:37:45,553 DEBUG SemanticLayerSecurityResolverImpl,http-8888-6:536 - Adding grant: Jointree_1_row_access_grant_12010-02-03 09:37:45,553 DEBUG SemanticLayerSecurityResolverImpl,http-8888-6:542 - Setting grants for resourceId: JoinTree_1
Below is a snippet of the security xml file.
Code: Any suggestions to solve this problem? Do I anything wrong or is it a bug?
Thanks,
Andreas
Post Edited by ae3 at 02/03/2010 08:43 -
We're using an evaluation copy of JasperServer 3.0.
Though the ad-hoc menu item is visable, if an user with the ROLE_USER is logged in, it is not usable ! Clicking on it throws an org.acegisecurity.AccessDeniedException. This happened also with the demo user joeuser. I've tried to figure out the problem in applicationContext-security.xml but I was not successful.
Did anyone have a similar problem and ideas how to solve it?
Thanks in advance
Andreas
What is the purpose of the error UID?
in Products
Posted
It's an older question, but in case someone else is looking for it ...
The documentation at Hiding Stack Trace Messages describes how error messages should be issued based on user roles. In the example given here, the error is likely to have been caused by a standard user who, according to the configuration, does not have permission to see the error contents, e.g.
applicationContext-security.xml
In our case, an error occurred while running a report. The cause was a faulty template that caused an "Input controls validation failure". However, this error message was not written to the log file but only the error UID. We determined the cause by debugging.
So I wonder how an administrator in this case should analyze the problem using log files. Probably it would be helpful, the output of an error message (without stacktrace):
applicationContext-security.xml