Hi, I am new to the Jasper world and right now i am trying my hands on secutity in jasper server. I tried to change the file for SuperMart (demo database that comes with Jasper server) as per the example given in JS-Ultimate Guide. Following is the section of the file i changed. (added domain security for rows using Cities attribute) --------------------------------------------------------------------------------------------------------------------------------------------------------------------- <securityDefinition xmlns="http://www.jaspersoft.com/2007/SL/XMLSchema" version="1.0" itemGroupDefaultAccess="granted"> <resourceAccessGrants> <!-- Row level security --> <!-- What access do roles/users have to the rows in the resource? --> <resourceAccessGrantList id="sales_join_resource_access_grant" label="aLabel" resourceId="sales_join"> <resourceAccessGrants> <!-- This "join" will always be made when a query includes at least 1 item from this resource, even when the query does not include the related dataSet. <resourceAccessGrant id="sales_join_ROLE_SUPERMART_MANAGER_row_grant"> <principalExpression>authentication.getPrincipal().getRoles().any{ it.getRoleName() in ['ROLE_SUPERMART_MANAGER'] }</principalExpression> <filterExpression>store1.store_country in ('USA') and store1.store_state in ('CA')</filterExpression> </resourceAccessGrant> --> <!-- Following is the resourceAccessGrant I added form Ultimate Guide --> <resourceAccessGrant id="Jointree_1_row_access_grant_4"> <principalExpression><![CDATA[authentication.getPrincipal().getAttributes().any{it.getAttrName() in ['Cities']}]]> </principalExpression> <filterExpression>store1.store_city in (groovy('authentication.getPrincipal().getAttributes().find{ it.attrName == "Cities"}.attrValue')) </filterExpression> </resourceAccessGrant> ------------------------------------------------------------------------------------------------------------------------------------------------------- But when i try create an adhoc report get message stating : "No data was returned." To create the report i log in as the California User ( User that comes by default when i chose to install demo) California User has attributes : CaliforniaUserCalifornia User Assigned RolesROLE_SUPERMART_MANAGER, ROLE_USER Profile Attributes[state:CA], [Cities:San Francisco, Oakland, San Jose] This user is enabled. *** Can some one please let me know what i am missing here that might be causing the error?. This domins works fine with row level security using Roles e.g. ['ROLE_SUPERMART_MANAGER']*** Is there a way to evaluate principle expressions externally so that i can see there results without actually having to add the whole file and then using the security file... Thanks.Code:
