sergenz

Hi, I've installed JasperServer with the embedded Postgres database, which I note is running PostgreSQL 9.0.4. I'm now trying to configure JasperServer to use our production database which is on a different machine. The production database is running PostgreSQL 8.4.4. My method of 'migrating' the data, was to use pg_dump to dump the database and restore it on the new DB server. Then update the JasperServer config to point at the new database. I was wondering whether JasperServer 4.2.1 made use of any PostgreSQL 9 features and would not work with the previous version of PostgreSQL (8.4)? Or whether it was using a version of the JDBC driver which can only connect to PostgreSQL 9 or any other problems which might crop up. Thank you

What I found was that it didn't automatically pull all groups from AD, but rather when an AD authenticated user logs in, it creates a whole bunch of new Roles, based on all of the groups that the newly authenticated user is a member of. If the roles already exist (for example when another user, which is a member of the same groups logs in) I guess it sees that those roles already exist and merely associates it with the new user.

That's great! :) You're welcome

Ok, I've attached the full file. The relevant bits are: At the top of the file, enabling the LDAP authentication provider: <bean id="authenticationManager" class="org.springframework.security.providers.ProviderManager"> <property name="providers"> <list> <ref local="ldapAuthenticationProvider"/> <ref bean="${bean.daoAuthenticationProvider}"/> <ref bean="anonymousAuthenticationProvider"/> <!--ref local="jaasAuthenticationProvider"/--> </list> </property> </bean> And then the LDAP configuration sections: For LDAP authentication --> <bean id="ldapContextSource" class="org.springframework.security.ldap.DefaultSpringSecurityContextSource"> <constructor-arg value="ldap://dc1.company.internal:389"/> <!-- You may not need the next properties --> <property name="userDn"><value>CN=Jasper Ldap,OU=Resource,OU=Employees,DC=company,DC=internal</value></property> <property name="password"><value>password</value></property> </bean> <!-- For LDAP authentication This bean is not used by default --> <bean id="userSearch" class="org.springframework.security.ldap.search.FilterBasedLdapUserSearch"> <constructor-arg index="0"> <value>OU=Employees,DC=company,DC=internal</value> </constructor-arg> <constructor-arg index="1"> <value>(sAMAccountName={0})</value> </constructor-arg> <constructor-arg index="2"> <ref local="ldapContextSource" /> </constructor-arg> <property name="searchSubtree"> <value>true</value> </property> </bean> <!-- For LDAP authentication --> <bean id="ldapAuthenticationProvider" class="org.springframework.security.providers.ldap.LdapAuthenticationProvider"> <constructor-arg> <bean class="org.springframework.security.providers.ldap.authenticator.BindAuthenticator"> <constructor-arg><ref local="ldapContextSource"/></constructor-arg> <!-- -property name="userDnPatterns"><list><value>uid={0}</value></list></property- --> <property name="userSearch" ref="userSearch"/> </bean> </constructor-arg> <constructor-arg> <bean class="org.springframework.security.ldap.populator.DefaultLdapAuthoritiesPopulator"> <constructor-arg index="0"><ref local="ldapContextSource"/></constructor-arg> <constructor-arg index="1"><value>OU=Groups,OU=Employees,DC=company,DC=internal</value></constructor-arg> <property name="groupRoleAttribute"><value>cn</value></property> <!--<property name="groupSearchFilter"><value>(&(uniqueMember={0})(objectclass=groupofuniquenames))</value></property>--> <property name="searchSubtree"><value>true</value></property> </bean> </constructor-arg> </bean> Note that I created the "Jasper Ldap" user to be able to access AD in the first place (it doesn't allow anonymous access) and that in our setup we have an OU called "Employees" off of the domain. Your setup might be slightly different, in that you might have an OU called "People" and then "Employees" off of that (or you might call the OU "Workers" etc...), please adjust according to your setup.

Ok, managed to get it working, although the instructions I started off with were a bit crap. I ended up following this article: http://protocol7.com/archives/2006/07/16/acegi-security-system-and-active-directory-howto/ which made sense for me. The one thing to note is that in the article the "initialDirContextFactory" which is referred to is actually the bean with the id "ldapContextSource" in the configuration. Also, the properties "userDn" and "password" correspond to "managerDn" and "managerPassword" in the article. If you get stuck, doing a google search for "making acegi plugin work with ActiveDirectory" seems to return quite a few results. Good luck

I'm trying to setup Jasper Server to authenticate against AD as well. I am following the guide found at: http://jasperforge.org/plugins/mwiki/index.php/Jasperserver/AuthenticationConfiguration Will let you know how it goes.

The link to the wiki doesn't work anymore. New link is: http://jasperforge.org/plugins/mwiki/index.php/Jasperserver/AuthenticationConfiguration